Enable pod security policies for AKS cluster
Azure Policy built-in definitions for Azure Kubernetes Service
For new OSDU deployment on Azure, make sure the following security policies are enabled for AKS Built-in policy definitions for Azure Kubernetes Service - Azure Kubernetes Service | Microsoft Docs
-
Enable AKS Policies for osdu-azure namespace -
Enable AKS policies for istio-system namespace -
Enable AKS policies for airflow2 namespace -
Move csi secrets to kube-system as recommended by Microsoft docs Docs -
Fix non compliant policies - Allow Authorized IP Ranges, Enable private clusters. -
Documentation on how to enable the feature and fix compliance issues.