Skip to content

Commit 5653db8

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #208728 from miwithro/patch-163
Update operator-best-practices-cluster-security.md
2 parents 624c9ad + 9363c94 commit 5653db8

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

articles/aks/operator-best-practices-cluster-security.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -95,7 +95,7 @@ For even more granular control of container actions, you can also use built-in L
9595
Built-in Linux security features are only available on Linux nodes and pods.
9696

9797
> [!NOTE]
98-
> Currently, Kubernetes environments aren't completely safe for hostile multi-tenant usage. Additional security features, like *AppArmor*, *seccomp*,*Pod Security Policies*, or Kubernetes RBAC for nodes, efficiently block exploits.
98+
> Currently, Kubernetes environments aren't completely safe for hostile multi-tenant usage. Additional security features, like *Microsoft Defender for Containers* *AppArmor*, *seccomp*,*Pod Security Admission*, or Kubernetes RBAC for nodes, efficiently block exploits.
9999
>
100100
>For true security when running hostile multi-tenant workloads, only trust a hypervisor. The security domain for Kubernetes becomes the entire cluster, not an individual node.
101101
>

0 commit comments

Comments
 (0)