You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-arc/kubernetes/use-azure-policy.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -41,22 +41,22 @@ Note that this step of creating a custom policy definition will not be needed on
41
41
6. Give the policy assignment a **Name** and **Description** that you can use to identify it easily.
42
42
7. Ensure that **Policy enforcement** is set to *Enabled*.
43
43
8. Click **Next**.
44
-
9. Set parameter values that will be used during creation of the `sourceControlConfiguration`.
44
+
9. Set parameter values that will be used during the creation of the `sourceControlConfiguration`.
45
45
10. Click **Next**.
46
46
11. Enable **Create a remediation task**.
47
47
12. Assure that **Create a managed identity** is checked, and that the identity will have **Contributor** permissions. See [this doc](https://docs.microsoft.com/azure/governance/policy/assign-policy-portal) and [the comment in this doc](https://docs.microsoft.com/azure/governance/policy/how-to/remediate-resources) for more information on the permissions you need.
48
48
13.**Review + create**
49
49
50
-
After the policy assignment is created, for any new `connectedCluster` resource (or `managedCluster` resource with the GitOps agents installed) that is located within the scope of the assignment the `sourceControlConfiguration` will be applied. For existing clusters you will need to manually run a remediation task. It typically takes from 10-20 minutes for the policy assignment to take effect.
50
+
After the policy assignment is created, for any new `connectedCluster` resource (or `managedCluster` resource with the GitOps agents installed) that is located within the scope of the assignment, the `sourceControlConfiguration` will be applied. For existing clusters, you will need to manually run a remediation task. It typically takes from 10-20 minutes for the policy assignment to take effect.
51
51
52
52
## Verify a policy assignment
53
53
54
54
1. In the Azure portal, navigate to one of your `connectedCluster` resources, and in the **Settings** section of the sidebar, select **Policies**. (The UX for AKS managed cluster is not implemented yet, but is coming.)
55
55
2. In the list, you should see the policy assignment that you created above, and the **Compliance state** should be *Compliant*.
56
56
3. In the **Settings** section of the sidebar, select **Configurations**.
57
-
4. In the list you should see the `sourceControlConfiguration` that the policy assignment created.
57
+
4. In the list, you should see the `sourceControlConfiguration` that the policy assignment created.
58
58
5. Use **kubectl** to interrogate the cluster: you should see the namespace and artifacts that were created by the `sourceControlConfiguration`.
59
-
6. Within 5 minutes or so you should see in the cluster the artifacts that are described in the manifests in the configured Git repo.
59
+
6. Within 5 minutes, you should see in the cluster the artifacts that are described in the manifests in the configured Git repo.
0 commit comments