AzPolicyAdvertizer

last sync: 2025-Oct-31 18:22:59 UTC

Sets automountServiceAccountToken in the Pod spec in containers to false.

Azure BuiltIn Policy definition

Source Azure Portal
Display name Sets automountServiceAccountToken in the Pod spec in containers to false.
Id 57f274ef-580a-4ed2-bcf8-5c6fa3775253
Version 1.2.1
Details on versioning
Versioning Versions supported for Versioning: 4
1.2.1
1.2.0-preview
1.1.0-preview
1.0.0-preview
Built-in Versioning [Preview]
Category Kubernetes
Microsoft Learn
Description Setting automountServiceAccountToken to false increases security by avoiding the default auto-mounting of service account tokens
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '1.1.0'
Repository: Azure-Policy 57f274ef-580a-4ed2-bcf8-5c6fa3775253
Mode Microsoft.Kubernetes.Data
Type BuiltIn
Preview False
Deprecated False
Effect Default
Mutate
Allowed
Mutate, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2025-08-28 17:22:58 change Patch, old suffix: preview (1.2.0-preview > 1.2.1)
2025-04-22 16:46:02 change Minor, suffix remains equal (1.1.0-preview > 1.2.0-preview)
2024-08-09 18:17:47 change Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview)
2024-07-09 18:20:14 add 57f274ef-580a-4ed2-bcf8-5c6fa3775253
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC