ArmContainerServiceModelFactory.ManagedClusterSecurityProfileDefenderSecurityGating Method

Definition

Namespace:: Azure.ResourceManager.ContainerService.Models

Assembly:: Azure.ResourceManager.ContainerService.dll

Package:: Azure.ResourceManager.ContainerService v1.5.0-beta.1

Source:: ArmContainerServiceModelFactory.cs

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Microsoft Defender settings for security gating, validates container images eligibility for deployment based on Defender for Containers security findings. Using Admission Controller, it either audits or prevents the deployment of images that do not meet security standards.

public static Azure.ResourceManager.ContainerService.Models.ManagedClusterSecurityProfileDefenderSecurityGating ManagedClusterSecurityProfileDefenderSecurityGating(bool? isSecurityGatingEnabled = default, System.Collections.Generic.IEnumerable<Azure.ResourceManager.ContainerService.Models.ManagedClusterSecurityProfileDefenderSecurityGatingIdentitiesItem> identities = default, bool? isSecretAccessAllowed = default);

static member ManagedClusterSecurityProfileDefenderSecurityGating : Nullable<bool> * seq<Azure.ResourceManager.ContainerService.Models.ManagedClusterSecurityProfileDefenderSecurityGatingIdentitiesItem> * Nullable<bool> -> Azure.ResourceManager.ContainerService.Models.ManagedClusterSecurityProfileDefenderSecurityGating

Public Shared Function ManagedClusterSecurityProfileDefenderSecurityGating (Optional isSecurityGatingEnabled As Nullable(Of Boolean) = Nothing, Optional identities As IEnumerable(Of ManagedClusterSecurityProfileDefenderSecurityGatingIdentitiesItem) = Nothing, Optional isSecretAccessAllowed As Nullable(Of Boolean) = Nothing) As ManagedClusterSecurityProfileDefenderSecurityGating

Parameters

isSecurityGatingEnabled: Nullable<Boolean>

Whether to enable Defender security gating. When enabled, the gating feature will scan container images and audit or block the deployment of images that do not meet security standards according to the configured security rules.

identities: IEnumerable<ManagedClusterSecurityProfileDefenderSecurityGatingIdentitiesItem>

List of identities that the admission controller will make use of in order to pull security artifacts from the registry. These are the same identities used by the cluster to pull container images. Each identity provided should have federated identity credential attached to it.

isSecretAccessAllowed: Nullable<Boolean>

In use only while registry access granted by secret rather than managed identity. Set whether to grant the Defender gating agent access to the cluster's secrets for pulling images from registries. If secret access is denied and the registry requires pull secrets, the add-on will not perform any image validation. Default value is false.

Returns

ManagedClusterSecurityProfileDefenderSecurityGating

A new ManagedClusterSecurityProfileDefenderSecurityGating instance for mocking.

Applies to

Commenti e suggerimenti

Questa pagina è stata utile?