AzPolicyAdvertizer

last sync: 2025-Oct-31 18:22:59 UTC

[Image Integrity] Kubernetes clusters should only use images signed by notation

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

[Image Integrity] Kubernetes clusters should only use images signed by notation

cf426bb8-b320-4321-8545-1b784a5df3a4

Version

1.1.0-preview
Details on versioning

Versioning

Versions supported for Versioning: 2
1.1.0-preview
1.0.0-preview
Built-in Versioning [Preview]

Category

Kubernetes
Microsoft Learn

Description

Use images signed by notation to ensure that images come from trusted sources and will not be maliciously modified. For more info, visit https://aka.ms/aks/image-integrity

Cloud environments

AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown

Available in AzUSGov

The Policy is available in AzureUSGovernment cloud. Version: '1.0.0-preview'
Repository: Azure-Policy cf426bb8-b320-4321-8545-1b784a5df3a4

Mode

Microsoft.Kubernetes.Data

Type

BuiltIn

Preview

True

Deprecated

False

Effect

Default
Audit
Allowed
Audit, Disabled

RBAC role(s)

none

Rule aliases

none

Rule resource types

IF (1)

Microsoft.ContainerService/managedClusters

Compliance

Not a Compliance control

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type	polSet in AzUSGov
[Preview]: Use Image Integrity to ensure only trusted images are deployed	af28bf8b-c669-4dd3-9137-1e68fdc61bd6	Kubernetes	Preview	BuiltIn	true

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2024-08-09 18:17:47	change	Minor, suffix remains equal (1.0.0-preview > 1.1.0-preview)
2023-08-22 17:59:24	add	cf426bb8-b320-4321-8545-1b784a5df3a4

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC