Daniel's Tech Blog

Cloud Computing, Cloud Native & Kubernetes

Tag: Security

  • Deploy Azure DNS security policies via Terraform

    Today, I walk you through a new feature that has been released this year: Azure DNS security policies. -> https://azure.microsoft.com/en-us/updates?WT.mc_id=AZ-MVP-5000119&id=497535 Azure DNS security policies allow you to get insights into your DNS traffic at the Virtual Network level. The two main use cases for DNS security policies are blocking name resolution of known or malicious…

  • Restrict access to the IMDS endpoint on Azure Kubernetes Service with Cilium

    In today’s blog post, we take a look at restricting access to the Azure IMDS endpoint on an Azure Kubernetes Service (AKS) cluster with Cilium using the BYOCNI approach. The Instance Metadata Service (IMDS) endpoint, also known as short IMDS, can be called directly from every Azure VM or VMSS instance via the following command.…

  • Identifying values for the Azure Policy field parameter

    In Azure, you can use Azure Policy with its field parameter to check for or enforce certain Azure resource configurations. For instance, the built-in policy “Allowed virtual machine size SKUs” uses the field parameter to restrict the available VM SKUs. This is especially useful for not accidentally provisioning very expensive VM SKUs like the ones…

  • Designing the Azure Data Explorer table structure for Azure Diagnostic Logs or Defender for Cloud data ingestion

    In my recent blog posts about Azure Data Explorer, I wrote about Activity Logs and Diagnostic Logs ingestion. -> https://www.danielstechblog.io/ingesting-azure-diagnostic-logs-into-azure-data-explorer/ -> https://www.danielstechblog.io/export-azure-kubernetes-service-control-plane-logs-to-azure-data-explorer/ Today, I would like to discuss how to design the Azure Data Explorer table for the Diagnostic Logs or Defender for Cloud log data ingestion. Depending on your preferences, you can choose between…

  • Configure Microsoft Defender for Cloud continuous export via Terraform

    Microsoft Defender for Cloud supports the continuous export of a variety of data to Azure Event Hubs and Azure Log Analytics workspaces. When you use Azure Event Hubs, you can stream those data also to 3rd-party solutions or Azure Data Explorer. The continuous export is handy for security alerts to maintain them for a longer…

  • Fluent Bit and Kata Containers on Azure Kubernetes Service

    In the past, I have written two blog posts about how to run untrusted workloads on Azure Kubernetes Service. -> https://www.danielstechblog.io/running-gvisor-on-azure-kubernetes-service-for-sandboxing-containers/ -> https://www.danielstechblog.io/using-kata-containers-on-azure-kubernetes-service-for-sandboxing-containers/ Today, I walk you through how you gather log data of an untrusted workload isolated by Kata Containers with Fluent Bit. When you hear isolated, it always comes to mind that only…

WordPress Cookie Notice by Real Cookie Banner