Azure > Kubernetes Service >

Network Exposure

HIGH

Source

CloudSploit

ID

network-exposure

management console

Network Exposure

Ensures that Azure Kubernetes clusters are not exposed to the internet.

In a private cluster, the control plane or API server has internal IP addresses that are defined in the RFC1918 - Address Allocation for Private Internet document. By using a private cluster, you can ensure network traffic between your API server and your node pools remains on the private network only.

Recommended Actions

Modify cluster network configuration and enable private cluster feature.

Links

https://learn.microsoft.com/en-us/azure/aks/private-clusters

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2024 Aqua Security Software Ltd. Privacy Policy | Terms of Use