Authorized IP ranges should be defined on AKS

%3CLINGO-SUB%20id%3D%22lingo-sub-1516364%22%20slang%3D%22en-US%22%3EAuthorized%20IP%20ranges%20should%20be%20defined%20on%20AKS%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1516364%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%20a%20private%20AKS%20cluster%2C%20and%20security%20center%20is%20reporting%20the%20following%3A%3C%2FP%3E%3CP%3EAuthorized%20IP%20ranges%20should%20be%20defined%20on%20Kubernetes%20Services%3C%2FP%3E%3CP%3ERestrict%20access%20to%20the%20Kubernetes%20Service%20Management%20API%20by%20granting%20API%20access%20only%20to%20IP%20addresses%20in%20specific%20ranges.%20It%20is%20recommended%20to%20limit%20access%20to%20authorized%20IP%20ranges%20to%20ensure%20that%20only%20applications%20from%20allowed%20networks%20can%20access%20the%20cluster.%3C%2FP%3E%3CP%3EWhen%20I%20attempted%20to%20apply%20the%20change%2C%20I%20got%20the%20following%20error%20back%3A%3CBR%20%2F%3EPrivate%20cluster%20cannot%20be%20enabled%20with%20AuthorizedIPRanges.%3C%2FP%3E%3CP%3ESo%20just%20reporting%20there%20is%20a%20mismatch%20between%20the%20security%20center%20and%20AKS%20features.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Visitor

I have a private AKS cluster, and security center is reporting the following:

Authorized IP ranges should be defined on Kubernetes Services

Restrict access to the Kubernetes Service Management API by granting API access only to IP addresses in specific ranges. It is recommended to limit access to authorized IP ranges to ensure that only applications from allowed networks can access the cluster.

When I attempted to apply the change, I got the following error back:
Private cluster cannot be enabled with AuthorizedIPRanges.

So just reporting there is a mismatch between the security center and AKS features.

0 Replies