How do I add cuustom seccomp profiles to aks nodes

Edik Mkoyan 0 Reputation points
2023-11-21T11:45:45.97+00:00

It seems that neither custom image, not inflight image modifications are allowed for aks nodes. However one may need to add custom seccomp profiles to /var/lib/kubernetes/seccomp/profiles on the aks node. I didn't find a proper document on that. Azure documentation suggess sshing to the node and adding the file, however I hardly can find aks node use case description of that process. Please assist.

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,989 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,271 questions
{count} votes

1 answer

Sort by: Most helpful
  1. anrodrigues-MSFT 0 Reputation points Microsoft Employee
    2023-11-21T17:40:55.12+00:00

    Hi @Edik Mkoyan
    Thank you for reaching out to the Microsoft Q&A platform.

    It seems that what are you trying to achieve is explained in this documentation here: https://learn.microsoft.com/en-us/azure/aks/operator-best-practices-cluster-security?tabs=azure-cli#secure-computing

    If you have any questions, please drop a comment by tagging my userid @anrodrigues-MSFT If this does answer your question, please accept it as the answer as a token of appreciation.