Skip to content

AKS clusters use Azure Network Policies#

Security · Azure Kubernetes Service · Azure.AKS.NetworkPolicy

Deploy AKS clusters with Azure Network Policies enabled.

Description#

By default, all pods in an AKS cluster can send and receive traffic without limitations. Network Policy defines access policies for limiting network communication of Pods.

For improved security, define network policy rules to control the flow of traffic. For example, only permit backend components to receive traffic from frontend components.

To use Network Policy it must be enabled at cluster deployment time. AKS supports two implementations of network policies, Azure Network Policies and Calico Network Policies. Azure Network Policies are supported by Azure support and engineering teams.

Recommendation#

Azure Network Policies improve cluster and workload security by limiting network communication.

Network Policy is a deployment time configuration. Consider redeploying the AKS cluster with Network Policy enabled.


Last update: 2021-09-24