|
212 | 212 | href: kubernetes-dashboard.md |
213 | 213 | - name: Security and authentication |
214 | 214 | items: |
215 | | - - name: Create service principal |
216 | | - href: kubernetes-service-principal.md |
217 | | - - name: Use managed identities |
218 | | - href: use-managed-identity.md |
219 | | - - name: Use AAD pod identity (preview) |
220 | | - href: use-azure-ad-pod-identity.md |
221 | | - - name: Limit access to cluster configuration file |
222 | | - href: control-kubeconfig-access.md |
223 | | - - name: Secure pod traffic with network policies |
224 | | - href: use-network-policies.md |
225 | | - - name: Use Azure Policy |
226 | | - href: use-azure-policy.md |
227 | | - - name: Use pod security policies (preview) |
228 | | - href: use-pod-security-policies.md |
229 | | - - name: Define API server authorized IP ranges |
230 | | - href: api-server-authorized-ip-ranges.md |
231 | | - - name: Control deployments with Azure Policy |
232 | | - href: ../governance/policy/concepts/policy-for-kubernetes.md?toc=/azure/aks/toc.json |
233 | | - - name: Update cluster credentials |
234 | | - href: update-credentials.md |
235 | | - - name: Enable Azure Active Directory integration |
236 | | - items: |
237 | | - - name: AKS-managed Azure AD |
238 | | - href: managed-aad.md |
239 | | - - name: Azure AD integration (legacy) |
240 | | - href: azure-ad-integration-cli.md |
241 | | - - name: Enable GMSA integration (Preview) |
242 | | - href: use-group-managed-service-accounts.md |
243 | | - - name: Use Azure RBAC for Kubernetes Authorization |
244 | | - href: manage-azure-rbac.md |
245 | | - - name: Use Kubernetes RBAC with Azure AD integration |
246 | | - href: azure-ad-rbac.md |
| 215 | + - name: Overview of Defender for Containers |
| 216 | + href: ../defender-for-cloud/defender-for-containers-introduction.md?tabs=defender-for-container-arch-aks#what-are-the-benefits-of-microsoft-defender-for-containers |
| 217 | + maintainContext: true |
| 218 | + - name: Enable Defender for Containers |
| 219 | + href: ../defender-for-cloud/defender-for-containers-enable.md?tabs=aks-deploy-portal%2Ck8s-deploy-asc%2Ck8s-verify-asc%2Ck8s-remove-arc%2Caks-removeprofile-api&pivots=defender-for-container-aks |
247 | 220 | maintainContext: true |
248 | | - - name: Rotate certificates |
249 | | - href: certificate-rotation.md |
250 | | - - name: BYOK for disks |
251 | | - href: azure-disk-customer-managed-keys.md |
252 | | - - name: Enable host-based encryption |
253 | | - href: enable-host-encryption.md |
254 | | - - name: Secrets Store CSI Driver |
| 221 | + - name: Build security |
| 222 | + items: |
| 223 | + - name: Scan images in your CI/CD Workflow |
| 224 | + href: ../defender-for-cloud/defender-for-container-registries-cicd.md |
| 225 | + maintainContext: True |
| 226 | + - name: Registry security |
255 | 227 | items: |
256 | | - - name: Secrets Store CSI Driver configuration |
257 | | - href: csi-secrets-store-driver.md |
258 | | - - name: Provide Azure Key Vault access |
259 | | - href: csi-secrets-store-identity-access.md |
260 | | - - name: Configure TLS for NGINX ingress controller |
261 | | - href: csi-secrets-store-nginx-tls.md |
262 | | - - name: Troubleshooting |
263 | | - href: csi-secrets-store-troubleshooting.md |
| 228 | + - name: Scanning images in ACR registries |
| 229 | + href: ../defender-for-cloud/defender-for-containers-introduction.md?tabs=defender-for-container-arch-aks#vulnerability-assessment |
| 230 | + maintainContext: True |
| 231 | + - name: Cluster security |
| 232 | + items: |
| 233 | + - name: Create service principal |
| 234 | + href: kubernetes-service-principal.md |
| 235 | + - name: Use managed identities |
| 236 | + href: use-managed-identity.md |
| 237 | + - name: Limit access to cluster configuration file |
| 238 | + href: control-kubeconfig-access.md |
| 239 | + - name: Define API server authorized IP ranges |
| 240 | + href: api-server-authorized-ip-ranges.md |
| 241 | + - name: Update cluster credentials |
| 242 | + href: update-credentials.md |
| 243 | + - name: Enable Azure Active Directory integration |
| 244 | + items: |
| 245 | + - name: AKS-managed Azure AD |
| 246 | + href: managed-aad.md |
| 247 | + - name: Azure AD integration (legacy) |
| 248 | + href: azure-ad-integration-cli.md |
| 249 | + - name: Enable GMSA integration (Preview) |
| 250 | + href: use-group-managed-service-accounts.md |
| 251 | + - name: Use Azure RBAC for Kubernetes authorization |
| 252 | + href: manage-azure-rbac.md |
| 253 | + - name: Use Kubernetes RBAC with Azure AD integration |
| 254 | + href: azure-ad-rbac.md |
| 255 | + - name: Rotate certificates |
| 256 | + href: certificate-rotation.md |
| 257 | + - name: Use Azure Policy |
| 258 | + href: use-azure-policy.md |
| 259 | + - name: Control deployments with Azure Policy |
| 260 | + href: ../governance/policy/concepts/policy-for-kubernetes.md?toc=/azure/aks/toc.json |
| 261 | + maintainContext: true |
| 262 | + - name: Node security |
| 263 | + items: |
| 264 | + - name: BYOK for disks |
| 265 | + href: azure-disk-customer-managed-keys.md |
| 266 | + - name: Enable host-based encryption |
| 267 | + href: enable-host-encryption.md |
| 268 | + - name: Application security |
| 269 | + items: |
| 270 | + - name: Use Azure AD pod identity (preview) |
| 271 | + href: use-azure-ad-pod-identity.md |
| 272 | + - name: Secure pod traffic with network policies |
| 273 | + href: use-network-policies.md |
| 274 | + - name: Use pod security policies (preview) |
| 275 | + href: use-pod-security-policies.md |
| 276 | + - name: Secrets Store CSI Driver |
| 277 | + items: |
| 278 | + - name: Secrets Store CSI Driver configuration |
| 279 | + href: csi-secrets-store-driver.md |
| 280 | + - name: Provide Azure Key Vault access |
| 281 | + href: csi-secrets-store-identity-access.md |
| 282 | + - name: Configure TLS for NGINX ingress controller |
| 283 | + href: csi-secrets-store-nginx-tls.md |
| 284 | + - name: Troubleshooting |
| 285 | + href: csi-secrets-store-troubleshooting.md |
264 | 286 | - name: Configure private clusters |
265 | 287 | items: |
266 | 288 | - name: Create a private cluster |
|
0 commit comments