last sync: 2023-Sep-29 17:58:50 UTC

Azure Policy Initiative (PolicySet)

[Preview]: AKS Guardrails should help guide developers towards AKS recommended best practices

Source Azure Portal
Display name[Preview]: AKS Guardrails should help guide developers towards AKS recommended best practices
Idc047ea8e-9c78-49b2-958b-37e56d291a44
Version1.1.1-preview
details on versioning
CategoryKubernetes
Microsoft docs
DescriptionA collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use AKS Guardrails to assign this policy initiative: https://aka.ms/aks/guardrails.
TypeBuiltIn
DeprecatedFalse
PreviewTrue
Policy count Total Policies: 7
Builtin Policies: 7
Static Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect Roles# Roles State
[Preview]: Cannot Edit Individual Nodes 53a4a537-990c-495a-92e0-7c21a465442c Kubernetes Default
Audit
Allowed
Audit, Deny, Disabled
0 Preview
[Preview]: Must Have Anti Affinity Rules Set 34c88cd4-5d72-4dbb-bf77-12c3cafe8791 Kubernetes Default
Audit
Allowed
Audit, Deny, Disabled
0 Preview
[Preview]: No AKS Specific Labels a22123bd-b9da-4c86-9424-24903e91fd55 Kubernetes Default
Audit
Allowed
Audit, Deny, Disabled
0 Preview
[Preview]: Reserved System Pool Taints 48940d92-ff05-449e-9111-e742d9280451 Kubernetes Default
Audit
Allowed
Audit, Deny, Disabled
0 Preview
Ensure cluster containers have readiness or liveness probes configured b1a9997f-2883-4f12-bdff-2280f99b5915 Kubernetes Default
Audit
Allowed
Audit, Deny, Disabled
0 GA
Kubernetes cluster containers CPU and memory resource limits should not exceed the specified limits e345eecc-fa47-480f-9e88-67dcc122b164 Kubernetes Default
Deny
Allowed
audit, Audit, deny, Deny, disabled, Disabled
0 GA
Kubernetes cluster containers should only use allowed images febd0533-8e55-448f-b837-bd0e06f16469 Kubernetes Default
Deny
Allowed
audit, Audit, deny, Deny, disabled, Disabled
0 GA
Roles used No Roles used
History
Date/Time (UTC ymd) (i) Changes
2023-07-28 20:08:16 Version change: '1.1.0-preview' to '1.1.1-preview'
2023-07-24 17:56:15 Description change: 'A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service' to 'A collection of Kubernetes best practices that are recommended by Azure Kubernetes Service (AKS). For the best experience, use AKS Guardrails to assign this policy initiative: https://aka.ms/aks/guardrails.'
2023-06-08 17:46:29 Version change: '1.0.0-preview' to '1.1.0-preview'
2023-05-10 17:45:01 add Initiative c047ea8e-9c78-49b2-958b-37e56d291a44
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01