You can configure to allow access to the administration REST API only for the requests coming from a machine with the specified IP addresses. This configuration prevents unauthorized and malicious access attempts.
Perform the following steps to restrict access based on the IP address:
Log in to the Azure portal.
Select Resource groups.
In the resource groups list, find the relevant resource group in the following format:
MC_<your-resource-group-name>_<aks-cluster-name>_<geo location>
In the selected resource group, select Network Security Group. A list of inbound security rules is displayed.
Edit the security rule with port 443.
Change the Source to IP addresses.
Specify the comma-delimited list of IP addresses or IP range in Source IP addresses. For example:
192.168.0.101
192.168.0.101, 192.168.0.156 (two IP addresses)
Click Save. Changes might take 1 or 2 minutes to take effect.