In this chapter, we added access control to our guestbook application without actually changing the source code of it by using the sidecar pattern in Kubernetes (https://kubernetes.io/blog/2015/06/the-distributed-system-toolkit-patterns/). We started by getting the Kubernetes ingress objects to redirect to a https://.... secured site. Then we installed the certificate manager that interfaces with the LetsEncrypt API to request a certificate for the domain name you specified in the next steps. We leveraged a Certificate Issuer, which gets the certificate from LetsEncrypt, and created the actual certificate for a given Fully-Qualified Domain Name (FQDN). We then created an Ingress to the service with the certificate we'd created. Finally, we jumped into authentication (AuthN) and authorization (AuthZ), and showed you how to leverage AzureAD as an authentication provider for the guestbook application.

You learned how to secure your applications on an enterprise scale. By integrating with Azure Active Directory, you can enable any application to link to an organization's Active Directory. This alone is worth more than the price of this book.

In the next chapter, you will learn how to be a superhero, by predicting and fixing issues before they occur through proactive monitoring and alerts. You will also learn to use your X-ray vision to quickly identify root causes when errors do occur, and learn how to debug applications running on AKS. You will be able to perform the right fixes once you have identified the root cause.