Understanding the Importance of Authorized Access to ETCD
The ETCD is the key-value store of the cluster. Only the API needs a connection to the ETCD.
Access to ETCD corresponds to admin authorization in the cluster. Ideally, only the API server has authenticated and authorized access. In AKS, the ETCD is managed by Azure itself, however, it is not transparent how.
The following flags should be set in the ETCD yaml :
As in the API-SERVER yaml:
Please feel free to contact us for any question that is not answered yet.
We are looking forward to get in contact with you!