{"id":"aks-full-zero-trust-secrets-at-rest","text":"AKS achieves full zero-trust protection for secrets at rest when combining infrastructure-level network zero-trust (inherited from Azure's NSG/LB default-deny stack) with Key Vault's network-isolated defense-in-depth key lifecycle for external secret storage.","truth_value":"OUT","source":"","source_url":"","source_hash":"","justifications":[],"dependents":[],"metadata":{"_retracted":true},"explanation":{"steps":[{"node":"aks-full-zero-trust-secrets-at-rest","truth_value":"OUT","reason":"retracted premise"}]}}