Configure AKS API server authorized IP ranges with Azure Dev Spaces

Info.nl Vasil Panushev 51 Reputation points
2021-02-08T14:34:26.763+00:00

Hi

we have an AKS on Azure with configured authorized IP ranges for the API server like described here: https://learn.microsoft.com/en-us/azure/aks/api-server-authorized-ip-ranges

We would like to enable the Dev Spaces feature for this AKS cluster.
This documentation: https://learn.microsoft.com/en-us/azure/dev-spaces/configure-networking#using-api-server-authorized-ip-ranges states following:

To use Azure Dev Spaces when using this additional security while creating your cluster, you must allow additional ranges based on your region.

The "additional ranges based on your region" is a link to this: https://learn.microsoft.com/en-us/azure/virtual-network/service-tags-overview#available-service-tags which however is relevant for Azure Firewall and Network Security Group configurations.

The authorized IP ranges configuration in AKS is just a list of CIDRs, and I see on obvious way to add a service tag there.

How can the Azure Region be whitelisted in this case?

Thank you
Vasil

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,888 questions
0 comments No comments
{count} votes

Accepted answer
  1. vipullag-MSFT 24,871 Reputation points
    2021-02-09T12:55:58.887+00:00

    @Info.nl Vasil Panushev

    Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.

    Your issue: As per documentation, there is a tag for azuredevspace. How can the Azure Region be whitelisted in this case?

    For authorizing IP ranges for azure devspaces for AKS api server, you can download this list of Azure cloud IP's based on the tags.
    This is a JSON file which contains the public IP's, in this you can get the IP range information of the region you are looking for and whitelist it.

    For Ex: IP range for WestEurope region.

    65853-dev-spaces-ip.jpg

    Hope this helps.

    Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics.

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful