azure-policy icon indicating copy to clipboard operation
azure-policy copied to clipboard
verified publisher icon Azure

Azure Kubernetes Clusters should enable Key Management Service (KMS): evaluates incorrectly for clusters with system-assigned managed identity

Open v1adev opened this issue 2 years ago • 0 comments

Details of the scenario you tried and the problem that is occurring

The policy categorizes AKS clusters with system-assigned managed identity as compliant, even when KMS is not enabled.

Verbose logs showing the problem

N/A

Suggested solution to the issue

Remove the following condition from the policy rule:

          {
            "field": "identity.type",
            "notEquals": "SystemAssigned"
          }

If policy is Guest Configuration - details about target node

N/A

v1adev avatar Jul 26 '23 20:07 v1adev