RedDogSME logo
Book
Back to guides

Azure Architecture Guide

Azure AI Foundry Production Readiness Checklist

Review checklist for teams moving Azure AI Foundry, agents, AI Search, MCP tools, and Azure OpenAI patterns toward production.

Checklist3 Min Read
Azure AI FoundryMCPContainer AppsGovernance

Quick Answer

An Azure AI Foundry agent is ready for production only when the team can explain identity, data access, retrieval, tool permissions, evaluation, monitoring, and cost ownership.

The agent architecture is not just the model. It is the full path from user request to model response, tool call, audit event, and operational owner.

When This Matters

Use this checklist when an agent moves from demo to real workflow.

Common triggers:

  • the agent reads internal documents or customer data
  • the agent calls APIs or MCP tools
  • business users depend on the response
  • model cost or retrieval cost affects budget
  • audit, security, or customer review requires an explanation
  • production support needs logs, traces, or runbooks

If the agent can act, retrieve, or influence a business process, it needs architecture review.

What To Decide

Answer these questions:

  1. Which users, apps, or jobs can invoke the agent?
  2. Which model deployments can it use?
  3. Which data sources can it retrieve from?
  4. Which tools can it call?
  5. Which tool calls need approval?
  6. How are prompts, outputs, traces, and errors retained?
  7. How will the team evaluate answer quality?
  8. Who owns cost, incidents, and access changes?

Do not skip the approval model. Tool access is where many agent risks appear.

Azure Components

Review:

  • Azure AI Foundry resources and projects
  • Azure OpenAI or model deployments
  • Azure AI Search indexes
  • storage accounts and data sources
  • managed identities and RBAC
  • Key Vault
  • Container Apps, Functions, or API Management for tool endpoints
  • Content Safety
  • Application Insights and Azure Monitor
  • budgets, token tracking, and cost alerts

The right design keeps model access, data access, and tool access separate enough to govern.

Microsoft Alignment

Use Azure AI Foundry architecture guidance for project and connected-service boundaries. Use Cloud Adoption Framework AI guidance for governance and operating model. Use Well Architected security and cost principles before production launch.

For agent tools, use least privilege and approval rules before expanding capabilities.

Common Mistakes

  • Letting one identity read all retrieval data.
  • Using API keys where managed identity should exist.
  • Allowing tool calls with no approval or audit trail.
  • Keeping traces without deciding retention and access.
  • Treating evaluation as a launch-day task.
  • Forgetting that AI Search, tokens, storage, and logs all create cost.

Agents need an operating owner, not just a prompt owner.

RedDogSME Recommendation

Use Azure Architecture Assessment when the team has a working prototype and needs a governed production plan. The assessment reviews model access, retrieval, tool calls, identity, monitoring, evaluation, cost controls, ownership, and the 90 day action plan.

What To Bring

Bring the agent use case, tool list, data sources, identity model, deployment target, expected users, and monthly cost target.

Related guides

What Should an Azure Architecture Assessment Cover?

A practical guide to the Azure cost, governance, landing zone, security, AI, ownership, and implementation questions an assessment should answer before more work is approved.

Read next

How to Run an Azure Architecture Board With a Recurring Review Cadence

A practical model for recurring Azure architecture decisions, owner actions, ADRs, cost review, AI governance, and implementation oversight.

Read next

Azure Cost Governance: What To Fix Before Buying More Capacity

How to connect Azure spend, ownership, budgets, reservations, tags, retention, and cleanup decisions before cloud cost grows again.

Read next