Securing AKS in peered virtual networks using only network security groups (NSGs)

AKS protection using only NSGs

If you have an Azure Kubernetes Cluster deployed in a virtual network, you most probably have the network peered to other networks. Perhaps you have a hub spoke topology in the cloud, perhaps you are connected to on-prem network, or even a combination of both (even hub / hub /spoke is not uncommon).