Unlocking Application Modernisation with GitHub Copilot
AI-driven modernisation is unlocking new opportunities you may not have even considered yet. It's also allowing organisations to re-evaluate previously discarded modernisation attempts that were considered too hard, complex or simply didn't have the skills or time to do. During Microsoft Build 2025, we were introduced to the concept of Agentic AI modernisation and this post from Ikenna Okeke does a great job of summarising the topic - Reimagining App Modernisation for the Era of AI | Microsoft Community Hub. This blog post however, explores the modernisation opportunities that you may not even have thought of yet, the business benefits, how to start preparing your organisation, empowering your teams, and identifying where GitHub Copilot can help. I’ve spent the last 8 months working with customers exploring usage of GitHub Copilot, and want to share what my team members and I have discovered in terms of new opportunities to modernise, transform your applications, bringing some fun back into those migrations! Let’s delve into how GitHub Copilot is helping teams update old systems, move processes to the cloud, and achieve results faster than ever before. Background: The Modernisation Challenge (Then vs Now) Modernising legacy software has always been hard. In the past, teams faced steep challenges: brittle codebases full of technical debt, outdated languages (think decades-old COBOL or VB6), sparse documentation, and original developers long gone. Integrating old systems with modern cloud services often requiring specialised skills that were in short supply – for example, check out this fantastic post from Arvi LiVigni (@arilivigni ) which talks about migrating from COBOL “the number of developers who can read and write COBOL isn’t what it used to be,” making those systems much harder to update". Common pain points included compatibility issues, data migrations, high costs, security vulnerabilities, and the constant risk that any change could break critical business functions. It’s no wonder many modernisation projects stalled or were “put off” due to their complexity and risk. So, what’s different now (circa 2025) compared to two years ago? In a word: Intelligent AI assistance. Tools like GitHub Copilot have emerged as AI pair programmers that dramatically lower the barriers to modernisation. Arvi’s post talks about how only a couple of years ago, developers had to comb through documentation and Stack Overflow for clues when deciphering old code or upgrading frameworks. Today, GitHub Copilot can act like an expert co-developer inside your IDE, ready to explain mysterious code, suggest updates, and even rewrite legacy code in modern languages. This means less time fighting old code and more time implementing improvements. As Arvi says “nine times out of 10 it gives me the right answer… That speed – and not having to break out of my flow – is really what’s so impactful.” In short, AI coding assistants have evolved from novel experiments to indispensable tools, reimagining how we approach software updates and cloud adoption. I’d also add from my own experience – the models we were using 12 months ago have already been superseded by far superior models with ability to ingest larger context and tackle even further complexity. It's easier to experiment, and fail, bringing more robust outcomes – with such speed to create those proof of concepts, experimentation and failing faster, this has also unlocked the ability to test out multiple hypothesis’ and get you to the most confident outcome in a much shorter space of time. Modernisation is easier now because AI reduces the heavy lifting. Instead of reading the 10,000-line legacy program alone, a developer can ask Copilot to explain what the code does or even propose a refactored version. Rather than manually researching how to replace an outdated library, they can get instant recommendations for modern equivalents. These advancements mean that tasks which once took weeks or months can now be done in days or hours – with more confidence and less drudgery - more fun! The following sections will dive into specific opportunities unlocked by GitHub Copilot across the modernisation journey which you may not even have thought of. Modernisation Opportunities Unlocked by Copilot Modernising an application isn’t just about updating code – it involves bringing everyone and everything up to speed with cloud-era practices. Below are several scenarios and how GitHub Copilot adds value, with the specific benefits highlighted: 1. AI-Assisted Legacy Code Refactoring and Upgrades Instant Code Comprehension: GitHub Copilot can explain complex legacy code in plain English, helping developers quickly understand decades-old logic without scouring scarce documentation. For example, you can highlight a cryptic COBOL or C++ function and ask Copilot to describe what it does – an invaluable first step before making any changes. This saves hours and reduces errors when starting a modernisation effort. Automated Refactoring Suggestions: The AI suggests modern replacements for outdated patterns and APIs, and can even translate code between languages. For instance, Copilot can help convert a COBOL program into JavaScript or C# by recognising equivalent constructs. It also uses transformation tools (like OpenRewrite for Java/.NET) to systematically apply code updates – e.g. replacing all legacy HTTP calls with a modern library in one sweep. Developers remain in control, but GitHub Copilot handles the tedious bulk edits. Bulk Code Upgrades with AI: GitHub Copilot’s App Modernisation capabilities can analyse an entire codebase and generate a detailed upgrade plan, then execute many of the code changes automatically. It can upgrade framework versions (say from .NET Framework 4.x to .NET 6, or Java 8 to Java 17) by applying known fix patterns and even fixing compilation errors after the upgrade. Teams can finally tackle those hundreds of thousand-line enterprise applications – a task that could take multiple years with GitHub Copilot handling the repetitive changes. Technical Debt Reduction: By cleaning up old code and enforcing modern best practices, GitHub Copilot helps chip away at years of technical debt. The modernised codebase is more maintainable and stable, which lowers the long-term risk hanging over critical business systems. Notably, the tool can even scan for known security vulnerabilities during refactoring as it updates your code. In short, each legacy component refreshed with GitHub Copilot comes out safer and easier to work on, instead of remaining a brittle black box. 2. Accelerating Cloud Migration and Azure Modernisation Guided Azure Migration Planning: GitHub Copilot can assess a legacy application’s cloud readiness and recommend target Azure services for each component. For instance, it might suggest migrating an on-premises database to Azure SQL, moving file storage to Azure Blob Storage, and converting background jobs to Azure Functions. This provides a clear blueprint to confidently move an app from servers to Azure PaaS. One-Click Cloud Transformations: GitHub Copilot comes with predefined migration tasksthat automate the code changes required for cloud adoption. With one click, you can have the AI apply dozens of modifications across your codebase. For example: File storage: Replace local file read/writes with Azure Blob Storage SDK calls. Email/Comms: Swap out SMTP email code for Azure Communication Services or SendGrid. Identity: Migrate authentication from Windows AD to Azure AD (Entra ID) libraries. Configuration: Remove hard-coded configurations and use Azure App Configuration or Key Vault for secrets. GitHub Copilot performs these transformations consistently, following best practices (like using connection strings from Azure settings). After applying the changes, it even fixes any compile errors automatically, so you’re not left with broken builds. What used to require reading countless Azure migration guides is now handled in minutes. Automated Validation & Deployment: Modernisation doesn’t stop at code changes. GitHub Copilot can also generate unit tests to validate that the application still behaves correctly after the migration. It helps ensure that your modernised, cloud-ready app passes all its checks before going live. When you’re ready to deploy, GitHub Copilot can produce the necessary Infrastructure-as-Code templates (e.g. Azure Resource Manager Bicep files or Terraform configs) and even set up CI/CD pipeline scripts for you. In other words, the AI can configure the Azure environment and deployment process end-to-end. This dramatically reduces manual effort and error, getting your app to the cloud faster and with greater confidence. Integrations: GitHub Copilot also helps tackle larger migration scenarios that were previously considered too complex. For example, many enterprises want to retire expensive proprietary integration platforms like MuleSoft or Apigee and use Azure-native services instead, but rewriting hundreds of integration workflows was daunting. Now, GitHub Copilot can assist in translating those workflows: for instance, converting an Apigee API proxy into an Azure API Management policy, or a MuleSoft integration into an Azure Logic App. Multi-Cloud Migrations: if you plan to consolidate from other clouds into Azure, GitHub Copilot can suggest equivalent Azure services and SDK calls to replace AWS or GCP-specific code. These AI-assisted conversions significantly cut down the time needed to reimplement functionality on Azure. The business impact can be substantial. By lowering the effort of such migrations, GitHub Copilot makes it feasible to pursue opportunities that deliver big cost savings and simplification. 3. Boosting Developer Productivity and Quality Instant Unit Tests (TDD Made Easy): Writing tests for old code can be tedious, but GitHub Copilot can generate unit test cases on the fly. Developers can highlight an existing function and ask Copilot to create tests; it will produce meaningful test methods covering typical and edge scenarios. This makes it practical to apply test-driven development practices even to legacy systems – you can quickly build a safety net of tests before refactoring. By catching bugs early through these AI-generated tests, teams gain confidence to modernise code without breaking things. It essentially injects quality into the process from the start, which is crucial for successful modernisation. DevOps Automation: GitHub Copilot helps modernise your build and deployment process as well. It can draft CI/CD pipeline configurations, Dockerfiles, Kubernetes manifests, and other DevOps scripts by leveraging its knowledge of common patterns. For example, when setting up a GitHub Actions workflow to deploy your app, GitHub Copilot will autocomplete significant parts (like build steps, test runs, deployment jobs) based on the project structure. This not only saves time but also ensures best practices (proper caching, dependency installation, etc.) are followed by default. Microsoft even provides an extension where you can describe your Azure infrastructure needs in plain language and have GitHub Copilot generate the corresponding templates and pipeline YAML. By automating these pieces, teams can move to cloud-based, automated deployments much faster. Behaviour-Driven Development Support: Teams practicing BDD write human-readable scenarios (e.g. using Gherkin syntax) describing application behaviour. GitHub Copilot’s AI is adept at interpreting such descriptions and suggesting step definition code or test implementations to match. For instance, given a scenario “When a user with no items checks out, then an error message is shown,” GitHub Copilot can draft the code for that condition or the test steps required. This helps bridge the gap between non-technical specifications and actual code. It makes BDD more efficient and accessible, because even if team members aren’t strong coders, the AI can translate their intent into working code that developers can refine. Quality and Consistency: By using AI to handle boilerplate and repetitive tasks, developers can focus more on high-value improvements. GitHub Copilot’s suggestions are based on a vast corpus of code, which often means it surfaces well-structured, idiomatic patterns. Starting from these suggestions, developers are less likely to introduce errors or reinvent the wheel, which leads to more consistent code quality across the project. The AI also often reminds you of edge cases (for example, suggesting input validation or error handling code that might be missed), contributing to a more robust application. In practice, many teams find that adopting GitHub Copilot results in fewer bugs and quicker code reviews, as the code is cleaner on the first pass. It’s like having an extra set of eyes on every pull request, ensuring standards are met. Business Benefits of AI-Powered Modernisation Bringing together the technical advantages above, what’s the payoff for the business and stakeholders? Modernising with GitHub Copilot can yield multiple tangible and intangible benefits: Accelerated Time-to-Market: Modernisation projects that might have taken a year can potentially be completed in a few months, or an upgrade that took weeks can be done in days. This speed means you can deliver new features to customers sooner and respond faster to market changes. It also reduces downtime or disruption since migrations happen more swiftly. Cost Savings: By automating repetitive work and reducing the effort required from highly paid senior engineers, GitHub Copilot can trim development costs. Faster project completion also means lower overall project cost. Additionally, running modernised apps on cloud infrastructure (with updated code) often lowers operational costs due to more efficient resource usage and easier maintenance. There’s also an opportunity cost benefit: developers freed up by Copilot can work on other value-adding projects in parallel. Improved Quality & Reliability: GitHub Copilot’s contributions to testing, bug-fixing, and even security (like patching known vulnerabilities during upgrades) result in more robust applications. Modernised systems have fewer outages and security incidents than shaky legacy ones. Stakeholders will appreciate that with GitHub Copilot, modernisation doesn’t mean “trading one set of bugs for another” – instead, you can increase quality as you modernise (GitHub’s research noted higher code quality when using Copilot, as developers are less likely to introduce errors or skip tests). Business Agility: A modernised application (especially one refactored for cloud) is typically more scalable and adaptable. New integrations or features can be added much faster once the platform is up-to-date. GitHub Copilot helps clear the modernisation hurdle, after which the business can innovate on a solid, flexible foundation (for example, once a monolith is broken into microservices or moved to Azure PaaS, you can iterate on it much faster in the future). AI-assisted modernisation thus unlocks future opportunities (like easier expansion, integrations, AI features, etc.) that were impractical on the legacy stack. Employee Satisfaction and Innovation: Developer happiness is a subtle but important benefit. When tedious work is handled by AI, developers can spend more time on creative tasks – designing new features, improving user experience, exploring new technologies. This can foster a culture of innovation. Moreover, being seen as a company that leverages modern tools (like AI Co-pilots) helps attract and retain top tech talent. Teams that successfully modernise critical systems with Copilot will gain confidence to tackle other ambitious projects, creating a positive feedback loop of improvement. To sum up, GitHub Copilot acts as a force-multiplier for application modernisation. It enables organisations to do more with less: convert legacy “boat anchors” into modern, cloud-enabled assets rapidly, while improving quality and developer morale. This aligns IT goals with business goals – faster delivery, greater efficiency, and readiness for the future. Call to Action: Embrace the Future of Modernisation GitHub Copilot has proven to be a catalyst for transforming how we approach legacy systems and cloud adoption. If you’re excited about the possibilities, here are next steps and what to watch for: Start Experimenting: If you haven’t already, try GitHub Copilot on a sample of your code. Use Copilot or Copilot Chat to explain a piece of old code or generate a unit test. Seeing it in action on your own project can build confidence and spark ideas for where to apply it. Identify a Pilot Project: Look at your application portfolio for a candidate that’s ripe for modernisation – maybe a small legacy service that could be moved to Azure, or a module that needs a refactor. Use GitHub Copilot to assess and estimate the effort. Often, you’ll find tasks once deemed “too hard” might now be feasible. Early successes will help win support for larger initiatives. Stay Tuned for Our Upcoming Blog Series: This post is just the beginning. In forthcoming posts, we’ll dive deeper into: Setting Up Your Organisation for Copilot Adoption: Practical tips on preparing your enterprise environment – from licensing and security considerations to training programs. We’ll discuss best practices (like running internal awareness campaigns, defining success metrics, and creating Copilot champions in your teams) to ensure a smooth rollout. Empowering Your Colleagues: How to foster a culture that embraces AI assistance. This includes enabling continuous learning, sharing prompt techniques and knowledge bases, and addressing any scepticism. We’ll cover strategies to support developers in using Copilot effectively, so that everyone from new hires to veteran engineers can amplify their productivity. Identifying High-Impact Modernisation Areas: Guidance on spotting where GitHub Copilot can add the most value. We’ll look at different domains – code, cloud, tests, data – and how to evaluate opportunities (for example, using telemetry or feedback to find repetitive tasks suited for AI, or legacy components with high ROI if modernised). Engage and Share: As you start leveraging Copilot for modernisation, share your experiences and results. Success stories (even small wins like “GitHub Copilot helped reduce our code review times” or “we migrated a component to Azure in 1 sprint”) can build momentum within your organisation and the broader community. We invite you to discuss and ask questions in the comments or in our tech community forums. Take a look at the new App Modernisation Guidance—a comprehensive, step-by-step playbook designed to help organisations: Understand what to modernise and why Migrate and rebuild apps with AI-first design Continuously optimise with built-in governance and observability Modernisation is a journey, and AI is the new compass and co-pilot to guide the way. By embracing tools like GitHub Copilot, you position your organisation to break through modernisation barriers that once seemed insurmountable. The result is not just updated software, but a more agile, cloud-ready business and a happier, more productive development team. Now is the time to take that step. Empower your team with Copilot, and unlock the full potential of your applications and your developers. Stay tuned for more insights in our next posts, and let’s modernise what’s possible together!Azure at KubeCon India 2025 | Hyderabad, India – 6-7 August 2025
Welcome to KubeCon + CloudNativeCon India 2025! We’re thrilled to join this year’s event in Hyderabad as a Gold sponsor, where we’ll be highlighting the newest innovations in Azure and Azure Kubernetes Service (AKS) while connecting with India’s dynamic cloud-native community. We’re excited to share some powerful new AKS capabilities that bring AI innovation to the forefront, strengthen security and networking, and make it easier than ever to scale and streamline operations. Innovate with AI AI is increasingly central to modern applications and competitive innovation, and AKS is evolving to support intelligent agents more natively. The AKS Model Context Protocol (MCP) server, now in public preview, introduces a unified interface that abstracts Kubernetes and Azure APIs, allowing AI agents to manage clusters more easily across environments. This simplifies diagnostics and operations—even across multiple clusters—and is fully open-source, making it easier to integrate AI-driven tools into Kubernetes workflows. Enhance networking capabilities Networking is foundational to application performance and security. This wave of AKS improvements delivers more control, simplicity, and scalability in networking: Traffic between AKS services can now be filtered by HTTP methods, paths, and hostnames using Layer-7 network policies, enabling precise control and stronger zero-trust security. Built-in HTTP proxy management simplifies cluster-wide proxy configuration and allows easy disabling of proxies, reducing misconfigurations while preserving future settings. Private AKS clusters can be accessed securely through Azure Bastion integration, eliminating the need for VPNs or public endpoints by tunneling directly with kubectl. DNS performance and resilience are improved with LocalDNS for AKS, which enables pods to resolve names even during upstream DNS outages, with no changes to workloads. Outbound traffic from AKS can now use static egress IP prefixes, ensuring predictable IPs for compliance and smoother integration with external systems. Cluster scalability is enhanced by supporting multiple Standard Load Balancers, allowing traffic isolation and avoiding rule limits by assigning SLBs to specific node pools or services. Network troubleshooting is streamlined with Azure Virtual Network Verifier, which runs connectivity tests from AKS to external endpoints and identifies misconfigured firewalls or routes. Strengthen security posture Security remains a foundational priority for Kubernetes environments, especially as workloads scale and diversify. The following enhancements strengthen protection for data, infrastructure, and applications running in AKS—addressing key concerns around isolation, encryption, and visibility. Confidential VMs for Azure Linux enable containers to run on hardware-encrypted, isolated VMs using AMD SEV-SNP, providing data-in-use protection for sensitive workloads without requiring code changes. Confidential VMs for Ubuntu 24.04 combine AKS’s managed Kubernetes with memory encryption and VM-level isolation, offering enhanced security for Linux containers in Ubuntu-based clusters. Encryption in transit for NFS secures data between AKS pods and Azure Files NFS volumes using TLS 1.3, protecting sensitive information without modifying applications. Web Application Firewall for Containers adds OWASP rule-based protection to containerized web apps via Azure Application Gateway, blocking common exploits without separate WAF appliances. The AKS Security Dashboard in Azure Portal centralizes visibility into vulnerabilities, misconfigurations, compliance gaps, and runtime threats, simplifying cluster security management through Defender for Cloud. Simplify and scale operations To streamline operations at scale, AKS is introducing new capabilities that automate resource provisioning, enforce deployment best practices, and simplify multi-tenant management—making it easier to maintain performance and consistency across complex environments. Node Auto-Provisioning improves resource efficiency by automatically adding and removing standalone nodes based on pod demand, eliminating the need for pre-created node pools during traffic spikes. Deployment Safeguards help prevent misconfigurations by validating Kubernetes manifests against best practices and optionally enforcing corrections to reduce instability and security risks. Managed Namespaces streamline multi-tenant cluster operations by providing a unified view of accessible namespaces across AKS clusters, along with quick access credentials via CLI, API, or Portal. Maximize performance and visibility To enhance performance and observability in large-scale environments, AKS is also rolling out infrastructure-level upgrades that improve monitoring capacity and control plane efficiency. Prometheus quotas in Azure Monitor can now be raised to 20 million samples per minute or active time series, ensuring full metric coverage for massive AKS deployments. Control plane performance has been improved with a backported Kubernetes enhancement (KEP-5116), reducing API server memory usage by ~10× during large listings and enabling faster kubectl responses with lower risk of OOM issues in AKS versions 1.31.9 and above. Microsoft is at KubeCon India 2025 - come say hi! Connect with us in Hyderabad! Microsoft has a strong on-site presence at KubeCon + CloudNativeCon India 2025. Here are some highlights of how you can connect with us at the event: August 6-7: Visit Microsoft at Booth G4 for live demos and expert Q&A throughout the conference. Microsoft engineers are also delivering several breakout sessions on AKS and cloud-native technologies. Microsoft Sessions: Throughout the conference, Microsoft engineers are speaking in various sessions, including: Keynote: The Last Mile Problem: Why AI Won’t Replace You (Yet) Lightning Talk: Optimizing SNAT Port and IP Address Management in Kubernetes Smart Capacity-Aware Volume Provisioning for LVM Local Storage Across Multi-Cluster Kubernetes Fleet Minimal OS, Maximum Impact: Journey To a Flatcar Maintainer We’re thrilled to connect with you at KubeCon + CloudNativeCon India 2025. Whether you attend sessions, drop by our booth, or watch the keynote, we look forward to discussing these announcements and hearing your thoughts. Thank you for being part of the community, and happy KubeCon! 👋Enhancing Performance in Azure Container Apps
Azure Container Apps is a fully managed serverless container service that enables you to deploy and run applications without having to manage the infrastructure. The Azure Container Apps team has made improvements recently to the load balancing algorithm and scaling behavior to better align with customer expectations to meet their performance needs.Powering the Next Generation of AI Apps and Agents on the Azure Application Platform
Generative AI is already transforming how businesses operate, with organizations seeing an average return of 3.7x for every $1 of investment [The Business Opportunity of AI, IDC study commissioned by Microsoft]. Developers sit at the center of this transformation, and their need for speed, flexibility, and familiarity with existing tools is driving the demand for application platforms that integrate AI seamlessly into their current development workflows. To fully realize the potential of generative AI in applications, organizations must provide developers with frictionless access to AI models, frameworks, and environments that enable them to scale AI applications. We see this in action at organizations like Accenture, Assembly Software, Carvana, Coldplay (Pixel Lab), Global Travel Collection, Fujitsu, healow, Heineken, Indiana Pacers, NFL Combine, Office Depot, Terra Mater Studios (Red Bull), and Writesonic. Today, we’re excited to announce new innovations across the Azure Application Platform to meet developers where they are and help enterprises accelerate their AI transformation. The Azure App Platform offers managed Kubernetes (Azure Kubernetes Service), serverless (Azure Container Apps and Azure Functions), PaaS (Azure App Service) and integration (Azure Logic Apps and API Management). Whether you’re modernizing existing applications or creating new AI apps and agents, Azure provides a developer‑centric App Platform—seamlessly integrated with Visual Studio, GitHub, and Azure AI Foundry—and backed by a broad portfolio of fully managed databases, from Azure Cosmos DB to Azure Database for PostgreSQL and Azure SQL Database. Innovate faster with AI apps and agents In today’s fast-evolving AI landscape, the key to staying competitive is being able to move from AI experimentation to production quickly and easily. Whether you’re deploying open-source AI models or integrating with any of the 1900+ models in Azure AI Foundry, the Azure App Platform provides a streamlined path for building and scaling AI apps and agents. Kubernetes AI Toolchain Operator (KAITO) for AKS add-on (GA) and Azure Arc extension (preview) simplifies deploying, testing, and operating open-source and custom models on Kubernetes. Automated GPU provisioning, pre-configured settings, workspace customization, real-time deployment tracking, and built-in testing interfaces significantly reduce infrastructure overhead and accelerate AI development. Visual Studio Code integration enables developers to quickly prototype, deploy, and manage models. Learn more. Serverless GPU integration with AI Foundry Models (preview) offers a new deployment target for easy AI model inferencing. Azure Container Apps serverless GPU offers unparalleled flexibility to run any supported model. It features automatic scaling, pay-per-second pricing, robust data governance, and built-in enterprise networking and security support, making it an ideal solution for scalable and secure AI deployments. Learn more. Azure Functions integration with AI Foundry Agent Service (GA) enables you to create real-time, event-driven workflows for AI agents without managing infrastructure. This integration enables agents to securely invoke Azure Functions to execute business logic, access systems, or process data on demand. It unlocks scalable, cost-efficient automation for intelligent applications that respond dynamically to user input or events. Learn more. Azure Functions enriches Azure OpenAI extension (preview) to automate embeddings for real-time RAG, semantic search, and function calling with built-in support for AI Search, Azure Cosmos DB for MongoDB and Azure Data Explorer vector stores. Learn more. Azure Functions MCP extension adds support for instructions and monitoring (preview) making it easier to build and operate remote MCP servers at cloud scale. With this update, developers can deliver richer AI interactions by providing capabilities and context to large language models directly from Azure Functions. This enables AI agents to both call functions and respond intelligently with no separate orchestration layer required. Learn more. Harnessing AI to drive intelligent business processes As AI continues to grow in adoption, its ability to automate complex business process workflows becomes increasingly valuable. Azure Logic Apps empowers organizations to build, orchestrate, and monitor intelligent, agent-driven workflows. Logic Apps agent loop orchestrates agentic business processes (preview) with goal-based automation using AI-powered reasoning engines such as OpenAI’s GPT-4o or GPT-4.1. Instead of building fixed flows, users can define the desired outcomes, and Agent loop action in Logic Apps figures out the steps dynamically. With 1400+ out-of-the-box connectors to various enterprise systems and SaaS applications, and full observability, Logic Apps enables you to rapidly deliver on all business process needs with agentic automation. Learn more. Enable intelligent data pipelines for RAG using Logic Apps (preview) with new native integrations with Azure Cosmos DB and Azure AI Search. Teams can ingest content into vector stores and databases through low-code templates. No custom code required. This enables AI agents to ground responses in proprietary data, improving relevance and accuracy for real business outcomes. Learn more. Empower AI agents to act with Logic Apps in AI Foundry (preview) across enterprise systems using low-code automation. Prebuilt connectors and templates simplify integration with Microsoft and third-party services from databases to SaaS apps. This gives developers and business users a faster way to orchestrate intelligent actions, automate complex workflows, and operationalize AI across the organization. Learn more. Scale AI innovation across your enterprise As AI adoption grows, so does the need for visibility and control over how models are accessed and utilized. Azure API Management helps you achieve this with advanced tools that ensure governance, security, and efficient management of your AI APIs. Expanded AI Gateway capabilities in Azure API Management (GA) give organizations deeper control, observability, and governance for generative AI workloads. Key additions include LLM Logging for prompts, completions, and token usage insights; session-aware load balancing to maintain context in multi-turn chats; robust guardrails through integration with Azure AI Content Safety service, and direct onboarding of models from Azure AI Foundry. Customers can also now apply GenAI-specific policies to AWS Bedrock model endpoints, enabling unified governance across multi-cloud environments. Learn more. Azure API Management support for Model Context Protocol (preview) makes it easy to expose existing APIs as secure, agent-compatible endpoints. You can apply gateway policies such as authentication, rate limiting, caching, and authorization to protect MCP servers. This ensures consistent, centralized policy enforcement across all your MCP-enabled APIs. With minimal effort, you can transform APIs into AI-ready services that integrate seamlessly with autonomous agents. Learn more. Azure API Center introduces private MCP registry and streamlined discovery (preview) giving organizations full control over which services are discoverable. Role-Based Access Control (RBAC) allows teams to manage who can find, use, and update MCP servers based on organizational roles. Developers can now discover and consume MCP-enabled APIs directly through the API Center portal. These updates improve governance and simplify developer experience for AI agent development. Learn more. Simplify operations for AI apps and agents in production Moving AI applications from proof-of-concept to production requires an environment that scales securely, cost-effectively, and reliably. The Azure App Platform continues to evolve with enhancements that remove operational friction, so you can deploy your AI apps, agents and scale with confidence. App Service Premium v4 Plan (preview) delivers up to 25% better performance and up to 24% cost savings over the previous generation—ideal for scalable, secure web apps. App Service Premium v4 helps modernize both Windows and Linux applications with better performance, security, and DevOps integration. It now offers a more cost-effective solution for customers seeking a fully managed PaaS, reducing infrastructure overhead while supporting today’s demanding AI applications. Learn more. AKS security dashboard (GA) provides unified visibility and automated remediation powered by Microsoft Defender for Containers—helping operations stay ahead of threats and compliance needs without leaving the Azure portal. Learn more. AKS Long-Term Support (GA) introduces 2-year support for all versions of Kubernetes after 1.27, in addition to the standard community-supported versions. This extended support model enables teams to reduce upgrade frequency and complexity, ensure platform stability, and provide greater operational flexibility. Learn more. Dynamic service recommendations for AKS (preview) streamlines the process of selecting and connecting services to your Azure Kubernetes Service cluster by offering tailored Azure service recommendations directly in the Azure portal. It uses in-portal intelligence to suggest the right services based on your usage patterns, making it easier to choose what’s best for your workloads. Learn more. Azure Functions Flex Consumption adds support for availability zones and smaller instance sizes (preview) to improve reliability and resiliency for critical workloads. The new 512 MB memory option helps customers fine-tune resource usage and reduce costs for lightweight functions. These updates are available in Australia East, East Asia, Sweden Central, and UK South, and can be enabled on both new and existing Flex Consumption apps. Learn more. Join us at Microsoft Build, May 19-22 The future of AI applications is here, and it’s powered by Azure. From APIs to automation, from web apps to Kubernetes, and from cloud to edge, we’re building the foundation for the next era of intelligent software. Whether you're modernizing existing systems or pioneering the next big thing in AI, Azure gives you the tools, performance, and governance to build boldly. Our platform innovations are designed to simplify your path, remove operational friction, and help you scale with confidence. Explore the various breakout, demo and lab sessions at Microsoft Build, May 19-22, to dive deeper into these Azure App Platform innovations. We can’t wait to see what you will build next!Reimagining App Modernization for the Era of AI
This blog highlights the key announcements and innovations from Microsoft Build 2025. It focuses on how AI is transforming the software development lifecycle, particularly in app modernization. Key topics include the use of GitHub Copilot for accelerating development and modernization, the introduction of Azure SRE agent for managing production systems, and the launch of the App Modernization Guidance to help organizations modernize their applications with AI-first design. The blog emphasizes the strategic approach to modernization, aiming to reduce complexity, improve agility, and deliver measurable business outcomes
New Networking Capabilities in Azure Container Apps
New Networking Capabilities in Azure Container Apps Azure Container Apps is your go-to fully managed serverless container service that enables you to deploy and run containerized applications with per-second billing and autoscaling without having to manage infrastructure. Today, Azure Container Apps is thrilled to announce several new enterprise capabilities that will take the flexibility, security, and manageability of your containerized applications to the next level. These capabilities include premium ingress, rule-based routing, private endpoints, Azure Arc integration, and planned maintenance. Let’s dive into the advanced networking features that Azure Container Apps has introduced. Public Preview: Premium Ingress in Azure Container Apps Azure Container Apps now supports premium ingress in public preview. This feature brings environment-level ingress configuration options, with the highlight being customizable ingress scaling. This capability supports the scaling of the ingress proxy, allowing you to better handle higher demand workloads, such as large performance tests. By configuring your ingress proxy to run on workload profiles, you can scale out more ingress instances to manage the load. Keep in mind, running the ingress proxy on a workload profile will incur associated costs. But wait, there’s more! This release also includes other ingress-related settings to boost your application’s flexibility, such as termination grace period, idle request timeout, and header count. To learn more, please visit https://aka.ms/aca/ingress-config. Public Preview: Rule-Based Routing in Azure Container Apps Next up, we have rule-based routing, now in public preview. This feature is all about giving you greater flexibility and composability for your Azure Container Apps. It simplifies your architecture for microservice applications, A/B testing, blue-green deployments, and more. With rule-based routing, you can direct incoming HTTP traffic to different apps within your Container Apps environment based on the requested host name or path. This includes support for custom domains! No need to set up a separate reverse proxy like NGINX anymore. Just provide routing rules for your environment and incoming traffic will automatically be routed to the specified target apps. To learn more, please visit https://aka.ms/aca/rule-based-routing. Generally Available: Private Endpoints in Azure Container Apps We’re also excited to announce that private endpoints are now generally available for workload profile environments in Azure Container Apps. This means you can connect to your Container Apps environment using a private IP address in your Azure Virtual Network, eliminating exposure to the public internet and securing access to your applications. Plus, you can connect directly from Azure Front Door to your workload profile environments over a private link instead of the public internet. Today, you can enable Private Link to the container apps origin for Azure Front Door through the Azure CLI and Azure portal. TCP support is now available too! This feature is supported for both Consumption and Dedicated plans in workload profile environments. Whether you have new or existing environments, you can leverage this capability without needing to re-provision your environment. Additionally, this capability introduces the public network access setting, allowing you to configure Azure networking policies. GA pricing will go into effect on July 1, 2025. To learn more, please visit https://aka.ms/aca/private-endpoints. What else is going on with Azure Container Apps at Build 2025? There’s a lot happening at Build 2025! Azure Container Apps has numerous sessions and other features being launched. For a complete overview, check out our https://aka.ms/aca/whats-new-blog-build-2025. For feedback, feature requests, or questions about Azure Container Apps, visit our GitHub page. We look forward to hearing from you!Build secure, flexible, AI-enabled applications with Azure Kubernetes Service
Building AI applications has never been more accessible. With advancements in tools and platforms, developers can now create sophisticated AI solutions that drive innovation and efficiency across various industries. For many, Kubernetes stands out as natural choice for running AI applications and agents due to its robust orchestration capabilities, scalability, and flexibility. In this blog, we will explore the latest advancements in Azure Kubernetes Service (AKS) we are announcing at Microsoft Build 2025, designed to enhance flexibility, bolster security, and seamlessly integrate AI capabilities into your Kubernetes environments. These updates will empower developers to create sophisticated AI solutions, improve operational efficiency, and drive innovation across various industries. Let's dive into the key highlights: Simplify building AI apps Enhancing the intelligence and automation of your Kubernetes environments can greatly improve your operations and development workflows. New AKS features make it easier to integrate AI, simplify processes, streamline deployments, and get smart recommendations for optimizing workloads. This means you can deploy AI-powered apps more efficiently, save time with automated deployments, and receive tailored service recommendations to get you started faster. Deploy open-source and custom models from cloud to edge with the Kubernetes AI toolchain operator (KAITO) add-on for AKS and Arc extension. KAITO streamlines AI model deployment, fine-tuning, inferencing, and development on Kubernetes by providing dynamic scaling, version control, and resource optimization. Easily select the right Azure services for your applications with customized Azure service recommendations in Azure Portal. Once you have deployed your recommended services, you can use the service connector to easily connect the service to your AKS cluster. Streamline the path to cloud-native development with Automated Deployments in AKS. New support for Azure DevOps, AKS-ready templates, and service connectors make it easier than ever to generate Dockerfiles and Kubernetes manifests and connect your applications to popular Azure services. Simplify multi-cluster management and streamline GitOps workflows. Automated Deployments in Azure Kubernetes Fleet Manager (public preview) let you connect GitHub repositories to a hub cluster, enabling continuous deployment by building, containerizing, and staging applications with GitHub Actions triggered on code updates. Operate with flexibility In the ever-evolving landscape of app development, flexibility is often key to maintaining operational efficiency and adaptability while meeting the dynamic demands of your business. The latest updates in AKS aim to provide greater flexibility by simplifying management, improving resource utilization, and providing more control over your deployments. Whether you're looking to streamline namespace management, ensure concurrency control, or optimize VM selection, these new capabilities will help you achieve greater operational efficiency and adaptability in your AKS clusters. Gain more flexibility and control over your Kubernetes upgrade timelines with long term support (LTS), now for all Kubernetes versions after 1.27. LTS extends support by an extra year beyond the community end-of-life, giving you more time to plan and execute upgrades on your schedule. All AKS supported Kubernetes version release updates are available in AKS release tracker. Improve reliability and safeguard your AKS configurations during concurrent operations with eTags concurrency control, now generally available. This built-in mechanism detects and prevents conflicting changes, ensuring only the most recent and valid updates are applied to your cluster. Enhance performance and reliability while optimizing resource utilization. Smart VM Defaults (generally available) automatically select the optimal default VM SKU for you based on available capacity and quota. Boost MySQL and PostgreSQL throughput by up to 5x with performance enhancements on ephemeral disks with Azure Container Storage v1.3.0 (generally available). Use cost-effective alerting strategies for AKS to reduce alerting costs while maintaining proactive visibility into container health and performance with Azure Monitor. Detect and resolve placement drift with new conflict-handling strategies in Azure Kubernetes Fleet Manager, giving you more control over multi-cluster workload consistency. Strengthen your security posture As organizations scale their cloud-native applications, securing every layer of the Kubernetes stack becomes mission-critical. AKS continues to meet this challenge with a wave of new security capabilities designed to protect your workloads, streamline compliance, and reduce operational risk. From runtime threat detection and image signature enforcement to a unified security dashboard, AKS now offers a more comprehensive, integrated approach to cluster protection—backed by Microsoft Defender for Cloud and Azure Policy. Whether you're managing a single cluster or operating at fleet scale, these innovations help you stay ahead of threats while maintaining agility. Secure your Kubernetes environment more effectively with the AKS Security Dashboard. Available through the Azure portal, it offers comprehensive visibility and automated remediation for security issues—helping you detect, prioritize, and resolve risks with greater confidence. Proactively block risky workloads by gating vulnerable deployments in AKS (public preview), which uses Microsoft Defender for Cloud to evaluate container images against your org’s security policies and vulnerability assessments—ensuring only compliant deployments reach your clusters. Gain deeper visibility into runtime risks with Agentless runtime vulnerability assessment for AKS-owned images (public preview), helping you identify CVEs and recommended fixes tied to specific AKS versions. Additionally, registry-agnostic agentless runtime container vulnerability assessment (public preview) provides comprehensive vulnerability assessment and remediation for container images, regardless of their registry source. Detect threats in real time with DNS Lookup Threat Detection and malware detection for AKS nodes, both in public preview via Microsoft Defender for Cloud. These features monitor suspicious DNS activity and scan nodes for vulnerabilities and malware—boosting your runtime protection. Onboard clusters with flexibility using resource-level onboarding for individual AKS clusters in Defender for Cloud, now in public preview. This enables agentless, sensor-based alerts directly in the AKS dashboard. Establish trusted connections with custom certificate authority support in AKS (generally available), allowing secure communication between your cluster and private registries, proxies, and firewalls. Keep your Kubernetes traffic private and protected with API Server VNet Integration in AKS (generally available). By routing communication between the API server and your cluster nodes entirely through a private network, you avoid public exposure and complex tunneling—making your setup both simpler and more secure. AKS at Microsoft Build 2025 These new features and updates for AKS are set to provide greater flexibility, enhanced security, and advanced AI capabilities, empowering users to scale, secure, and optimize their Kubernetes environments like never before. To see these innovations in action and learn more about how they can benefit your organization, be sure to join us virtually or in person at Microsoft Build this week. Our experts will be showcasing these features in detail, providing live demonstrations, and answering any questions you may have. We hope to see you in Seattle or online! Session Code Session Title Date and time Streamed and recorded BRK188 Build and scale your AI apps with Kubernetes and Azure Arc Mon, May 19 | 3:00 PM - 4:00 PM PST Yes COMM416 Conversations: Let's talk container security and network monitoring Mon, May 19 | 4:00 PM - 4:45 PM PST No LAB346 Ethical Hacking with AKS: Hands-On Attack and Defense Strategies Tues, May 20 | 11:45 AM - 1:00 PM PST No LAB348 Integrate Azure Kubernetes Service apps with Active Directory Tues, May 20 | 1:45 PM - 3:00 PM PST No BRK181 Streamlining AKS Debugging: Techniques to solve common & complex problems Tues, May 20 | 3:00 PM - 4:00 PM PST Yes LAB342 Streamlining Kubernetes for developers with AKS Automatic Tues, May 20 | 3:30 PM - 4:45 AM PST No BRK185 Maximizing efficiency in cloud-native app design Wed, May 21 | 10:30 AM - 11:30 AM PST Yes COMM456 Table Talks: Stateful Containers on AKS Wed, May 21 | 11:00 AM - 12:00 PM PST No COMM451 Table Talks: AKS Ops, Well-Architected Cloud & AI Copilot Wed, May 21 | 1:00 PM – 2:00 PM PST No LAB348-R1 Integrate Azure Kubernetes Service apps with Active Directory Wed, May 21 | 1:00 PM - 2:15 PM PST No BRK191 Running Stateful Workloads on AKS Wed, May 21 | 2:00 PM - 3:00 PM PST Yes LAB345-R1 Deploying and Inferencing AI Applications on Kubernetes Wed, May 21 | 2:45 PM - 4:00 PM PST No COMM452 Table Talks: Troubleshooting AKS, Cost Optimization & AI in K8s Wed, May 21 | 3:00 PM - 4:00 PM PST No BRK193 Skip the YAML! Easily deploy apps to AKS with Automated Deployments Wed, May 21 | 3:30 PM - 4:30 PM PST Yes BRK194 Adventures in AI: Deploying and inferencing open source and custom models on K8s Wed, May 21 | 5:00 PM – 6:00 PM PST Yes LAB342-R1 Streamlining Kubernetes for developers with AKS Automatic Thurs, May 22 | 8:30 AM – 9:45 AM PST No LAB346-R1 Ethical Hacking with AKS: Hands-On Attack and Defense Strategies Thurs, May 22 | 10:15 AM – 11:30 AM PST No LAB345 Deploying and Inferencing AI Applications on Kubernetes Thurs, May 22 | 10:15 AM – 11:30 AM PST No ODLAB346 On-Demand: Ethical Hacking with AKS: Hands-On Attack and Defense Strategies On Demand No ODLAB348 On-Demand: Integrate Azure Kubernetes Service apps with Active Directory On Demand No
