Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Azure for Architects

You're reading from   Azure for Architects Create secure, scalable, high-availability applications on the cloud

Arrow left icon
Product type Paperback
Published in Jul 2020
Publisher Packt
ISBN-13 9781839215865
Length 698 pages
Edition 3rd Edition
Languages
Tools
Arrow right icon
Authors (3):
Arrow left icon
Jack Lee Jack Lee
Author Profile Icon Jack Lee
Jack Lee
Ritesh Modi Ritesh Modi
Author Profile Icon Ritesh Modi
Ritesh Modi
Rithin Skaria Rithin Skaria
Author Profile Icon Rithin Skaria
Rithin Skaria
Arrow right icon
View More author details
Toc

Table of Contents (21) Chapters Close

Preface 1. Getting started with Azure 2. Azure solution availability, scalability, and monitoring FREE CHAPTER 3. Design pattern – Networks, storage, messaging, and events 4. Automating architecture on Azure 5. Designing policies, locks, and tags for Azure deployments 6. Cost management for Azure solutions 7. Azure OLTP solutions 8. Architecting secure applications on Azure 9. Azure Big Data solutions 10. Serverless in Azure – Working with Azure Functions 11. Azure solutions using Azure Logic Apps, Event Grid, and Functions 12. Azure Big Data eventing solutions 13. Integrating Azure DevOps 14. Architecting Azure Kubernetes solutions 15. Cross-subscription deployments using ARM templates 16. ARM template modular design and implementation 17. Designing IoT solutions 18. Azure Synapse Analytics for architects 19. Architecting intelligent solutions Index

Access and identity for AKS

Kubernetes clusters can be secured in multiple ways.

The service account is one of the primary user types in Kubernetes. The Kubernetes API manages the service account. Authorized Pods can communicate with the API server using the credentials of service accounts, which are stored as Kubernetes Secrets. Kubernetes does not have any data store or identity provider of its own. It delegates the responsibility of authentication to external software. It provides an authentication plugin that checks for the given credentials and maps them to available groups. If the authentication is successful, the request passes to another set of authorization plugins to check the permission levels of the user on the cluster, as well as the namespace-scoped resources.

For Azure, the best security integration would be to use Azure AD. Using Azure AD, you can also bring your on-premises identities to AKS to provide centralized management of accounts and security. The basic...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image