Catégorie : Azure

Microsoft MVP Azure 2021-2022 !

Hi!

Its my immense pleasure to share you that I have been awarded as Microsoft Most Valuable Professional (MVP) for the 5th time.

I would like to thanks Microsoft MVP Award team, Betsy and Rochelle. Finally, thanks to all my colleagues, blog readers and commentators. Congratulations to all the new and renewed MVP!

Maxime.

AKS | FIPS

Hi,

The Federal Information Processing Standard (FIPS) 140-2 is a US government standard that defines minimum security requirements for cryptographic modules in information technology products and systems. AKS allows you to create Linux-based node pools with FIPS 140-2 enabled. Deployments running on FIPS-enabled node pools can use those cryptographic modules to provide increased security and help meet security controls as part of FedRAMP compliance. 

In this article, I will show you how you can add a FIPS Node pool to an existing AKS cluster:

Install the aks-preview extension
az extension add --name aks-preview

Update the extension to make sure you have the latest version installed
az extension update --name aks-preview
az feature register --namespace "Microsoft.ContainerService" --name "FIPSPreview"
az feature list -o table --query "[?contains(name,'Microsoft.ContainerService/FIPSPreview')].{Name:name,State:properties.state}"
az provider register --namespace Microsoft.ContainerService
 
Add FIPS Node Pool to an existing AKS cluster
az aks nodepool add \
     --resource-group myResourceGroup \
     --cluster-name myAKSCluster \
     --name fipsnp \
     --enable-fips-image

az aks show --resource-group myResourceGroup --cluster-name myAKSCluster --query="agentPoolProfiles[].{Name:name enableFips:enableFips}" -o table
 Name       enableFips
 ---------  ------------
 fipsnp     True
 nodepool1  False  

Maxime.