Course Includes:
- Price: FREE
- Enrolled: 31435 students
- Language: English
- Certificate: Yes
- Difficulty: Advanced
Coupon verified 02:26 AM (updated every 10 min)
Course Folder
What You'll Learn
- Learn AKS and Kubernetes network best practices
- Learn how to securely expose services in Kubernetes
- Learn how to secure pod to pod communication
- Learn to setup TLS certificates for pods and ingress
Requirements
- You will need to understand the fundamentals of kubernetes. This course build up on the basics.
Description
You started your journey learning Kubernetes ?
You have been learning the fundamentals of a Kubernetes cluster ?
And now you want to make sure your cluster is production ready in terms of security ?
If you are looking for how to secure your Kubernetes cluster then this course is for you.
Let us face it, security is not an easy task. And Kubernetes is not an exception.
Securing a Kubernetes cluster requires thinking about all these aspects:
Network security: through private cluster access to API Server with Private Endpoint.
Secure egress traffic: all egress traffic should be filtered using Firewall.
Secure ingress traffic: using TLS and HTTPS on the ingress controller.
Secure inter-pod communication: secure traffic between pods using TLS or mTLS.
Controlling traffic between pods: using Network Policy tools like Calico.
Securing access to Managed Identities: by restricting access to IMDS endpoint (169.254.169.254).
Implementing a Landing Zone: with integration into the Hub an Spoke model
Customize logging and metrics collection
Reduce the cost of the cluster infrastructure
Microsoft provides the following recommendations to secure an AKS cluster and this course will try to go deeper with demonstration.
Recommendation 1: To distribute HTTP or HTTPS traffic to your applications, use ingress resources and controllers. Compared to an Azure load balancer, ingress controllers provide extra features and can be managed as native Kubernetes resources.
Recommendation 2: To scan incoming traffic for potential attacks, use a web application firewall (WAF) such as Barracuda WAF for Azure or Azure Application Gateway. These more advanced network resources can also route traffic beyond just HTTP and HTTPS connections or basic TLS termination.
Recommendation 3: Use network policies to allow or deny traffic to pods. By default, all traffic is allowed between pods within a cluster. For improved security, define rules that limit pod communication.
Recommendation 4: Don't expose remote connectivity to your AKS nodes. Create a bastion host, or jump box, in a management virtual network. Use the bastion host to securely route traffic into your AKS cluster to remote management tasks.
Disclaimer: This course uses Azure Kubernetes Service (AKS) for demonstrations. But most of the content is applicable to any Kubernetes cluster on any environment.
Who this course is for:
- This course is for platform teams that needs to manage Kubernetes cluster and securely deploy apps.
Recommended Courses
Deploy Infra in the Cloud using Terraform
FREE
Learn how to apply Infrastructure as Code (IaC) with Terraform. Covers Web Apps, Database, VM, Kubernetes and Azure.
Enrolled
Learn Azure DevOps CI/CD pipelines
FREE
Create CI/CD pipelines for Java, .NET, NodeJs, Docker, Terraform, Nuget, Kubernetes, SQL Server, Bicep and ARM templates
Enrolled
Data-Centric Machine Learning with Python: Hands-On Guide
FREE
Master data preprocessing, feature engineering, and ML modeling techniques with a hands-on loan prediction project.
Enrolled
M1-Project (ELSA)- Defining and Targeting Your Idea Customer
FREE
Learn How to Use the M1-Project Tool to Define, Target, and Reach Your Ideal Customer Profile - Use A.I. Superiority
Enrolled
Fundamentals of Project Management for Civil Engineers
FREE
Master Construction Project Management From Zero - Think like a Project Manager in your Next project
Enrolled
MEDITATION – Chakra Healing, Balance, and Life Energy
FREE
Harmonize Your Inner Energy Through Meditation
Enrolled
Mastering Chinese Tea: Simple Brewing in Dialogues(2024)
FREE
An easy start for tea beginners
Enrolled
Estratégia e Desenvolvimento de Produtos
FREE
Diploma Profissional em Metodologias de Investigação em Estratégia e Desenvolvimento de Produtos pelo MTF Institute
Enrolled
Holistic Techniques to ease Depression, Anxiety and Trauma
FREE
Use breathwork, Ho’oponopono, Meditation, Polyvagal and energy healing to release blocks and reclaim your vitality
EnrolledPrevious Courses
Azure Container Apps: intro and deep dive
FREE
Master Azure Container Apps: Build, Deploy, and Scale Your Applications with Confidence
Enrolled
ISO 22301 Implementation Step by Step With Templates
FREE
Practical Guide to BCMS Implementation
Enrolled
Java Interview Questions Coding Practice [SOLUTIONS] 2025
FREE
Java Coding Interview Questions and Answers (Solution Code with Detailed Explanations) | Coding Practice Exercises
Enrolled
Python Interview Questions Coding Practice [SOLUTIONS] 2025
FREE
100 Python Coding Interview Questions and Answers (Solution Code with Detailed Explanations) | Coding Practice Exercises
Enrolled
JavaScript Coding Interview Questions [with SOLUTIONS] 2025
FREE
100+ JavaScript Interview Coding Questions and Answers (Solution Code with Detailed Explanations)
Enrolled
Build Product Management deliverable portfolio using ChatGPT
FREE
Craft your draft Portfolio Product Management in less than a month using AI-Driven Strategies with ChatGPT
Enrolled
Scrum Master Certification
FREE
Scrum Master Certification by Agile Enterprise Coach, London
Enrolled
C-level management: analyzing a business for maximal growth
FREE
Growing a business starts with analysis and actionable steps to improve processes and overall entrepreneurial success.
Enrolled
C-level management: proven frameworks and techniques
FREE
Meet and exceed your career goals to become a visionary leader and executive leader
Enrolled