Hardening Archives - Pixel Robots.

AKS

Disable local user account (–admin) in Azure Kubernetes Service

Reading Time: 4 minutes Did you know that even when you have enabled Azure AD integration with your AKS cluster, a subscription Owner and Contributor can still access you AKS cluster with the -admin switch? In fact, anyone who is a member of the Azure Kubernetes Service Cluster Admin Role (https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#azure-kubernetes-service-cluster-admin-role) can. You were Read more…

By Pixel Robots., 8 months7 months ago

Azure

How to build an Azure Kubernetes Cluster using Managed Azure Active Directory Integration

Reading Time: 4 minutes This blog post is part of a series of blog posts for Azure Back to school https://azurebacktoschool.tech by Dwayne Natwick. For the whole of September different community members will be creating a blog post or video to about Azure. Mine as you can tell from the heading is about Azure Read more…

By Pixel Robots., 1 year1 year ago

AKS

Apply OS updates to AKS nodes without an upgrade

Reading Time: 3 minutes Microsoft protects our AKS clusters by applying OS security and/or kernel updates automatically to the nodes in our cluster. You will find some of the updates will need a reboot to complete. As part of this patching, Microsoft does not reboot our nodes. You could do an AKS upgrade, this Read more…

By Pixel Robots., 3 years3 years ago

Azure

Getting started with Secure DevOps Kit for Azure

Reading Time: 4 minutes In this article, I am going to show you how to Install Secure DevOps Kit for Azure (AzSK), do a scan against as subscription and then fix an issue using the recommendation. What is AzSK? Below is an overview of what AzSK is from their website. https://azsk.azurewebsites.net/README.html#overview The “Secure DevOps Read more…

By Pixel Robots., 3 years3 years ago

Azure

How to encrypt an Azure virtual machine scale sets (VMSS) running Windows

Reading Time: 3 minutes Recently at work I have been playing with Azure virtual machine scale sets (VMSS). On 03/04/2019 encryption of VMSS finally went GA! Using PowerShell and the Azure CLI you can now encrypt virtual machine scale sets. Prerequisites To be able to encrypt a VMSS you need to have a Key Read more…

By Pixel Robots., 3 years3 years ago

AKS

Quick Fix: Kubernetes Dashboard Forbidden on RBAC AKS Cluster

Reading Time: < 1 minute If you are using RBAC on your AKS cluster you will probably see a screen like the one below when you try to access the Kubernetes Dashboard. This is because you do not have access to the dashboard. Luckily its an easy fix. In your bash windows type the following. Read more…

By Pixel Robots., 3 years3 years ago

AKS

Create a RBAC Azure Kubernetes Services (AKS) cluster with Azure Active Directory using Terraform

Reading Time: 7 minutes In this article I am going to show you how to build a Role Based Access Controlled (RBAC) Azure Kubernetes Services (AKS) cluster using Terraform and Azure Active Directory. At the time of writing this article, when you create an AKS cluster using the portal or terraform RBAC is disabled Read more…

By Pixel Robots., 3 years3 years ago

Azure

The New and Improved way to Encrypt an Azure VM running Windows

Reading Time: 4 minutes Azure is constantly improving, and one area that has improved is the encryption of Azure Virtual Machines. You may have read a previous article of mine called Encrypt an Azure Virtual Machine by using Key Encryption Key, in this article I showed you how to encrypt the VM using a Read more…

By Pixel Robots., 3 years3 years ago

Azure

First Look At The New In Preview Azure Security Center PowerShell Cmdlets

Reading Time: 2 minutes Recently the Azure Security Center (ASC) team have released a preview of a new PowerShell module they have been working on, AzureRM.Security. This module is designed to allow you to manage the ASC automatically. You can view the module on the PowerShell gallery here. Below I will show you how Read more…

By Pixel Robots., 3 years3 years ago

Azure

Azure Load Balancer For RDP

Reading Time: 4 minutes In this article, I am going to walk through how to setup an Azure Load Balancer to allow you to connect to multiple VM’s using just one public IP address. The benefits of this, are not only the small cost saving but it also gives us better security due to Read more…

By Pixel Robots., 4 years3 years ago