AKS Security and Containers

SAVE THE DATE! - 31 July 2025

AGENDA

Speaker 1 John Kilmister - Azure Software Architect | Microsoft MVP

John Kilmister is an Azure MVP, software engineer, and architect that enjoys exploring new technologies to solve real-world problems. With a background in e-commerce companies, he currently works as a software architect at a multinational company, working with teams on a range of Azure-based applications.

Session: Navigating Container Hosting on Azure

Containers continue to grow in popularity however when it comes to hosting in production it can be daunting. In this high level talk, we look at the many options for hosting containers in Azure showing although it can be complex it does not have to be. We will cover containers in app service plans, Azure container apps through to AKS.

Speaker 2: Wolfgang Ofner - Freelance Cloud and Software Architect | MCT

Wolfgang Ofner, a Microsoft Certified Trainer, is a dedicated Freelance Cloud and Software Architect specializing in Azure, DevOps, and .NET solutions. His passion lies in software architecture, Kubernetes, cloud technologies, and DevOps.

Wolfgang’s global experience is noteworthy, having worked on projects across Austria, Switzerland, Australia, and Canada. This international exposure has enriched his expertise and broadened his understanding of diverse technological landscapes.

In addition to his project work, Wolfgang is a recognized speaker at conferences and meetups around the world, sharing his knowledge and experiences with the global tech community.

When he isn’t architecting solutions or speaking at events, Wolfgang shares his knowledge and insights on his YouTube channel, https://youtube.com/@programmingwithwolfgang, and on his blog, ProgrammingWithWolfgang.com.

Session: AKS Security Simplified: Protecting Your Kubernetes Environment

Kubernetes is widely adopted for managing containerized applications, therefore, ensuring its security is crucial. This talk will demonstrate that securing your Azure Kubernetes Service (AKS) clusters, while it may seem challenging, is quite manageable with the right practices.

This session explores setting up private connections to Azure Container Registry, enabling secure image storage and retrieval. It also covers integrating Azure Policy to enforce security standards across your clusters, and how Entra Workload ID provides secure access to resources without the need for managing secrets.

Private clusters enhance the security by restricting access to the cluster's API server endpoint. Various authentication options, such as using Entra ID, ensure that only authorized users can access your resources. However, accessing private clusters from Azure DevOps pipelines presents unique challenges. This talk addresses these by explaining how to configure service connections and use managed identities effectively.

Attend this session for a comprehensive overview of these security features, complete with practical demos and expert tips. Whether you are new to AKS or looking to enhance your existing security measures, this session will provide valuable insights to help you secure your Kubernetes environment effectively.