AzPolicyAdvertizer

last sync: 2025-Oct-31 18:22:59 UTC

Kubernetes cluster pods and containers should follow SELinux security standards

Azure BuiltIn Policy definition

Source Azure Portal
Display name Kubernetes cluster pods and containers should follow SELinux security standards
Id e1e6c427-07d9-46ab-9689-bfa85431e636
Version 8.0.0
Details on versioning
Versioning Versions supported for Versioning: 3
8.0.0
7.2.0
7.1.1
Built-in Versioning [Preview]
Category Kubernetes
Microsoft Learn
Description This policy enforces Kubernetes Pod Security Standards for SELinux options. Under PSS mode, 'user' and 'role' fields must be empty, and 'type' field must be one of the allowed values. For more information, see https://aka.ms/kubepolicydoc.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '9.0.0'
Repository: Azure-Policy e1e6c427-07d9-46ab-9689-bfa85431e636
Mode Microsoft.Kubernetes.Data
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
Deployment safeguards should help guide developers towards AKS recommended best practices c047ea8e-9c78-49b2-958b-37e56d291a44 Kubernetes GA BuiltIn true
History
Date/Time (UTC ymd) (i) Change type Change detail
2025-10-06 17:22:59 change Major (7.2.0 > 8.0.0)
2024-08-09 18:17:47 change Minor (7.1.1 > 7.2.0)
2023-06-26 17:52:13 change Patch (7.1.0 > 7.1.1)
2023-05-01 17:41:52 change Minor (7.0.1 > 7.1.0)
2022-10-21 16:42:13 change Patch (7.0.0 > 7.0.1)
2022-09-19 17:41:40 change Major (6.0.2 > 7.0.0)
2022-06-17 16:31:08 change Patch (6.0.1 > 6.0.2)
2022-06-07 16:30:19 change Patch (6.0.0 > 6.0.1)
2022-05-27 20:20:35 change Major (5.2.0 > 6.0.0)
2022-04-29 18:06:01 change Minor (5.1.0 > 5.2.0)
2022-04-01 20:29:14 change Minor (5.0.0 > 5.1.0)
2022-03-11 18:16:48 change Major (4.0.2 > 5.0.0)
2021-12-06 22:17:57 change Patch (4.0.1 > 4.0.2)
2021-09-08 15:39:57 change Patch (4.0.0 > 4.0.1)
2021-03-02 15:11:40 change Major (3.0.1 > 4.0.0)
2020-12-11 15:42:52 change Major (2.0.1 > 3.0.1)
2020-09-15 14:06:41 change Previous DisplayName: [Preview]: Kubernetes cluster pods and containers should only use allowed SELinux options
2020-07-08 14:28:08 add e1e6c427-07d9-46ab-9689-bfa85431e636
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC