last sync: 2024-May-24 18:02:49 UTC

Azure Kubernetes Service Policy Add-on Deployment

Azure BuiltIn RBAC Role definition

NameAzure Kubernetes Service Policy Add-on Deployment
DescriptionDeploy the Azure Policy add-on on Azure Kubernetes Service clusters
CreatedOn2022-02-07 20:51:48 UTC
UpdatedOn2022-03-15 23:34:13 UTC
Date/Time (UTC ymd) (i) Change Change detail
2022-03-16 17:58:57 change: Actions Actions: 'add Microsoft.Compute/diskEncryptionSets/read; add Microsoft.Compute/proximityPlacementGroups/write'
2022-02-10 17:19:06 change: Actions Actions: 'add Microsoft.Network/virtualNetworks/subnets/join/action; add Microsoft.Network/publicIPPrefixes/join/action; add Microsoft.Network/publicIPAddresses/join/action'
2022-02-08 18:24:32 add: Role 18ed5180-3e48-46fd-8541-4ea054d57064
Permissions summary Effective control plane and data plane operations: 14 (unique operations)
•action: 7
•delete: 1
•read: 4
•write: 2

Actions: 6
Resolved control plane operations from Actions: 14
Effective control plane operations: 14
•action: 7
•delete: 1
•read: 4
•write: 2

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 15636

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3160
Operation Description
Microsoft.Compute/diskEncryptionSets/readGet the properties of a disk encryption set
Microsoft.Compute/proximityPlacementGroups/writeCreates a new Proximity Placement Group or updates an existing one
Microsoft.Network/publicIPAddresses/join/actionJoins a public ip address. Not Alertable.
Microsoft.Network/publicIPPrefixes/join/actionJoins a PublicIPPrefix. Not alertable.
Microsoft.Network/virtualNetworks/subnets/join/actionJoins a virtual network. Not Alertable.
Microsoft.Resources/deployments/*wildcarded / no description
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy
Policy DisplayName Policy Id Category State
[Preview]: Deploy Image Integrity on Azure Kubernetes Service 5dc99dae-cfb2-42cc-8762-9aae02b74e27 Kubernetes GA
Configure Microsoft Entra ID integrated Azure Kubernetes Service Clusters with required Admin Group Access 36a27de4-199b-40fb-b336-945a8475d6c5 Kubernetes GA
Configure Node OS Auto upgrade on Azure Kubernetes Cluster 40f1aee2-4db4-4b74-acb1-c6972e24cca8 Kubernetes GA
Deploy Azure Policy Add-on to Azure Kubernetes Service clusters a8eff44f-8c92-45c3-a3fb-9880802d67a7 Kubernetes GA
Deploy Image Cleaner on Azure Kubernetes Service 7e49285c-4bed-4564-b26a-5225ccc311f3 Kubernetes GA
Disable Command Invoke on Azure Kubernetes Service clusters 1b708b0a-3380-40e9-8b79-821f9fa224cc Kubernetes GA
Condition none