Case #
You try to browse a private Azure AKS cluster within the Azure portal and you receive the following error: "Private clusters require that the browser is running on a machine that has access to the AKS cluster's Azure Virtual Network". This article provides guidance on how to resolve this Azure AKS private cluster connection error.
Solution #
The message in the Azure portal is expected (by design) since the AKS cluster is private. Review the following: https://github.com/Azure/AKS/issues/3254. You need to either use a jump server inside the azure aks vnet (or a VNET peered to the AKS VNET) or if your own machine can connect to Azure via hybrid networking (vpn, expressroute) and the vpn gateway vnet is peered with the aks vnet you can also access it that way. Therefore, access to the private AKS cluster should be done from an endpoint located either in the AKS VNET or in a VNET that has peering with the AKS VNET. Normally there should be a jumpbox virtual machine in your Azure subscription for this management access scenario (probably accessible via RDP or SSH via Azure bastion). Otherwise you should investigate in more detail your on-premise and cloud networking configuration to ensure that you are allowing cluster traffic to the AKS cluster.
