Build secure, flexible, AI-enabled applications with Azure Kubernetes Service

Building AI applications has never been more accessible. With advancements in tools and platforms, developers can now create sophisticated AI solutions that drive innovation and efficiency across various industries. For many, Kubernetes stands out as natural choice for running AI applications and agents due to its robust orchestration capabilities, scalability, and flexibility.  In this blog, we will explore the latest advancements in Azure Kubernetes Service (AKS) we are announcing at Microsoft Build 2025, designed to enhance flexibility, bolster security, and seamlessly integrate AI capabilities into your Kubernetes environments. These updates will empower developers to create sophisticated AI solutions, improve operational efficiency, and drive innovation across various industries. Let's dive into the key highlights:

Simplify building AI apps

Enhancing the intelligence and automation of your Kubernetes environments can greatly improve your operations and development workflows. New AKS features make it easier to integrate AI, simplify processes, streamline deployments, and get smart recommendations for optimizing workloads. This means you can deploy AI-powered apps more efficiently, save time with automated deployments, and receive tailored service recommendations to get you started faster.

• Deploy open-source and custom models from cloud to edge with the Kubernetes AI toolchain operator (KAITO) add-on for AKS and Arc extension. KAITO streamlines AI model deployment, fine-tuning, inferencing, and development on Kubernetes by providing dynamic scaling, version control, and resource optimization.
• Easily select the right Azure services for your applications with customized Azure service recommendations in Azure Portal. Once you have deployed your recommended services, you can use the service connector to easily connect the service to your AKS cluster.
• Streamline the path to cloud-native development with Automated Deployments in AKS. New support for Azure DevOps, AKS-ready templates, and service connectors make it easier than ever to generate Dockerfiles and Kubernetes manifests and connect your applications to popular Azure services.
• Simplify multi-cluster management and streamline GitOps workflows. Automated Deployments in Azure Kubernetes Fleet Manager (public preview) let you connect GitHub repositories to a hub cluster, enabling continuous deployment by building, containerizing, and staging applications with GitHub Actions triggered on code updates.

Kubernetes AI Toolchain operator

Operate with flexibility

In the ever-evolving landscape of app development, flexibility is often key to maintaining operational efficiency and adaptability while meeting the dynamic demands of your business. The latest updates in AKS aim to provide greater flexibility by simplifying management, improving resource utilization, and providing more control over your deployments. Whether you're looking to streamline namespace management, ensure concurrency control, or optimize VM selection, these new capabilities will help you achieve greater operational efficiency and adaptability in your AKS clusters.

• Gain more flexibility and control over your Kubernetes upgrade timelines with long term support (LTS), now for all Kubernetes versions after 1.27. LTS extends support by an extra year beyond the community end-of-life, giving you more time to plan and execute upgrades on your schedule. All AKS supported Kubernetes version release updates are available in AKS release tracker.
• Improve reliability and safeguard your AKS configurations during concurrent operations with eTags concurrency control, now generally available. This built-in mechanism detects and prevents conflicting changes, ensuring only the most recent and valid updates are applied to your cluster.
• Enhance performance and reliability while optimizing resource utilization. Smart VM Defaults (generally available) automatically select the optimal default VM SKU for you based on available capacity and quota.
• Boost MySQL and PostgreSQL throughput by up to 5x with performance enhancements on ephemeral disks with Azure Container Storage v1.3.0 (generally available).
• Use cost-effective alerting strategies for AKS to reduce alerting costs while maintaining proactive visibility into container health and performance with Azure Monitor.
• Detect and resolve placement drift with new conflict-handling strategies in Azure Kubernetes Fleet Manager, giving you more control over multi-cluster workload consistency.

Strengthen your security posture

As organizations scale their cloud-native applications, securing every layer of the Kubernetes stack becomes mission-critical. AKS continues to meet this challenge with a wave of new security capabilities designed to protect your workloads, streamline compliance, and reduce operational risk. From runtime threat detection and image signature enforcement to a unified security dashboard, AKS now offers a more comprehensive, integrated approach to cluster protection—backed by Microsoft Defender for Cloud and Azure Policy. Whether you're managing a single cluster or operating at fleet scale, these innovations help you stay ahead of threats while maintaining agility.

• Secure your Kubernetes environment more effectively with the AKS Security Dashboard. Available through the Azure portal, it offers comprehensive visibility and automated remediation for security issues—helping you detect, prioritize, and resolve risks with greater confidence.
• Proactively block risky workloads by gating vulnerable deployments in AKS (public preview), which uses Microsoft Defender for Cloud to evaluate container images against your org’s security policies and vulnerability assessments—ensuring only compliant deployments reach your clusters.
• Gain deeper visibility into runtime risks with Agentless runtime vulnerability assessment for AKS-owned images (public preview), helping you identify CVEs and recommended fixes tied to specific AKS versions. Additionally, registry-agnostic agentless runtime container vulnerability assessment (public preview) provides comprehensive vulnerability assessment and remediation for container images, regardless of their registry source.
• Detect threats in real time with DNS Lookup Threat Detection and malware detection for AKS nodes, both in public preview via Microsoft Defender for Cloud. These features monitor suspicious DNS activity and scan nodes for vulnerabilities and malware—boosting your runtime protection.
• Onboard clusters with flexibility using resource-level onboarding for individual AKS clusters in Defender for Cloud, now in public preview. This enables agentless, sensor-based alerts directly in the AKS dashboard.
• Establish trusted connections with custom certificate authority support in AKS (generally available), allowing secure communication between your cluster and private registries, proxies, and firewalls.
• Keep your Kubernetes traffic private and protected with API Server VNet Integration in AKS (generally available). By routing communication between the API server and your cluster nodes entirely through a private network, you avoid public exposure and complex tunneling—making your setup both simpler and more secure.
  
  

AKS at Microsoft Build 2025

These new features and updates for AKS are set to provide greater flexibility, enhanced security, and advanced AI capabilities, empowering users to scale, secure, and optimize their Kubernetes environments like never before.

To see these innovations in action and learn more about how they can benefit your organization, be sure to join us virtually or in person at Microsoft Build this week. Our experts will be showcasing these features in detail, providing live demonstrations, and answering any questions you may have.

We hope to see you in Seattle or online!