search

Azure / azure-service-operator

Azure Service Operator allows you to create Azure resources using kubectl
https://azure.github.io/azure-service-operator/
MIT License
738 stars 194 forks source link

Feature: Add support for Azure policy (definition, assignment, and remediation) #2767

Open sudivate opened 1 year ago

sudivate commented 1 year ago

AKS and Arc enabled cluster offers GitOps configuration using Flux V2 both by point-to-point per cluster and at scale (multi-cluster) through Azure Policies. Teams leveraging K8s-style infrastructure control planes can use control planes like Azure Service Operator to define Azure policies in declarative YAML and apply them through GitOPs in multi-cluster scenario. 

graph LR
    A[User] -->|AzurePolicy.yaml| B(Git Repo)
    B -->|Reconcile| X    
    subgraph controlplane[Control Plane Cluster]
    X[Flux] ---> Y[ASO] 
    end    
    Y -->D[AKS/Arc Cluster-1 ]
    Y -->E[AKS/Arc Cluster-2 ]
    Y -->F[AKS/Arc Cluster-n ]
dtzar commented 1 year ago

This is also an important feature to help with automation for other things such as managed prometheus.

matthchr commented 1 month ago

Definitely still interested in doing this.

matthchr commented 1 month ago

It looks like some important resources here are: