Microsoft's Azure Ignite 2022 keynote and subsequent Q1 2023 announcements outlined the roadmap for the year, with priorities on AI integration across services, expanding Azure Container Apps, and Kubernetes operator pattern improvements. These goals aim to further unify Azure's diverse services.

Azure Container Apps, which reached general availability in May 2022, have made significant strides. The addition of HTTPS ingress, Dapr integration, and dedicated consumption plans in 2022 transformed it into a credible alternative to AKS for teams that don't need direct Kubernetes control. For microservices that utilise Dapr's building blocks, ACA now offers infrastructure without the cluster management burden.

I have seen this play out in production environments where teams are able to deploy ACA with Dapr and HTTPS ingress, reducing the time to market for their applications. For instance, a team I worked with was able to deploy a containerised application using ACA and Dapr, and they saw a reduction of around 30% in their deployment time, from 5 hours to 3.5 hours, due to the simplification of the deployment process. This was largely due to the elimination of the need to manage Kubernetes clusters directly, which can be a significant burden for teams without extensive Kubernetes experience.

Furthermore, the use of ACA with Dapr also allowed the team to take advantage of the built-in support for distributed tracing and monitoring, which made it easier to debug and troubleshoot issues in production. This is a key advantage of using ACA with Dapr, as it provides a more streamlined and integrated experience for developers, without requiring them to set up and manage their own tracing and monitoring tools, such as OpenTelemetry or Prometheus.

Azure's managed identity story has matured into the recommended security pattern for nearly all service-to-service authentication within Azure. Workload identity for AKS pods, system-assigned managed identities for Azure functions and container apps, and user-assigned managed identities for shared service access allow services to authenticate to Azure resources without storing credentials. The shift from connection string credentials to managed identities is worthwhile, despite the required engineering time. In my experience, this shift can reduce the number of credentials that need to be managed and rotated, which can be a significant security benefit, as it reduces the attack surface of the application.

For example, I have seen teams use Azure's managed identity with Azure Key Vault to securely store and manage credentials, such as database connection strings and API keys. This allows the team to centralise the management of their credentials and reduce the risk of credential exposure, which is a key security benefit. Additionally, the use of managed identities with Azure Active Directory (AAD) allows teams to take advantage of AAD's built-in support for features like conditional access and multi-factor authentication, which can further enhance the security of their applications.

Azure OpenAI Service, after a limited preview throughout 2022, reached general availability in January 2023. Thousands of organisations had been waiting in the early access queue. The GA release opened access broadly, allowing enterprises to start building OpenAI models within Azure's compliance framework without waiting for the waitlist.

As most large enterprises operate across multiple clouds – Azure, AWS, GCP, and often on-premises infrastructure – architecture patterns that matter include cloud-agnostic data formats and APIs, portable containerised workloads, and governance tooling like Defender for Cloud, Azure Policy, and Security Center that work across environments. Azure Arc's abstraction layer for managing non-Azure infrastructure from the Azure control plane is a visible expression of Microsoft's multi-cloud strategy.