Azure Kubernetes Service Series
Using AppArmor in Azure Kubernetes Service
Azure | Kubernetes | DevOps | AppArmor | Security | Docker
What is AppArmor
AppArmor is a Linux Kernal Security Module which allows Sys admin to restrict programs access to certain resources defined in profiles. The security profile allows or disallows specific capabilities, such as network access or file rwx permissions etc. AppArmor can be configured for any application to reduce its potential attack surface and provide a greater in-depth defense.
AppArmor does this with profiles loaded into the kernel when the system starts. It’s a Mandatory Access Control or MAC that binds access control attributes to programs rather than to users. It works as a profile loaded into the kernel at boot level.
There are 2 types of profiles in AppArmor (saved at /etc/apparmor.d)/ —
Enforcement: enforcement of the policy defined in the profile as well as reporting policy violation attempts (either via Syslog or audits).Complain: report policy violation attempts only
AppArmor in Docker
Consider there is a Ubuntu Linux node and you have AppArmor configured on it. By the way In…
