Skip to content

Commit 12c7afc

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #276187 from AndreiBarbu95/patch-11
Update vulnerabilities scenario on support-policies.md
2 parents b821f7e + 310bd6c commit 12c7afc

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

articles/aks/support-policies.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,7 @@ Microsoft doesn't provide technical support for the following scenarios:
8282
* Network customizations other than the ones listed in the [AKS documentation](./index.yml).
8383
* Custom or third-party CNI plugins used in [BYOCNI](use-byo-cni.md) mode.
8484
* Stand-by and proactive scenarios. Microsoft Support provides reactive support to help solve active issues in a timely and professional manner. However, standby or proactive support to help you eliminate operational risks, increase availability, and optimize performance are not covered. [Eligible customers](https://www.microsoft.com/unifiedsupport) can contact their account team to get nominated for [Azure Event Management service](https://devblogs.microsoft.com/premier-developer/proactively-plan-for-your-critical-event-in-azure-with-enhanced-support-and-engineering-services/). It's a paid service delivered by Microsoft support engineers that includes a proactive solution risk assessment and coverage during the event.
85+
* Vulnerabilities / CVEs with a vendor fix that is less than 30 days old. As long as you're running the updated VHD, you shouldn't be running any container image vulnerabilities / CVEs with a vendor fix that is over 30 days old. It is customer responsibility to update the VHD and provide filtered lists to Microsoft support. Once you updated your VHD, it is customer responsibility to filter the vulnerabilities / CVEs report and provide a list only with vulnerabilities/CVEs with a vendor fix that is over 30 days old. If that will be the case, Microsoft support will make sure to work internally and address components with a vendor fix released more than 30 days ago. Additionally, Microsoft provide vulnerability / CVE-related support only for Microsoft-managed components (i.e., AKS node images, managed container images for applications that get deploy during cluster creation or via the installation of a managed add-on). For more details about vulnerability management for AKS, please visit [this page](concepts-vulnerability-management.md).
8586

8687
## AKS support coverage for agent nodes
8788

0 commit comments

Comments
 (0)