I found some findings related to Azure Kubernetes Cluster in the Azure Security Center Recommendations.
Immutable (read-only) root filesystem should be enforced for containers. Services should listen on allowed ports only. Containers should listen on allowed ports only. Running containers as root user should be avoided. Container with privilege escalation should be avoided. Container CPU and memory limits should be enforced.
If anybody has an idea how to remediate these issues let me know.
These all due to limitations of Azure Security Center policies and how they identify the vulnerabilities. FOr example, ASC will only check the security context of the pods template to understand whether it is running with root user or not. Evenn if your container running with non-root user also will reflect in the affected pod list, if the property is not set to the pods specific eventhough your image has already set a non-root user. The same limitations are there for your other mentioned alerts also.
So we have options like, disable the alerts which are not related the cluster or as they recommended in the remediation steps, just follow to add the properties just to remediate eventhough that doesnt make much sense.
