Loading controls...
Benchmark: Kubernetes Service
Description
This benchmark provides a set of controls that detect Terraform Azure Kubernetes Service resources deviating from security best practices.
Usage
Browse dashboards and select Kubernetes Service:
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check terraform_azure_compliance.benchmark.kubernetesSnapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share terraform_azure_compliance.benchmark.kubernetesControls
- Azure Defender for Kubernetes should be enabled
- Azure Policy Add-on for Kubernetes service (AKS) should be installed and enabled on your clusters
- Authorized IP ranges should be defined on Kubernetes Services
- Both operating systems and data disks in Azure Kubernetes Service clusters should be encrypted by customer-managed keys
- Temp disks and cache for agent node pools in Azure Kubernetes Service clusters should be encrypted at host
- Role-Based Access Control (RBAC) should be used on Kubernetes Services