No custom NSG rules for AKS managed NSGs

Operational Excellence · Network Security Group · Rule · 2022_09 · Awareness

AKS Network Security Group (NSG) should not have custom rules.

Description

AKS manages the Network Security Group (NSG) allocated to the cluster. There should be no custom rules added as it may cause conflicts, break the AKS cluster or have an unexpected result.

Recommendation

Do not create custom Network Security Group (NSG) rules for an AKS managed NSG.

Links

• AKS Network Security
• Azure deployment reference

Comments