last sync: 2024-Nov-25 18:54:43 UTC

Kubernetes cluster pod security baseline standards for Linux-based workloads

Azure BuiltIn Policy Initiative (PolicySet)

Source Azure Portal
Display nameKubernetes cluster pod security baseline standards for Linux-based workloads
Ida8640138-9b0a-4a28-b8cb-1666c838647d
Version1.4.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.4.0
Built-in Versioning [Preview]
CategoryKubernetes
Microsoft Learn
DescriptionThis initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc.
TypeBuiltIn
DeprecatedFalse
PreviewFalse
Policy count Total Policies: 5
Builtin Policies: 5
Static Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect Roles# Roles State
Kubernetes cluster containers should not share host process ID or host IPC namespace 47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8 Kubernetes Default
Audit
Allowed
audit, Audit, deny, Deny, disabled, Disabled
0 GA
Kubernetes cluster containers should only use allowed capabilities c26596ff-4d70-4e6a-9a30-c2506bd2f80c Kubernetes Default
Audit
Allowed
audit, Audit, deny, Deny, disabled, Disabled
0 GA
Kubernetes cluster pod hostPath volumes should only use allowed host paths 098fc59e-46c7-4d99-9b16-64990e543d75 Kubernetes Default
Audit
Allowed
audit, Audit, deny, Deny, disabled, Disabled
0 GA
Kubernetes cluster pods should only use approved host network and port range 82985f06-dc18-4a48-bc1c-b9f4f0098cfe Kubernetes Default
Audit
Allowed
audit, Audit, deny, Deny, disabled, Disabled
0 GA
Kubernetes cluster should not allow privileged containers 95edb821-ddaf-4404-9732-666045e056b4 Kubernetes Default
Deny
Allowed
audit, Audit, deny, Deny, disabled, Disabled
0 GA
Roles used No Roles used
History
Date/Time (UTC ymd) (i) Changes
2023-10-30 19:02:13 Version change: '1.3.0' to '1.4.0'
2023-05-04 17:45:12 Version change: '1.2.1' to '1.3.0'
2022-09-27 16:35:21 Version change: '1.2.0' to '1.2.1'
2022-09-21 16:34:39 Description change: 'This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for AKS Engine and Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc.' to 'This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc.'
2022-05-19 16:30:35 Version change: '1.1.1' to '1.2.0'
2020-10-13 13:23:38 Description change: 'This initiative includes the policies for the Kubernetes cluster pod security baseline standards. For instructions on using this policy, visit https://aka.ms/kubepolicydoc.' to 'This initiative includes the policies for the Kubernetes cluster pod security baseline standards. This policy is generally available for Kubernetes Service (AKS), and preview for AKS Engine and Azure Arc enabled Kubernetes. For instructions on using this policy, visit https://aka.ms/kubepolicydoc.'
2020-09-15 14:06:41 Name change: '[Preview]: Kubernetes cluster pod security baseline standards for Linux-based workloads' to 'Kubernetes cluster pod security baseline standards for Linux-based workloads'
2020-07-08 14:28:36 add Initiative a8640138-9b0a-4a28-b8cb-1666c838647d
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC