AKS Add-ons
What Are AKS Add-ons?
AKS add-ons are modular, fully supported components that extend the functionality of Azure Kubernetes Service (AKS) clusters. They simplify the integration of common services — such as monitoring, ingress, policy enforcement, and identity — by managing installation, configuration, and lifecycle directly through the AKS control plane.
Add-ons are managed using the Azure CLI (az aks addon), ARM templates, or Bicep, and are versioned and updated in alignment with AKS releases. Microsoft ensures compatibility and support for these add-ons, unlike third-party or open-source integrations which may not be covered under the AKS support policy.
Key AKS Add-ons
Below is a list of some of the most commonly used AKS add-ons.
| Add-on | Description |
|---|---|
| Monitoring | Enables Azure Monitor (Container Insights) and/or Managed Prometheus for observability. |
| Azure Policy | Enforces governance rules at scale using Azure Policy for Kubernetes. |
| Ingress Application Gateway (AGIC) | Integrates Azure Application Gateway as an ingress controller for HTTP(S) traffic. |
| Virtual Node | Allows burstable workloads to run on Azure Container Instances (ACI) without managing additional VMs. |
| Azure Key Vault Secrets Provider | Mounts secrets from Azure Key Vault into pods using the CSI driver. |
| GitOps | Enables GitOps-based deployment using Flux v2. |
| Web Application Routing | Simplifies DNS and ingress setup for web apps (preview). |
| KEDA | Provides event-driven autoscaling for Kubernetes workloads. |
| Open Service Mesh (retired) | Previously offered service mesh capabilities; now deprecated. |
You can also get a full list of available add-ons by running the following command:
az aks addon list-available --resource-group <rg> --name <cluster> --output table