Persona: Cluster Admin
You have managed to build a cluster on your own infrastructure, onboard it to Azure Arc, host a (relatively) real-world application all without sharing any credentials and keeping it as secure as possible.
However there are a few points that could be improved.
Currently anyone with access to the config file has cluster administrator priveleges. You want to ensure that only authorised users may see their own resources according to the secure baseline
Add one of the measures outlined above to conform your cluster to the secure baseline.
This could be by adding Azure AD to control the cluster administrator.
- You are prompted to authenticate with Azure AD when accessing the cluster
- You have discussed at least one other aspect of the secure baseline and describe how it would be applied
- Azure AD
- Azure RBAC - Conceptual
- Azure RBAC - Step by step
- Secure Baseline
- Secure Baseline on GitHub
Help us improve
Azure Citadel is a community site built on GitHub, please contribute and send a pull requestMake a change