MicrosoftGreat article.
(Update: corrected link below)
Are you using Hub/Spoke in the same way as in Hub/Spoke vnets? e.g. https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-peering-gateway-transit?
I want to take this work and extend it so that AKS cluster can expose some, but not all, its services to remote sites via S2S vpn. The use case is that in my case, the cluster is running a service that communicates with multiple private / external networks (non-cloud), each remote must be separated from each other and each one must have limited 2-way communications to a service on AKS and AKS itself must not be exposed to the public (basis of this article). The underlying pattern of our network is a "hub" that only contains the virtual gateways, local gateways, IPSEC configs that define comms to the remote sites and this "hub" is peered with "spoke" with the spoke using "transit" to route through the hub gateways. Do you think this article is a good starting point to adapt to this scenario?
