Please enable JavaScript.
Coggle requires JavaScript to display documents.
AKS, Best Practices, AKS access to Azure resources, Access to AKS cluster …
AKS
-
-
-
Deploy at least two nodes. That way, the workload will have a high availability pattern with two replicas.
Best Practices
Mgmt Traffic: use AKS's Authorized IP Ranges feature to only allow traffic from your authorized IP ranges to the API server.
secret management: Store secrets in a managed key store, such as Azure Key Vault. The advantage is that the managed store handles rotation of secrets, offers strong encryption, provides an access audit log, and keeps core secrets out of the deployment pipeline.
-
Use of tags, labels, and taints is recommended to identify the node pool to schedule your workload.
-
Access to AKS cluster
Using Azure AD
way 1: Azure Active Directory as an identity provider integrated with the native Kubernetes RBAC system.
-
Local Account access
Always manage access to your cluster via Azure Active Directory, and configure your cluster to explicitly disable local account access.