...
It takes a few minutes for the status to show Registered. You can check on the registration status using the az feature listcommand:
| Code Block |
|---|
|
az feature list -o table --query "[?contains(name, 'Microsoft.ContainerService/PodSecurityPolicyPreview')].{Name:name,State:properties.state}"
|
| Code Block |
|---|
Name State
--------------------------------------------------- -----------
Microsoft.ContainerService/PodSecurityPolicyPreview RegisteringRegistered |
When ready, refresh the registration of the Microsoft.ContainerService resource provider using the az provider registercommand:
| Code Block |
|---|
|
az provider register --namespace Microsoft.ContainerService |
Enable pod security policy on an AKS cluster
| Code Block |
|---|
|
$ az aks update \
--resource-group <RESOURCE_GROUP> \
--name <K8S_CLUSTER> \
--enable-pod-security-policy |
Example:
| Code Block |
|---|
$ az aks update \
--resource-group ncyd-perftest7-rg-onprem \
--name ncyd-perftest7-aks-cluster-onprem \
--enable-pod-security-policy |
| Code Block |
|---|
The behavior of this command has been altered by the following extension: aks-preview
| Running .. |