Bemærk
Adgang til denne side kræver godkendelse. Du kan prøve at logge på eller ændre mapper.
Adgang til denne side kræver godkendelse. Du kan prøve at ændre mapper.
After deploying Microsoft Defender for Containers components, verify that the sensor and related extensions are running correctly on your cluster.
Verify recommendation health
If you deployed Defender components by remediating a security recommendation:
Sign in to the Azure portal.
Go to Microsoft Defender for Cloud > Recommendations.
Locate the relevant recommendation.
Confirm that the recommendation status changes to Healthy.
Verify Defender sensor deployment
To verify that the Defender sensor is enabled:
For AKS clusters:
az aks show \
--name <aks-cluster-name> \
--resource-group <resource-group> \
--query "securityProfile.defender.securityMonitoring.enabled"
The output should be true.
For Arc-enabled clusters and Helm:
az k8s-extension list \
--cluster-name <cluster-name> \
--resource-group <resource-group> \
--cluster-type connectedClusters \
--subscription <subscription-id> \
--query "[?extensionType=='microsoft.azuredefender.kubernetes' && provisioningState=='Succeeded']"
The command should return a non-empty array if the extension was installed successfully.
Verify Azure Policy add-on on AKS
To verify that the Azure Policy add-on is enabled:
az aks show \
--name <aks-cluster-name> \
--resource-group <resource-group> \
--query addonProfiles.azurepolicy
The output should show enabled: true.
Verify extension installation for Arc-enabled clusters
For Amazon EKS, Google Kubernetes Engine (GKE), and Arc-enabled Kubernetes clusters, Defender components are installed as Azure Arc Kubernetes extensions.
To verify extension installation:
Sign in to the Azure portal.
Go to Azure Arc > Kubernetes clusters.
Select your Arc-enabled Kubernetes cluster.
In the cluster resource, select Extensions.
Confirm that the following extensions show Succeeded:
- Microsoft Defender for Containers
- Azure Policy for Kubernetes (if enabled)
You can also select the Microsoft Defender for Containers extension to view its status and configuration details.
Verify Defender sensor pods
Verify that the Defender sensor pods are running in the cluster.
For AKS clusters:
kubectl get pods -n kube-system -l app=defender
For Arc-enabled clusters and Helm:
kubectl get pods -n mdc -l app=defender-k8s-sensor
Confirm that the Defender sensor pods are in a Running state.
Verify the Defender DaemonSet (Arc-enabled clusters and Helm)
You can also verify that the Defender DaemonSet is deployed correctly.
kubectl get ds -n mdc microsoft-defender-collectors-ds
Confirm that the DESIRED, CURRENT, and READY values match the number of cluster nodes.