AKS does not use Azure policies add-on
Description
Azure Policy Add-on for Kubernetes service (AKS) extends Gatekeeper v3, an admission controller webhook for Open Policy Agent (OPA), to apply at-scale enforcements and safeguards on your clusters in a centralized, consistent manner.
Fix - Buildtime
Terraform
- Resource: azurerm_kubernetes_cluster
- Argument: addon_profile.azure_policy.enabled
resource "azurerm_kubernetes_cluster" "example" {
...
+ addon_profile {
+ azure_policy {
+ enabled = true
}
}
}