Create a Post

Dome9 support for Azure Kubernetes Service (AKS)

Dome9 now supports Azure Kubernetes Service (AKS) which is an open-source fully managed container orchestration service. AKS helps in provisioning, scaling, and upgrades of resources as per requirement or demand without any downtime in the Kubernetes cluster.

As part of our Cloud Security Posture Management and Compliance module, you are now able to evaluate security of AKS using GSL language.

Few examples:

Ensure that the pod security policy is enabled in your AKS cluster

GSL : AksCluster should have properties.enablePodSecurityPolicy=true

Ensure that you are using authorized IP address ranges in order to secure access to the API server

GSL : AksClustershould not haveproperties.apiServerAccessProfile.authorizedIPRanges isEmpty()

Ensure that a network policy is in place to secure traffic between pods

GSL: AksCluster should not have properties.networkProfile.networkPolicy isEmpty()

0 Replies