avm.res.container-service.managed-cluster #1
avm.res.container-service.managed-cluster.yml
on: workflow_dispatch
Initialize pipeline
9s
Matrix: Run / job_psrule_test_waf_reliability
Matrix: Run / job_psrule_test_waf_security_cb
Matrix: Run / job_psrule_test
Matrix: Run / job_psrule_test_waf_security
Matrix: Run / job_module_deploy_validation
Run
/
Publishing
0s
Annotations
46 errors
Run / PSRule - WAF Security - AVM Custom Baseline [defaults]
AZR-000032: ***csmin001 failed Azure.AKS.AzureRBAC. Use Azure RBAC for Kubernetes Authorization with AKS clusters.
|
Run / PSRule - WAF Security - AVM Custom Baseline [defaults]
One or more assertions failed. One or more rules reported failure.
|
Run / PSRule - WAF Security - AVM Custom Baseline [defaults]
Process completed with exit code 1.
|
Run / PSRule - WAF Security [waf-aligned]
AZR-000408: 864e505983a1f-test-cswaf-init failed Azure.Deployment.SecureParameter. Sensitive parameters that have been not been marked as secure may leak the secret into deployment history or logs.
|
Run / PSRule - WAF Security [waf-aligned]
AZR-000408: 864e505983a1f-test-cswaf-idem failed Azure.Deployment.SecureParameter. Sensitive parameters that have been not been marked as secure may leak the secret into deployment history or logs.
|
Run / PSRule - WAF Security [waf-aligned]
AZR-000022: ***cswaf001 failed Azure.AKS.AuditLogs. AKS clusters should collect security-based audit logs to assess and monitor the compliance status of workloads.
|
Run / PSRule - WAF Security [waf-aligned]
AZR-000435: ***cswaf001 failed Azure.AKS.NodeAutoUpgrade. Deploy AKS Clusters with Node Auto-Upgrade enabled
|
Run / PSRule - WAF Security [waf-aligned]
AZR-000029: ***cswaf001 failed Azure.AKS.ManagedAAD. Use AKS-managed Azure AD to simplify authorization and improve security.
|
Run / PSRule - WAF Security [waf-aligned]
AZR-000032: ***cswaf001 failed Azure.AKS.AzureRBAC. Use Azure RBAC for Kubernetes Authorization with AKS clusters.
|
Run / PSRule - WAF Security [waf-aligned]
AZR-000033: ***cswaf001 failed Azure.AKS.SecretStore. Deploy AKS clusters with Secrets Store CSI Driver and store Secrets in Key Vault.
|
Run / PSRule - WAF Security [waf-aligned]
One or more assertions failed. One or more rules reported failure.
|
Run / PSRule - WAF Security [waf-aligned]
Process completed with exit code 1.
|
Run / PSRule - WAF Security - AVM Custom Baseline [waf-aligned]
AZR-000032: ***cswaf001 failed Azure.AKS.AzureRBAC. Use Azure RBAC for Kubernetes Authorization with AKS clusters.
|
Run / PSRule - WAF Security - AVM Custom Baseline [waf-aligned]
One or more assertions failed. One or more rules reported failure.
|
Run / PSRule - WAF Security - AVM Custom Baseline [waf-aligned]
Process completed with exit code 1.
|
Run / PSRule - WAF Security [defaults]
AZR-000408: 864e505983a1f-test-csmin-init failed Azure.Deployment.SecureParameter. Sensitive parameters that have been not been marked as secure may leak the secret into deployment history or logs.
|
Run / PSRule - WAF Security [defaults]
AZR-000408: 864e505983a1f-test-csmin-idem failed Azure.Deployment.SecureParameter. Sensitive parameters that have been not been marked as secure may leak the secret into deployment history or logs.
|
Run / PSRule - WAF Security [defaults]
AZR-000022: ***csmin001 failed Azure.AKS.AuditLogs. AKS clusters should collect security-based audit logs to assess and monitor the compliance status of workloads.
|
Run / PSRule - WAF Security [defaults]
AZR-000435: ***csmin001 failed Azure.AKS.NodeAutoUpgrade. Deploy AKS Clusters with Node Auto-Upgrade enabled
|
Run / PSRule - WAF Security [defaults]
AZR-000027: ***csmin001 failed Azure.AKS.NetworkPolicy. AKS clusters without inter-pod network restrictions may be permit unauthorized lateral movement.
|
Run / PSRule - WAF Security [defaults]
AZR-000029: ***csmin001 failed Azure.AKS.ManagedAAD. Use AKS-managed Azure AD to simplify authorization and improve security.
|
Run / PSRule - WAF Security [defaults]
AZR-000030: ***csmin001 failed Azure.AKS.AuthorizedIPs. Restrict access to API server endpoints to authorized IP addresses.
|
Run / PSRule - WAF Security [defaults]
AZR-000032: ***csmin001 failed Azure.AKS.AzureRBAC. Use Azure RBAC for Kubernetes Authorization with AKS clusters.
|
Run / PSRule - WAF Security [defaults]
AZR-000033: ***csmin001 failed Azure.AKS.SecretStore. Deploy AKS clusters with Secrets Store CSI Driver and store Secrets in Key Vault.
|
Run / PSRule - WAF Security [defaults]
AZR-000370: ***csmin001 failed Azure.AKS.DefenderProfile. Enable the Defender profile with Azure Kubernetes Service (AKS) cluster.
|
Run / PSRule [waf-aligned]
AZR-000408: 864e505983a1f-test-cswaf-init failed Azure.Deployment.SecureParameter. Use secure parameters for any parameter that contains sensitive information.
|
Run / PSRule [waf-aligned]
AZR-000408: 864e505983a1f-test-cswaf-idem failed Azure.Deployment.SecureParameter. Use secure parameters for any parameter that contains sensitive information.
|
Run / PSRule [waf-aligned]
AZR-000022: ***cswaf001 failed Azure.AKS.AuditLogs. AKS clusters should collect security-based audit logs to assess and monitor the compliance status of workloads.
|
Run / PSRule [waf-aligned]
AZR-000435: ***cswaf001 failed Azure.AKS.NodeAutoUpgrade. Deploy AKS Clusters with Node Auto-Upgrade enabled
|
Run / PSRule [waf-aligned]
AZR-000029: ***cswaf001 failed Azure.AKS.ManagedAAD. Use AKS-managed Azure AD to simplify authorization and improve security.
|
Run / PSRule [waf-aligned]
AZR-000032: ***cswaf001 failed Azure.AKS.AzureRBAC. Use Azure RBAC for Kubernetes Authorization with AKS clusters.
|
Run / PSRule [waf-aligned]
AZR-000033: ***cswaf001 failed Azure.AKS.SecretStore. Deploy AKS clusters with Secrets Store CSI Driver and store Secrets in Key Vault.
|
Run / PSRule [waf-aligned]
One or more assertions failed. One or more rules reported failure.
|
Run / PSRule [waf-aligned]
Process completed with exit code 1.
|
Run / PSRule [defaults]
AZR-000408: 864e505983a1f-test-csmin-init failed Azure.Deployment.SecureParameter. Use secure parameters for any parameter that contains sensitive information.
|
Run / PSRule [defaults]
AZR-000408: 864e505983a1f-test-csmin-idem failed Azure.Deployment.SecureParameter. Use secure parameters for any parameter that contains sensitive information.
|
Run / PSRule [defaults]
AZR-000017: ***csmin001 failed Azure.AKS.PoolScaleSet. Deploy AKS clusters with nodes pools based on VM scale sets.
|
Run / PSRule [defaults]
AZR-000018: ***csmin001 failed Azure.AKS.NodeMinPods. Azure Kubernetes Cluster (AKS) nodes should use a minimum number of pods.
|
Run / PSRule [defaults]
AZR-000022: ***csmin001 failed Azure.AKS.AuditLogs. AKS clusters should collect security-based audit logs to assess and monitor the compliance status of workloads.
|
Run / PSRule [defaults]
AZR-000023: ***csmin001 failed Azure.AKS.PlatformLogs. AKS clusters should collect platform diagnostic logs to monitor the state of workloads.
|
Run / PSRule [defaults]
AZR-000435: ***csmin001 failed Azure.AKS.NodeAutoUpgrade. Deploy AKS Clusters with Node Auto-Upgrade enabled
|
Run / PSRule [defaults]
AZR-000027: ***csmin001 failed Azure.AKS.NetworkPolicy. Deploy AKS clusters with Network Policies enabled.
|
Run / PSRule [defaults]
AZR-000029: ***csmin001 failed Azure.AKS.ManagedAAD. Use AKS-managed Azure AD to simplify authorization and improve security.
|
Run / PSRule [defaults]
AZR-000030: ***csmin001 failed Azure.AKS.AuthorizedIPs. Restrict access to API server endpoints to authorized IP addresses.
|
Run / Static validation
[-] [container-service/managed-cluster/agent-pool] The [main.json] ARM template should be based on the current [main.bicep] Bicep template. 2.73s (2.73s|1ms)
|
Run / Static validation
Process completed with exit code 1.
|