v1.39.0-B0029
Pre-release
Pre-release
·
145 commits
to main
since this release
What's changed since pre-release v1.39.0-B0009:
- New rules:
- Azure Kubernetes Service:
- Verify that clusters have kube-audit logging disabled when not required by @BenjaminEngeset.
#2450 - Verify that clusters have the customer-controlled maintenance windows
aksManagedAutoUpgradeSchedule
andaksManagedNodeOSUpgradeSchedule
configured by @BenjaminEngeset.
#2444
- Verify that clusters have kube-audit logging disabled when not required by @BenjaminEngeset.
- Virtual Network:
- Verify that zonal-deployed Azure firewalls uses Azure NAT Gateway for outbound access by @BenjaminEngeset.
##3005 - Verify that subnets have disabled default outbound access for virtual machines by @BenjaminEngeset.
#3001
- Verify that zonal-deployed Azure firewalls uses Azure NAT Gateway for outbound access by @BenjaminEngeset.
- Azure Kubernetes Service:
- Updated rules:
- Virtual Network:
- Updated
Azure.VNET.UseNSGs
to correctly handle cases for special purpose and customer-excluded subnets by @BenjaminEngeset.
#3007
- Updated
- Virtual Network:
- General improvements:
- Add binding configuration to policy as rules docs by @BernieWhite.
#2995
- Add binding configuration to policy as rules docs by @BernieWhite.
See change log.