Azure Kubernetes Service Series

Using AppArmor in Azure Kubernetes Service

Azure | Kubernetes | DevOps | AppArmor | Security | Docker

Arun Kumar Singh
5 min readSep 16, 2021

--

What is AppArmor

AppArmor is a Linux Kernal Security Module which allows Sys admin to restrict programs access to certain resources defined in profiles. The security profile allows or disallows specific capabilities, such as network access or file rwx permissions etc. AppArmor can be configured for any application to reduce its potential attack surface and provide a greater in-depth defense.

AppArmor does this with profiles loaded into the kernel when the system starts. It’s a Mandatory Access Control or MAC that binds access control attributes to programs rather than to users. It works as a profile loaded into the kernel at boot level.

There are 2 types of profiles in AppArmor (saved at /etc/apparmor.d)/ —

  • Enforcement: enforcement of the policy defined in the profile as well as reporting policy violation attempts (either via Syslog or audits).
  • Complain: report policy violation attempts only

AppArmor in Docker

Consider there is a Ubuntu Linux node and you have AppArmor configured on it. By the way In…

--

--

Arun Kumar Singh
Arun Kumar Singh

Written by Arun Kumar Singh

In quest of understanding How Systems Work !

No responses yet