When using Azure Kubernetes Service (AKS), there’s a chance that kubenet might be the only possible choice due to your requirements. If so, you may still want to use Application Gateway Ingress Controller (AGIC) to leverage Azure Application Gateway’s Web Application Firewall (WAF) capabilities. In this session, we will make the journey together to have a working AGIC in an AKS cluster with kubenet and managed identities.
Principal of least privilege is a commonly used phrase within the Technology Industry. The idea is that we’ll assign permissions of what the user needs to get the job done, rather than anything broader or more privileged. This helps reduce the blast radius in the event of a compromised account. This stretches to Azure resources at the management plane, but in some cases can also stretch to the data plane of those resources. We’ll be exploring these further in this blog post.