AKS

Definition

Azure Kubernetes Service (AKS) is a managed container orchestration service provided by Microsoft Azure that simplifies deploying, managing, and scaling containerized applications using Kubernetes. AKS automates critical tasks such as health monitoring, scaling, and patching, allowing developers to focus on application development rather than infrastructure management. It integrates with Azure’s ecosystem, providing seamless access to Azure services and security features.

Secure Settings Example

apiVersion: v1
kind: Pod
metadata:
  name: secure-pod
spec:
  containers:
  - name: secure-container
    image: my-secure-image:latest
    securityContext:
      runAsUser: 1000
      runAsNonRoot: true
      capabilities:
        drop:
        - ALL
  automountServiceAccountToken: false

Insecure Settings Example

apiVersion: v1
kind: Pod
metadata:
  name: insecure-pod
spec:
  containers:
  - name: insecure-container
    image: my-insecure-image:latest
    securityContext:
      privileged: true
      runAsUser: 0
  automountServiceAccountToken: true