Azure Kubernetes Service instances should have RBAC enabled

Description

Azure Kubernetes Services has the capability to integrate Azure Active Directory users and groups into Kubernetes RBAC controls within the AKS Kubernetes API Server. This should be utilized to enable granular access to Kubernetes resources within the AKS clusters supporting RBAC controls not just of the overarching AKS instance but also the individual resources managed within Kubernetes.

Portal Remediation Steps

  • You need to redeploy the cluster to enable RBAC.

CLI Remediation Steps

  • You need to redeploy the cluster to enable RBAC.