Skip to main content

Sample Azure AKS RQL Queries#

note

The following guide will walk you through Azure Kubernetes Service RQL Query Examples

Authorized IPs that will connect to the cluster are not set#

config from cloud.resource where cloud.type = 'azure' AND api.name = 'azure-kubernetes-cluster' AND json.rule = properties.apiServerAuthorizedIPRanges does not exist or properties.apiServerAuthorizedIPRanges is empty

Pod Security Policies are not used#

config from cloud.resource where cloud.type = 'azure' AND api.name = 'azure-kubernetes-cluster' AND json.rule = properties.enablePodSecurityPolicy does not exist or properties.enablePodSecurityPolicy is false

AKS cluster not integrated with AAD#

config from cloud.resource where cloud.type = 'azure' AND api.name = 'azure-kubernetes-cluster' AND json.rule = properties.aadProfile exists
Last updated on by csestito