Back to guides

Azure Architecture Guide

Azure AI Foundry Agent Production Readiness Checklist

A production readiness checklist for teams moving Azure AI Foundry agents, AI Search, MCP tools, and Azure OpenAI patterns from pilot to production.

Azure AI FoundryMCPContainer AppsGovernance

Quick Answer

An Azure AI Foundry agent is ready for production only when the team can demonstrate — in the running system, not on a slide — identity, data access, retrieval, tool permissions, evaluation, monitoring, and cost ownership.

The agent architecture is more than the model. It covers the full path from user request to model response, tool call, audit event, and operational owner. Use this checklist to confirm a built agent; the decisions that come before the build are covered in what to decide before moving AI Foundry into production.

When This Matters

Use this checklist when an agent moves from demo to real workflow.

Common triggers:

  • the agent reads internal documents or customer data
  • the agent calls APIs or MCP tools
  • business users depend on the response
  • model cost or retrieval cost affects budget
  • audit, security, or customer review requires an explanation
  • production support needs logs, traces, or runbooks

If the agent can act, retrieve, or influence a business process, it needs architecture review.

What To Decide

Answer these questions:

  1. Which users, apps, or jobs can invoke the agent?
  2. Which model deployments can it use?
  3. Which data sources can it retrieve from?
  4. Which tools can it call?
  5. Which tool calls need approval?
  6. How are prompts, outputs, traces, and errors retained?
  7. How will the team evaluate answer quality?
  8. Who owns cost, incidents, and access changes?

Do not skip the approval model. Tool access is where many agent risks appear.

Azure Components

Review:

  • Azure AI Foundry resources and projects
  • Azure OpenAI or model deployments
  • Azure AI Search indexes
  • storage accounts and data sources
  • managed identities and RBAC
  • Key Vault
  • Container Apps, Functions, or API Management for tool endpoints
  • Content Safety
  • Application Insights and Azure Monitor
  • budgets, token tracking, and cost alerts

The right design keeps model access, data access, and tool access separate enough to govern.

Microsoft Alignment

Use Azure AI Foundry architecture guidance for project and connected-service boundaries. Use Cloud Adoption Framework AI guidance for governance and operating model. Use Well-Architected Framework security and cost principles before production launch.

For agent tools, use least privilege and approval rules before expanding capabilities.

Common Mistakes

  • Letting one identity read all retrieval data.
  • Using API keys where managed identity should exist.
  • Allowing tool calls with no approval or audit trail.
  • Keeping traces without deciding retention and access.
  • Treating evaluation as a launch-day task.
  • Forgetting that AI Search, tokens, storage, and logs all create cost.

Agents need an operating owner, not just a prompt owner.

RedDogSME Recommendation

Use the Azure Architecture Assessment when the team has a working prototype and needs a governed production plan. The Azure Architecture Assessment reviews model access, retrieval, tool calls, identity, monitoring, evaluation, cost controls, ownership, and the 90-Day Action Plan.

Book Azure Architecture Assessment to move this agent from pilot to a production plan your owners can approve.

What To Bring

Bring the agent use case, tool list, data sources, identity model, deployment target, expected users, and monthly cost target.

Related guides