Securing your Azure Kubernetes Service (AKS) clusters is paramount for protecting your applications and data. This section provides guidance and best practices across various security domains.
🛡️ Network Security
Learn to configure network policies, integrate with Azure Firewall, and secure ingress/egress traffic.
Explore Network Security →🔑 Authentication & Authorization
Understand how to integrate AKS with Azure Active Directory (now Microsoft Entra ID) for robust identity management.
Explore Auth & AuthZ →🔒 Secrets Management
Discover best practices for managing sensitive information like API keys and passwords using Azure Key Vault.
Explore Secrets Management →🦠 Image Security
Implement security scanning for container images and best practices for secure image registries.
Explore Image Security →🔎 Vulnerability Management
Leverage Azure Security Center and other tools for continuous monitoring and vulnerability assessment.
Explore Vulnerability Management →📜 Auditing & Monitoring
Set up comprehensive logging and auditing for your AKS clusters to track activities and detect threats.
Explore Auditing & Monitoring →Key Security Concepts
RBAC (Role-Based Access Control)
Pod Security Policies (Deprecated but important context)
- Understanding Pod Security Contexts
- Alternatives: Pod Security Admission (PSA)
- Overview of PSP Concepts
Network Policies
Secure Container Runtimes
- Choosing secure runtimes
- Ensuring runtime security
- Runtime Configuration Guide
Secrets Encryption
- AKS Secrets Encryption at Rest
- Integrating with Azure Key Vault
- Key Vault Integration Details
Azure Policy for Kubernetes
- Applying Azure Policies to AKS
- Custom policy definitions
- Azure Policy Overview
Getting Started
Begin by familiarizing yourself with the fundamental security controls. A good starting point is understanding how to integrate with Microsoft Entra ID for authentication and configuring basic network policies.
For deeper dives into specific features, navigate through the sections above or use the search functionality.