Posts under Azure Kubenetes Service Security
Welcome to the final post in our four-part series on security best practices for Azure Kubernetes Service. In the first three installments, we covered how to create secure AKS clusters and container images (part 1), how to lock down cluster networking (part 2), and how to plan and enforce application runtime safeguards (part 3). This post will close out the series by covering the routine maintenance and operational tasks required to keep your AKS clusters and infrastructure secured.
In part one of this series on Azure Kubernetes Service (AKS) security best practices, we covered how to plan and create AKS clusters to enable crucial Kubernetes security features like RBAC and network policies. We also discussed best practices for creating secure images to deploy to your AKS cluster and the need for performing regular vulnerability scans on those images. This post will cover topics related to the networking infrastructure of AKS clusters and suggestions for locking those networks down to protect against external attacks and internal misconfigurations of a cluster’s workloads.