azure-policy icon indicating copy to clipboard operation
azure-policy copied to clipboard

Published 20 hours ago verified publisher icon Azure

Exempt Azure policy for AD Users in specific AD group?

Open smartaquarius10 opened this issue 1 year ago • 2 comments

Hello,

Is it possible to bypass Azure policy for specific AD users or AD groups while creating objects in Azure kubernetes.

Regards, Tanul

smartaquarius10 avatar Apr 28 '23 15:04 smartaquarius10

As far as I know, no, policies apply to all users and principals.

andaryjo avatar Apr 29 '23 23:04 andaryjo

But then how can we differentiate between admin and a normal user.

Consider Azure policy is applied for disabling root privileges pods. Now, if admin wanted to login aks node following this microsoft suggested approach then it won’t work. Ideally, for admins there should be some way to bypass.

smartaquarius10 avatar May 01 '23 05:05 smartaquarius10