Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Instance Metadata endpoint Restriction #2823

Closed
miwithro opened this issue Mar 2, 2022 · 20 comments
Closed

Instance Metadata endpoint Restriction #2823

miwithro opened this issue Mar 2, 2022 · 20 comments
Assignees
@charleswool
Labels
feature-request Requested Features security

Comments

@miwithro
Copy link
Contributor

miwithro commented Mar 2, 2022

Enable a Feature to allow customers to prevent unprivileged pods from accessing HostNetwork which provides access to the IMDS endpoint.
@miwithro miwithro pinned this issue Mar 2, 2022
@miwithro miwithro unpinned this issue Mar 2, 2022
@ghost ghost added the action-required label Mar 28, 2022
@ghost
Copy link

ghost commented Apr 2, 2022

Action required from @Azure/aks-pm

@ghost ghost added the Needs Attention 👋 Issues needs attention/assignee/owner label Apr 2, 2022
@miwithro miwithro removed action-required Needs Attention 👋 Issues needs attention/assignee/owner labels Apr 4, 2022
@ghost ghost added the action-required label Apr 29, 2022
@ghost
Copy link

ghost commented May 4, 2022

Action required from @Azure/aks-pm

@ghost ghost added the Needs Attention 👋 Issues needs attention/assignee/owner label May 4, 2022
@CocoWang-wql CocoWang-wql removed action-required Needs Attention 👋 Issues needs attention/assignee/owner labels May 4, 2022
@ghost ghost added the action-required label May 29, 2022
@ghost
Copy link

ghost commented Jun 3, 2022

Action required from @Azure/aks-pm

@ghost ghost added the Needs Attention 👋 Issues needs attention/assignee/owner label Jun 3, 2022
@miwithro miwithro added the feature-request Requested Features label Jun 3, 2022
@ghost ghost removed action-required Needs Attention 👋 Issues needs attention/assignee/owner labels Jun 3, 2022
@ghost ghost added the action-required label Dec 1, 2022
@ghost
Copy link

ghost commented Dec 6, 2022

Action required from @Azure/aks-pm

@ghost ghost added the Needs Attention 👋 Issues needs attention/assignee/owner label Dec 6, 2022
@ghost
Copy link

ghost commented Dec 21, 2022

Issue needing attention of @Azure/aks-leads

@CocoWang-wql CocoWang-wql removed feature-request Requested Features action-required Needs Attention 👋 Issues needs attention/assignee/owner labels Dec 21, 2022
@ghost ghost added the action-required label Jan 15, 2023
@ghost ghost added the action-required label Jun 12, 2023
@ghost
Copy link

ghost commented Jun 17, 2023

Action required from @Azure/aks-pm

@ghost ghost added the Needs Attention 👋 Issues needs attention/assignee/owner label Jun 17, 2023
@CocoWang-wql CocoWang-wql removed action-required Needs Attention 👋 Issues needs attention/assignee/owner labels Jul 1, 2023
@mieky mieky mentioned this issue Jul 4, 2023
Open
@mieky
Copy link

mieky commented Jul 4, 2023

The documented instructions for IMDS hardening were proven problematic to achieve by manual means (on Azure CNI at least), as azure-npm doesn't cope well with introducing a large number of NetworkPolicy objects at once.

I wish there was a recommended way of achieving this, especially for someone using Azure CNI.

@ghost ghost added the action-required label Jul 29, 2023
@ghost
Copy link

ghost commented Aug 3, 2023

Action required from @Azure/aks-pm

@ghost ghost added the Needs Attention 👋 Issues needs attention/assignee/owner label Aug 3, 2023
@microsoft-github-policy-service microsoft-github-policy-service bot added the stale Stale issue label Feb 2, 2024
@microsoft-github-policy-service Microsoft GitHub Policy Service
Copy link
Contributor

This issue has been automatically marked as stale because it has not had any activity for 60 days. It will be closed if no further activity occurs within 15 days of this comment.

@microsoft-github-policy-service Microsoft GitHub Policy Service
Copy link
Contributor

Issue needing attention of @Azure/aks-leads

@microsoft-github-policy-service Microsoft GitHub Policy Service
Copy link
Contributor

This issue will now be closed because it hasn't had any activity for 7 days after stale. miwithro feel free to comment again on the next 7 days to reopen or open a new issue after that time if you still have a question/issue or suggestion.

@aritraghosh aritraghosh reopened this Jul 23, 2024
@microsoft-github-policy-service microsoft-github-policy-service bot removed stale Stale issue action-required Needs Attention 👋 Issues needs attention/assignee/owner labels Jul 23, 2024
@aritraghosh aritraghosh added the feature-request Requested Features label Jul 23, 2024
@microsoft-github-policy-service Microsoft GitHub Policy Service
Copy link
Contributor

@miwithrow, @CocoWang-wql would you be able to assist?

@palma21
Copy link
Member

palma21 commented Sep 9, 2024

Closing as duplicate of #4037

@palma21 palma21 closed this as completed Sep 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@charleswool charleswool

Labels
feature-request Requested Features security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@mieky @aritraghosh @palma21 @CocoWang-wql @miwithro @charleswool