Use kube-audit-admin instead of kube-audit #2450
Labels
good first issue
Good for newcomers
help wanted
Extra attention is needed
pillar: cost-optimization
Aligned to the Cost Optimization pillar.
rule: azure-kubernetes-service
Rules for Azure Kubernetes Service
Existing rule
None
Suggested rule
Create a new rule
Azure.AKS.AuditAdmin
to flag when thekube-audit
log is collected with diagnostic settings.When
kube-audit
is enabled, this can significantly increase cost for monitoring AKS clusters.Instead enable collection for
kube-audit-admin
, which excludes the get and list audit events, but includes changes.Pillar
Cost Optimization
Additional context
Related to #2249
The text was updated successfully, but these errors were encountered: