Reading Time: 3 minutesIn the ever-evolving landscape of cloud computing and Kubernetes management, Microsoft’s Azure Kubernetes Service (AKS) continuously introduces features to bolster security and ease of management. A significant new feature now in preview is the ability to control SSH access to AKS cluster nodes, providing administrators with enhanced security capabilities. This Read more
Reading Time: 3 minutesHello there, Azure enthusiasts! Today, we’re diving into a game-changing feature in Azure Kubernetes Service (AKS) that’s currently in preview: the Fully Managed Resource Group, also known as AKS Node Resource Group Lockdown Mode. If you’ve been following the AKS scene, you know how critical it is to manage your Read more
Reading Time: 2 minutesIn the ever-evolving world of cloud native technologies, keeping your Kubernetes cluster, including Azure Kubernetes Service (Kubernetes), secure is paramount. On August 31, 2023, Microsoft added Agentless Discovery for Kubernetes to Defender for Containers. This exciting addition allows you to enhance your Kubernetes security without the hassle of installing extra Read more
Reading Time: 2 minutesIf you deploy your Azure Kubernetes Service (AKS) cluster in a private virtual network (VNET) to enhance security, management of the cluster becomes more complex. But with security this is something we expect. By default, when you use the az aks get-credentials command to configure access to your AKS cluster, Read more
Reading Time: 3 minutesIf you have been following along with my blog, you may have come across some previous posts about updating Azure Kubernetes Service (AKS). One (https://pixelrobots.co.uk/2019/05/apply-os-updates-to-aks-nodes-without-an-upgrade/) talked about kured (KUbernetes REboot Daemon) by weaveworks https://github.com/weaveworks/kured. The issue with this method is it only supported Linux Kubernetes nodes. So, your windows Kubernetes Read more
Reading Time: 4 minutesDid you know that even when you have enabled Azure AD integration with your AKS cluster, a subscription Owner and Contributor can still access you AKS cluster with the -admin switch? In fact, anyone who is a member of the Azure Kubernetes Service Cluster Admin Role (https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#azure-kubernetes-service-cluster-admin-role) can. You were Read more
Reading Time: 4 minutesYou may have read my previous blog post on applying OS updates to your Azure Kubernetes Cluster (AKS) without doing a cluster upgrade https://pixelrobots.co.uk/2019/05/apply-os-updates-to-aks-nodes-without-an-upgrade/. This method used kured (KUbernetes REboot Daemon) by weaveworks https://github.com/weaveworks/kured. This method installed some Kubernetes resources onto your cluster. This new method, which is still in Read more
Reading Time: 3 minutesWhen creating an Azure Kubernetes Service (AKS) cluster, even with Role Based Access Control (RBAC) and Azure Active Directory (Azure AD) integration enabled. By default, you can still use the az aks get-credentials command with the switch –admin to gain admin access. Bypassing all the extra security you have put Read more
Reading Time: 2 minutesAccording to reports, since COVID-19 forced millions to work remotely, hackers have been taking this opportunity to exploit new vulnerabilities that have arisen. If your business uses Microsoft 365 or Office 365 to support remote workers, you need to be sure your security is as strong as it can be Read more
Reading Time: 3 minutesIf like me you are using Azure Container Registry (ACR) to store your container images you may want to scan them for vulnerabilities. Now you can thanks to the Azure Security Centre standard tier. In this blog post, I will show you how to go about setting up your Azure Read more