| Source | Azure Portal | |||||||||
| Display name | Kubernetes clusters should minimize wildcard use in role and cluster role | |||||||||
| Id | ca8d5704-aa2b-40cf-b110-dc19052825ad | |||||||||
| Version | 1.1.0 Details on versioning |
|||||||||
| Versioning |
Versions supported for Versioning: 2 1.0.0 1.1.0 Built-in Versioning [Preview] |
|||||||||
| Category | Kubernetes Microsoft Learn |
|||||||||
| Description | Using wildcards '*' can be a security risk because it grants broad permissions that may not be necessary for a specific role. If a role has too many permissions, it could potentially be abused by an attacker or compromised user to gain unauthorized access to resources in the cluster. | |||||||||
| Mode | Microsoft.Kubernetes.Data | |||||||||
| Type | BuiltIn | |||||||||
| Preview | False | |||||||||
| Deprecated | False | |||||||||
| Effect | Default Audit Allowed Audit, Disabled |
|||||||||
| RBAC role(s) | none | |||||||||
| Rule aliases | none | |||||||||
| Rule resource types | IF (1) Microsoft.ContainerService/managedClusters |
|||||||||
| Compliance | Not a Compliance control | |||||||||
| Initiatives usage | none | |||||||||
| History |
|
|||||||||
| JSON compare |
compare mode:
version left:
version right:
|
|||||||||
| JSON |
|