AzPolicyAdvertizer

last sync: 2024-Sep-19 17:51:32 UTC

Configure Node OS Auto upgrade on Azure Kubernetes Cluster

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Configure Node OS Auto upgrade on Azure Kubernetes Cluster

40f1aee2-4db4-4b74-acb1-c6972e24cca8

Version

1.0.1
Details on versioning

Versioning

Versions supported for Versioning: 1
1.0.1
Built-in Versioning [Preview]

Category

Kubernetes
Microsoft Learn

Description

Use Node OS auto-upgrade to control node-level OS security updates of Azure Kubernetes Service (AKS) clusters. For more info, visit https://learn.microsoft.com/en-us/azure/aks/auto-upgrade-node-image.

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Azure Kubernetes Service Contributor Role	ed7f3fbd-7b88-4dd4-9017-9adb7ce333f8
Azure Kubernetes Service Policy Add-on Deployment	18ed5180-3e48-46fd-8541-4ea054d57064

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.ContainerService/managedClusters/autoUpgradeProfile.nodeOSUpgradeChannel	Microsoft.ContainerService	managedClusters	properties.autoUpgradeProfile.nodeOSUpgradeChannel	True		False

Rule resource types

IF (1)
Microsoft.ContainerService/managedClusters
THEN-Deployment (2)
Microsoft.ContainerService/managedClusters
Microsoft.Resources/deployments

Compliance

Not a Compliance control

Initiatives usage

none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-10-31 19:02:40	change	Patch (1.0.0 > 1.0.1)
2023-09-22 17:59:46	add	40f1aee2-4db4-4b74-acb1-c6972e24cca8

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC