Hi, you can use Azure Firewall's IP as your AKS source IP and dnat traffic to your AKS service. Reference: https://video2.skills-academy.com/en-us/azure/firewall/protect-azure-kubernetes-service#restrict-ingress-traffic-using-azure-firewall . This way you can control both outbound and inbound traffic via Azure Firewall.
Azure Firewall Load Balancer
Nick Diaz
281
Reputation points
I have currently configured my firewall to limit outbound outbound traffic which is working at the moment but would like to expand this to include inbound traffic as well. We also have, a public Load Balancer which is making it complicated complicated With the firewall in place, I am currently forcing all traffic from the AKS clusters to the Azure Firewall via a Next Hop to its internal IP Address
Any suggestions either for the current implementation or best practise also keeping in mind for future planning would be most helpful
1 answer
Sort by: Most helpful
-
msrini-MSFT 9,271 Reputation points Microsoft Employee
2023-07-27T14:09:48.56+00:00