FQDN Filtering in AKS: Enhancing Security with Advanced Container Networking Services (ACNS)

Reading Time: 5 minutes In today’s cloud-native world, securing your Kubernetes clusters is more critical than ever. Traditional IP-based security measures often fall short in dynamic environments where IP addresses change frequently. This is where Fully Qualified Domain Name (FQDN) filtering comes into play, offering a more efficient and scalable way to manage network Read more…

Implementing Deployment Safeguards in Azure Kubernetes Service (AKS): A Step-by-Step Guide

Reading Time: 4 minutes Azure Kubernetes Service (AKS) introduces Deployment Safeguards, a feature designed to enforce Kubernetes best practices through Azure Policy controls. This guide provides a step-by-step walkthrough on how to set up and leverage Deployment Safeguards for more secure and compliant Kubernetes deployments. Understanding Deployment Safeguards Deployment Safeguards are designed to enforce Read more…

Introducing Enhanced Security in Azure Kubernetes Service: Disabling SSH Access on Cluster Nodes

Reading Time: 3 minutes In the ever-evolving landscape of cloud computing and Kubernetes management, Microsoft’s Azure Kubernetes Service (AKS) continuously introduces features to bolster security and ease of management. A significant new feature now in preview is the ability to control SSH access to AKS cluster nodes, providing administrators with enhanced security capabilities. This Read more…

We now have Agentless Discovery for Kubernetes in Defender for Containers

Reading Time: 2 minutes In the ever-evolving world of cloud native technologies, keeping your Kubernetes cluster, including Azure Kubernetes Service (Kubernetes), secure is paramount. On August 31, 2023, Microsoft added Agentless Discovery for Kubernetes to Defender for Containers. This exciting addition allows you to enhance your Kubernetes security without the hassle of installing extra Read more…

Automatic Azure Kubernetes Service (AKS) node Image updates

Reading Time: 3 minutes If you have been following along with my blog, you may have come across some previous posts about updating Azure Kubernetes Service (AKS).  One (https://pixelrobots.co.uk/2019/05/apply-os-updates-to-aks-nodes-without-an-upgrade/) talked about kured (KUbernetes REboot Daemon) by weaveworks  https://github.com/weaveworks/kured. The issue with this method is it only supported Linux Kubernetes nodes. So, your windows Kubernetes Read more…