You're reading from Microsoft Azure Security Technologies Certification and Beyond Gain practical skills to secure your Azure environment and pass the AZ-500 exam

Product type Paperback

Published in Nov 2021

Publisher Packt

ISBN-13 9781800562653

Length 526 pages

Edition 1st Edition

Tools

Azure

Concepts

Cybersecurity

Author (1):

David Okeyode

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Implement Identity and Access Security for Azure

2. Chapter 1: Introduction to Azure Security FREE CHAPTER

3. Chapter 2: Understanding Azure AD

4. Chapter 3: Azure AD Hybrid Identity

5. Chapter 4: Azure AD Identity Security

6. Chapter 5: Azure AD Identity Governance

7. Section 2: Implement Azure Platform Protection

8. Chapter 6: Implementing Perimeter Security

9. Chapter 7: Implementing Network Security

10. Chapter 8: Implementing Host Security

11. Chapter 9: Implementing Container Security

12. Section 3: Secure Storage, Applications, and Data

13. Chapter 10: Implementing Storage Security

14. Chapter 11: Implementing Database Security

15. Chapter 12: Implementing Secrets, Keys, and Certificate Management with Key Vault

16. Chapter 13: Azure Cloud Governance and Security Operations

17. Assessments

18. Other Books You May Enjoy

AKS security best practices

There are multiple attack vectors that an adversary could exploit to compromise our AKS instances. For this reason, our security strategy should follow a defense-in-depth approach that includes multiple layers of protection. In the following sections, we will cover some of these layers.

Limiting access to the API server using authorized IP address ranges

The Kubernetes API server is the central management endpoint for an AKS cluster. Developers and administrators use client management tools, such as kubectl, to connect to it to perform cluster operations such as deploying applications, creating cluster objects, and scaling the number of nodes.

By default, the API server uses a public IP address with access to any IP address. From a security perspective, our objective should be to minimize any attacks on the Kubernetes control plane components. One way to do this is to limit the IP addresses that can communicate with the API server using the authorized...

The rest of the chapter is locked

You're reading from Microsoft Azure Security Technologies Certification and Beyond Gain practical skills to secure your Azure environment and pass the AZ-500 exam

Table of Contents (19) Chapters

AKS security best practices

Limiting access to the API server using authorized IP address ranges

Authors (1)

Personalised recommendations for you

You're reading from Microsoft Azure Security Technologies Certification and Beyond Gain practical skills to secure your Azure environment and pass the AZ-500 exam

Table of Contents (19) Chapters

AKS security best practices

Limiting access to the API server using authorized IP address ranges

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you