The AKS vs GKE Security Showdown

A brief comparison between the Managed Kubernetes solutions from Microsoft and Google, from a security perspective.

It is nearly a year since Microsoft has launched Azure Kubernetes Services into public preview. I have spent a fair amount of time looking at the AKS solution and you can read my earlier posts on here.

Given that AKS has made it to Generally Available a few months ago, I wanted to compare it with its biggest rival: Google’s GKE, which became production grade over 3 years now.

Being a security professional (or security paranoid), and considering that both are managed services, the key comparison points will be around built-in security features. Here’s what I came up with:

Going through the current supported security features, GKE is looking a lot safer than AKS. Over the last 3 years GKE has been iteratively improving, arriving where it is now.

Outside the security arena, the new challenger has brought to the table some interesting features and a seamless integration with its toolset. If Microsoft keeps up the good work (and investment), in a few years’ time AKS may be able to match up to its rival.

For the time being, although both are publicised as Generally Available, it is clear that AKS need some serious security enhancements to make it viable for anything that goes near Personal Data or Payment Card Information.