メインコンテンツへスキップ

Setup Multicloud Connectors

Implementation Effort: High
Setting up multicloud connectors requires configuring integrations with AWS, GCP, and potentially on-prem Kubernetes clusters, which involves coordination across cloud teams, identity, and network configurations.

User Impact: Low
This setup is handled by administrators and security teams; end users are not directly impacted or required to take action.

Overview

Setting up multicloud connectors in Microsoft Defender for Containers enables security visibility and threat protection across Kubernetes clusters hosted in AWS (EKS), Google Cloud (GKE), and on-premises environments via Azure Arc-enabled Kubernetes. This configuration allows Defender for Cloud to monitor workloads, detect threats, and enforce security policies across heterogeneous environments.

The process involves:

  • Connecting AWS and GCP accounts to Microsoft Defender for Cloud.
  • Enabling Defender for Containers on those cloud environments.
  • Ensuring network connectivity for telemetry and threat data to flow into Azure Monitor and Log Analytics.
  • Optionally using automation to deploy connectors at scale.

This setup supports the Zero Trust principle of "Assume Breach" by extending threat detection and visibility across all containerized environments, reducing blind spots and enabling faster incident response.

Risks if not implemented: Without these connectors, container workloads in non-Azure environments remain unmonitored, increasing the risk of undetected threats and compliance gaps.

Reference