AKS support for regulated industries
Share
Services
Regulated industries, such as healthcare and finance, typically have stringent requirements that organisations must comply with for their workloads. AKS for regulated industries, a collection of guidance, benchmarks, best practices and features, makes it easier for regulated industries to use AKS for their regulated workloads.
The following are key elements that make up AKS for regulated industries:
* AKS cluster baseline for regulated workloads: A reference architecture and implementation to make it easier to get started. [Learn more](https://aka.ms/architecture/aks-baseline).
* AKS payment card industry (PCI) guidance: Reference guidance to help organisations achieve compliance with PCI standards required of for storing, processing and transmitting payment and cardholder data.
* CIS AKS benchmark: AKS Security Benchmark v1.0.0 published by the Center of Internet Security (CIS), specific to AKS allows you to use checklist and benchmark tools to validate compliance of your AKS clusters. The CIS AKS foundations benchmarks are in alignment with the Microsoft-recommended security best practices defined in [Azure Security Benchmark control](https://docs.microsoft.com/en-us/security/benchmark/azure/overview) and service baseline for AKS. A mapping between the Azure Security Benchmark and CIS AKS Security Benchmark has been included in the CIS AKS Benchmark.
To learn more, visit <https://aka.ms/aks/cis-benchmark> and [Azure security baseline for Azure Kubernetes Service | Microsoft Docs](https://docs.microsoft.com/en-us/security/benchmark/azure/baselines/aks-security-baseline)
* Azure RBAC for Kubernetes authorisation feature (generally available): Enables unified management and centralised access control across Azure and AKS resources at scale. For more details, see [Azure RBAC for Kubernetes authorisation announcement](https://azure.microsoft.com/updates/general-availability-azure-rbac-for-kubernetes-authorization-in-aks/).
* Federal Information Processing Standards (FIPS)-compliant nodes feature (in preview): Allows you to achieve and apply FEDRAMP compliance required for meeting the mandated data security and computing standards. For more details, see [FIPS-compliant nodes feature](https://azure.microsoft.com/updates/preview-aks-support-for-fips-compliant-nodes/).
* CSI secret store feature (in preview): Provides a more secure and easier integration mechanism for accessing secrets stores in AKS via the container’s file system. For more details, see [AKS support for CSI secret store (preview) announcement](https://azure.microsoft.com/en-us/updates/public-preview-aks-support-for-secrets-store-container-storage-interface/).
[Learn more](https://aka.ms/aks/baseline-regulated).
* Azure Kubernetes Service (AKS)
* Compliance
* Features
* [ Azure Kubernetes Service (AKS)](https://azure.microsoft.com/en-gb/products/kubernetes-service/)
What else is happening at Microsoft Azure?
Read update
Services
Share
Read update
Services
Share
We’re retiring Azure Time Series Insights on 7 July 2024 – transition to Azure Data Explorer
May 31st, 2024
Services
Share