Unless you’re extremely good at security, hyperscale cloud providers are probably better at security than your organization: they have more security expertise, they patch faster, they run background checks on admins and they have strong operational security. For extremely sensitive data and confidential workloads in regulated industries, that might be enough to make cloud unsuitable.
“This is enabling net new scenarios in confidential computing that were not possible before,” https://www.linkedin.com/in/nramar/ from the Azure Confidential Computing team https://ignite.microsoft.com/en-US/sessions/d14e97a1-2a96-4df3-aca9-a9afeec52ec6.
Confidential node pools work with the full AKS feature set, like autoscaling, AKS addons, Azure CNI, Azure Defender for Containers and the rest.
Pick a confidential compute VM for your node pool and AKS automatically enables memory encryption for that node pool