Forum Discussion
Misplacement of schema in AllowedHostPathVolumesInKubernetesClusterList Policy Parameter?
In the Microsoft Cloud Security Benchmark, the policy parameter `AllowedHostPathVolumesInKubernetesClusterList` defines a `schema` object nested under metadata. Is this placement intentional, or should the schema be defined at the top level of the parameter
https://github.com/Azure/azure-policy/blob/303a0000a3b9d1aed7361c69edaafd4340d37df7/built-in-policies/policySetDefinitions/Azure%20Government/Security%20Center/AzureSecurityCenter.json#L4132
2 Replies
The placement of the schema object under metadata in the AllowedHostPathVolumesInKubernetesClusterList parameter is not typical for Azure Policy parameters. In standard Azure Policy definitions, the schema for a parameter should be defined at the top level of the parameter object, not nested under metadata. This looks more like a misplacement or legacy artifact rather than intentional design.
Thanks for your answer! Will there be a fix for this?
