Limit access to AKS cluster IP from internal Azure traffic

Question

How to limit access to AKS cluster IP from internal Azure traffic using NSG on the load balancer/application gateway?

score 0 · Answer 1 · answered Nov 02 '21 at 20:53

You can limit the access to your AKS via setting authorized IP address with:

# Existing Cluster
az aks update \
  --name myAKSCluster \
  --resource-group myResourceGroup \
  --api-server-authorized-ip-ranges  73.140.245.0/24
    
# New Cluster
az aks create \
  --name MyAKSCluster \
  --resource-group MyResourceGroup \
  --api-server-authorized-ip-ranges  73.140.245.0/24

Your can find here good documentation.

NOTE: this will only affect accessing yoour cluster with kubectl etc, deplyoment pipelines etc.

If you are talking about limiting the access to your ingress controller, please leave a comment.

Limit access to AKS cluster IP from internal Azure traffic

1 Answers1