Architected an enterprise Kubernetes platform

Architected an enterprise Kubernetes platform on Azure AKS for a fintech company running 40+ microservices. Traffic enters through Application Gateway with WAF v2 policies and Azure Firewall before reaching the AKS cluster inside a hub-spoke VNet. ArgoCD manages all deployments through GitOps with automatic drift detection and self-healing. ACR stores container images built by Azure DevOps Pipelines with integrated vulnerability scanning. Workloads connect to Cosmos DB, PostgreSQL Flexible Server, and Redis Cache through private endpoints. Azure ML handles fraud detection model inference called directly from within cluster pods. Entra ID with Managed Identities provides passwordless auth across all services.