AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

[Preview]: Managed Identity Federated Credentials from Azure Kubernetes should be from trusted sources

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

[Preview]: Managed Identity Federated Credentials from Azure Kubernetes should be from trusted sources

ae62c456-33de-4dc8-b100-7ce9028a7d99

Version

1.0.0-preview
Details on versioning

Versioning

Versions supported for Versioning: 1
1.0.0-preview
Built-in Versioning [Preview]

Category

Managed Identity
Microsoft Learn

Description

This policy limits federeation with Azure Kubernetes clusters to only clusters from approved tenants, approved regions, and a specific exception list of additional clusters.

Mode

All

Type

BuiltIn

Preview

True

Deprecated

False

Effect

Default
Audit
Allowed
Audit, Disabled, Deny

RBAC role(s)

none

Rule aliases

IF (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials/issuer	Microsoft.ManagedIdentity	userAssignedIdentities/federatedIdentityCredentials	properties.issuer	True		False

Rule resource types

IF (1)
Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials

Compliance

Not a Compliance control

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Preview]: Managed Identity Federated Credentials should be of approved types from approved federation sources	5e4ee281-95a3-442a-bb2a-5ef68cf5181a	Managed Identity	Preview	BuiltIn

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2023-04-06 17:42:16	add	ae62c456-33de-4dc8-b100-7ce9028a7d99

JSON compare

n/a

JSON

api-version=2021-06-01
EPAC