Installing Lazsa Orchestrator Agent in Microsoft AKS Cluster by Using mTLS

The Lazsa Platform is a SaaS offering hosted on AWS. When you install and set up an Orchestrator Agent in an AKS cluster, you must use the mutual Transport Layer Security (mTLS) method to establish a secure and authenticated connection between the Lazsa Orchestrator Agent deployed within your Azure account, and the Lazsa Platform, hosted on AWS.

Mutual TLS or mTLS is a mutual authentication method that ensures the identity of the parties at each end of a network connection by validating that both have the correct private key. In this method, the agent service needs to be exposed via public DNS.

In mTLS, both the client and the server use the X.509 digital certificates to authenticate each other.

Note:

You need a public DNS to connect to the Lazsa Orchestrator Agent from the Lazsa Platform. Register your Ingress controller external IP address (LB) with the public DNS record. This record is used as an Orchestrator Agent DNS. . You must provide this DNS on the Lazsa Platform UI during agent installation.

To understand the complete procedure of installing Lazsa Orchestrator Agent in an AKS cluster by using mTLS, refer to the following topics: