First version of security guidelines for this project is available, including answers to questions listed below
Questions to be answered (might be updated):
What are relevant Kubernetes security best practices for this project
What are relevant Azure Kubernetes Service security best practices for this project
Secrets management - how should this be done?
kubesecrets deployed via an encrypted YAML?
Integration to Key Vault?
Some other method?