You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/backup/azure-kubernetes-service-cluster-backup-policy.md
+16-12Lines changed: 16 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,5 +1,5 @@
1
1
---
2
-
title: Audit and Enforce Backup Operations for Azure Kubernetes Service clusters using Azure Policy
2
+
title: Audit and enforce backup operations for Azure Kubernetes Service clusters using Azure Policy
3
3
description: 'An article describing how to use Azure Policy to audit and enforce backup operations for all Azure Kubernetes Service clusters created in a given scope'
4
4
ms.topic: how-to
5
5
ms.date: 08/26/2024
@@ -8,7 +8,7 @@ author: AbhishekMallick-MS
8
8
ms.author: v-abhmallick
9
9
---
10
10
11
-
# Audit and Enforce Backup Operations for Azure Kubernetes Service clusters using Azure Policy
11
+
# Audit and enforce backup operations for Azure Kubernetes Service clusters using Azure Policy
12
12
13
13
One of the key responsibilities of a Backup or Compliance Admin in an organization is to ensure that all business-critical machines are backed up with the appropriate retention.
14
14
@@ -53,22 +53,26 @@ To assign Policy 3, follow these steps:
53
53
2. Select **Definitions** in the left menu to get a list of all built-in policies across Azure Resources.
54
54
55
55
3. Filter the list for **Category=Backup** and select the policy named *Install Azure Backup Extension in AKS clusters (Managed Cluster) with a given tag*.
56
-
:::image type="content" source="./media/azure-kubernetes-service-cluster-backup-policy/policy-dashboard-inline.png" alt-text="Screenshot showing how to filter the list by category on Policy dashboard." lightbox="./media/backup-azure-auto-enable-backup/policy-dashboard-expanded.png":::
56
+
57
+
:::image type="content" source="./media/azure-kubernetes-service-cluster-backup-policy/policy-dashboard-inline.png" alt-text="Screenshot showing how to filter the list by category on Policy dashboard." lightbox="./media/azure-kubernetes-service-cluster-backup-policy/policy-dashboard-inline.png":::
58
+
59
+
5. Select the name of the policy. You're then redirected to the detailed definition for this policy.
57
60
58
-
4. Select the name of the policy. You're then redirected to the detailed definition for this policy.
59
-
61
+
:::image type="content" source="./media/azure-kubernetes-service-cluster-backup-policy/policy-definition-blade.png" alt-text="Screenshot showing the Policy Definition tab." lightbox="./media/azure-kubernetes-service-cluster-backup-policy/policy-definition-blade.png":::
60
62
61
-
5. Select the **Assign** button at the top of the pane. This redirects you to the **Assign Policy** pane.
63
+
7. Select the **Assign** button at the top of the pane. This redirects you to the **Assign Policy** pane.
62
64
63
-
6. Under **Basics**, select the three dots next to the **Scope** field. It opens up a right context pane where you can select the subscription for the policy to be applied on. You can also optionally select a resource group, so that the policy is applied only for AKS clusters in a particular resource group.
64
-
65
+
8. Under **Basics**, select the three dots next to the **Scope** field. It opens up a right context pane where you can select the subscription for the policy to be applied on. You can also optionally select a resource group, so that the policy is applied only for AKS clusters in a particular resource group.
8. In the **Parameters** tab, choose a location from the drop-down, and select the storage account to which the backup extension installed in the AKS cluster in the scope must be associated. You can also choose to specify a tag name and an array of tag values. An AKS cluster that contains any of the specified values for the given tag are excluded from the scope of the policy assignment.
65
70
66
-
7. In the **Parameters** tab, choose a location from the drop-down, and select the storage account to which the backup extension installed in the AKS cluster in the scope must be associated. You can also choose to specify a tag name and an array of tag values. An AKS cluster that contains any of the specified values for the given tag are excluded from the scope of the policy assignment.
67
-
0 commit comments