Add ServiceTags for login.microsoft.com and arm api endpoint in NSG
Kubernetes requires access to the different endpoint to perform automation.
We also need to restrict internet access with an outbound rule. It would be best if we could configured the NSG to prevent internet access while keeping the access to the internal Azure endpoints.
Thanks for the feedback, we are currently onboarding this service, looking forward to enable service tag for ARM :)
Please create an AKS service tag for outbound rules on the NSG. Ideally, that would allow access for all the endpoints listed in this doc: https://docs.microsoft.com/en-us/azure/aks/limit-egress-traffic