Azure CNI networking for dynamic allocation of IPs support authorized ip ranges for AKS ?

Sourav Bhattacharya 60 Reputation points


It's not mentioned as the limitation here,

But I am wondering does it support authorized ip ranges for AKS cluster ?

The Pod subnet which we create is delegated to "Microsoft.ContainerService/managedClusters".

So if we put authorized IP ranges to restrict cluster access will it prevent PODS to communicate to control plane ?

Can create AKS private cluster with "Azure CNI networking for dynamic allocation of IPs" ?



Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,647 questions
{count} votes

Accepted answer
  1. shiva patpi 12,316 Reputation points Microsoft Employee

    @Sourav Bhattacharya

    I just tested to double confirm the same w.r.t Private AKS clusters & AKS with authorized IP ranges.

    It does work perfectly with that feature i.e. dynamic allocation of IPs.

    To answer your question:- "As the Pod subnet is coming from the same VNET , hence control plane communication will not impact even if you are using the Authorized IP ranges, and the feature also works with Private AKS clusters."



    0 comments No comments

0 additional answers

Sort by: Most helpful