Merge pull request #268533 from bwren/aks-security

prmerger-automator[bot] · web-flow · commit 996611ba9949 · 2024-03-13T12:38:21.000Z
Container insights security notes for new agent
diff --git a/articles/aks/enable-fips-nodes.md b/articles/aks/enable-fips-nodes.md
@@ -16,6 +16,9 @@ The Federal Information Processing Standard (FIPS) 140-2 is a US government stan
 
 * Azure CLI version 2.32.0 or later installed and configured. Run `az --version` to find the version. For more information about installing or upgrading the Azure CLI, see [Install Azure CLI][install-azure-cli].
 
+> [!NOTE]
+>   AKS Monitoring Addon supports FIPS enabled node pools with Ubuntu, Azure Linux, and Windows starting with Agent version 3.1.17 (Linux) and Win-3.1.17 (Windows).
+
 ## Limitations
 
 * FIPS-enabled node pools have the following limitations:
diff --git a/articles/azure-monitor/containers/container-insights-overview.md b/articles/azure-monitor/containers/container-insights-overview.md
@@ -24,9 +24,7 @@ Container insights sends data to a [Log Analytics workspace](../logs/data-platfo
 
 :::image type="content" source="media/container-insights-overview/aks-monitor-data.png" lightbox="media/container-insights-overview/aks-monitor-data.png" alt-text="Diagram of collection of monitoring data from Kubernetes cluster using Container insights and related services." border="false":::
 
-
-
-### Supported configurations
+## Supported configurations
 Container insights supports the following environments:
 
 - [Azure Kubernetes Service (AKS)](../../aks/index.yml)
@@ -46,6 +44,11 @@ Container insights supports the following environments:
 >
 > Container insights support for Windows Server 2022 operating system is in public preview.
 
+## Security
+
+- Container Insights supports FIPS enabled Linux and Windows node pools starting with Agent version 3.1.17 (Linux)  & Win-3.1.17 (Windows).
+- Starting with Agent version 3.1.17 (Linux) and Win-3.1.17 (Windows), Container Insights agents images (both Linux and Windows) are signed and  for Windows agent,  binaries inside the container are signed as well
+
 ## Access Container insights
 
 Access Container insights in the Azure portal from **Containers** in the **Monitor** menu or directly from the selected AKS cluster by selecting **Insights**. The Azure Monitor menu gives you the global perspective of all the containers that are deployed and monitored. This information allows you to search and filter across your subscriptions and resource groups. You can then drill into Container insights from the selected container. Access Container insights for a particular cluster from its page in the Azure portal.
