When an Azure Container Service (unmanaged) is created using the Azure portal the ssh port 22 & kube tls port 443 are exposed on the internet. I would like to remove default SSH access and only allow kube tls from a specific public ip.
Is this a good practice or will this break the service?
Kind Regards
To manage Kubernetes cluster you only need access to Kubernetes API server port. Closing SSH port shouldn't break Kubernetes functionality.
You might need to open additional resources when you start configuring external access to your application inside the cluster.