AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Kubernetes cluster Windows containers should not run as ContainerAdministrator

Azure BuiltIn Policy definition

Source Azure Portal
Display name Kubernetes cluster Windows containers should not run as ContainerAdministrator
Id 5485eac0-7e8f-4964-998b-a44f4f0c1e75
Version 1.2.0
Details on versioning
Versioning Versions supported for Versioning: 2
1.1.0
1.2.0
Built-in Versioning [Preview]
Category Kubernetes
Microsoft Learn
Description Prevent usage of ContainerAdministrator as the user to execute the container processes for Windows pods or containers. This recommendation is intended to improve the security of Windows nodes. For more information, see https://kubernetes.io/docs/concepts/windows/intro/ .
Mode Microsoft.Kubernetes.Data
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.ContainerService/managedClusters
Microsoft.Kubernetes/connectedClusters
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
Enforce recommended guardrails for Kubernetes Enforce-Guardrails-Kubernetes Kubernetes GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-08-09 18:17:47 change Minor (1.1.0 > 1.2.0)
2023-05-01 17:41:52 change Minor (1.0.0 > 1.1.0)
2022-10-28 16:42:53 add 5485eac0-7e8f-4964-998b-a44f4f0c1e75
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC