AKS does not use Azure policies add-on

Description

Azure Policy Add-on for AKS extends Gatekeeper v3, an admission controller webhook for Open Policy Agent (OPA), to apply at-scale enforcements and safeguards on your clusters in a centralized, consistent manner.

Code Example

resource "azurerm_kubernetes_cluster" "example" {
                  ...
+                  addon_profile {
+                    azure_policy {
+                      enabled = true
                    }
                  }         
                }

Remediation

Terraform

Resource: azurerm_kubernetes_cluster
Arguments: addon_profile.azure_policy.enabled

Rule Details

Field	Value
ID	IAC-0623
Severity	LOW
IaC Type	Terraform
Frameworks	Terraform, TerraformPlan
Checkov ID	CKV_AZURE_116

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

AKS does not use Azure policies add-on

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

AKS does not use Azure policies add-on ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

AKS does not use Azure policies add-on

Description

Code Example

Remediation

Rule Details

References