AzPolicyAdvertizer

last sync: 2025-Oct-31 18:22:59 UTC

Kubernetes cluster container images should not include latest image tag

Azure BuiltIn Policy definition

Source Azure Portal
Display name Kubernetes cluster container images should not include latest image tag
Id 021f8078-41a0-40e6-81b6-c6597da9f3ee
Version 2.0.1
Details on versioning
Versioning Versions supported for Versioning: 4
2.0.1
2.0.0-preview
1.1.0-preview
1.0.0-preview
Built-in Versioning [Preview]
Category Kubernetes
Microsoft Learn
Description Requires that container images do not use the latest tag in Kubernetes, it is a best practice to ensure reproducibility, prevent unintended updates, and facilitate easier debugging and rollbacks by using explicit and versioned container images.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '2.0.1'
Repository: Azure-Policy 021f8078-41a0-40e6-81b6-c6597da9f3ee
Mode Microsoft.Kubernetes.Data
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
Deployment safeguards should help guide developers towards AKS recommended best practices c047ea8e-9c78-49b2-958b-37e56d291a44 Kubernetes GA BuiltIn true
History
Date/Time (UTC ymd) (i) Change type Change detail
2025-09-15 17:23:08 change Patch, old suffix: preview (2.0.0-preview > 2.0.1)
2025-04-22 16:46:02 change Major, suffix remains equal (1.1.0-preview > 2.0.0-preview)
2024-08-09 18:17:47 change Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview)
2024-04-08 17:52:20 add 021f8078-41a0-40e6-81b6-c6597da9f3ee
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC