{"id":28483121,"url":"https://github.com/microsoftcloudessentials-learninghub/ai-agent-infra-blueprint","last_synced_at":"2026-01-28T08:12:37.287Z","repository":{"id":294925186,"uuid":"988487560","full_name":"MicrosoftCloudEssentials-LearningHub/AI-Agent-Infra-Blueprint","owner":"MicrosoftCloudEssentials-LearningHub","description":"This demonstration showcases the complete setup of the infrastructure required to build a generative AI agent using Azure AI Foundry and Azure OpenAI Service. This example is configured within a public network; however, please ensure you adapt the implementation to align with your specific use case and best practices of security, etc.","archived":false,"fork":false,"pushed_at":"2025-11-14T04:54:03.000Z","size":86,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-11-14T06:19:23.259Z","etag":null,"topics":["ai","ai-agent-setup","ai-agents","template-project","terraform-infrastructure"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MicrosoftCloudEssentials-LearningHub.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-05-22T16:06:52.000Z","updated_at":"2025-11-14T04:54:13.000Z","dependencies_parsed_at":"2025-06-28T23:32:31.592Z","dependency_job_id":"9b2b8d9c-7765-43a0-a3f6-d219cb59d411","html_url":"https://github.com/MicrosoftCloudEssentials-LearningHub/AI-Agent-Infra-Blueprint","commit_stats":null,"previous_names":["microsoftcloudessentials-learninghub/ai-agent-infrastack-setup","microsoftcloudessentials-learninghub/ai-agent-infra-blueprint"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/MicrosoftCloudEssentials-LearningHub/AI-Agent-Infra-Blueprint","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MicrosoftCloudEssentials-LearningHub%2FAI-Agent-Infra-Blueprint","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MicrosoftCloudEssentials-LearningHub%2FAI-Agent-Infra-Blueprint/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MicrosoftCloudEssentials-LearningHub%2FAI-Agent-Infra-Blueprint/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MicrosoftCloudEssentials-LearningHub%2FAI-Agent-Infra-Blueprint/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MicrosoftCloudEssentials-LearningHub","download_url":"https://codeload.github.com/MicrosoftCloudEssentials-LearningHub/AI-Agent-Infra-Blueprint/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MicrosoftCloudEssentials-LearningHub%2FAI-Agent-Infra-Blueprint/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28842833,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-28T07:39:25.367Z","status":"ssl_error","status_checked_at":"2026-01-28T07:39:24.487Z","response_time":57,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","ai-agent-setup","ai-agents","template-project","terraform-infrastructure"],"created_at":"2025-06-07T21:07:18.955Z","updated_at":"2026-01-28T08:12:37.281Z","avatar_url":"https://github.com/MicrosoftCloudEssentials-LearningHub.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Azure AI Agent: \u003cbr/\u003e Infrastructure Blueprint - Deployment Guide\n\nCosta Rica\n\n[![GitHub](https://img.shields.io/badge/--181717?logo=github\u0026logoColor=ffffff)](https://github.com/)\n[brown9804](https://github.com/brown9804)\n\nLast updated: 2025-10-03\n\n----------\n\n\u003e `How we move from basic coding all the way to AI agents?`\n\n```mermaid\nflowchart LR\n    A[Scripting: Line-by-line instructions] --\u003e B[Machine Learning: Packages + statistical foundations]\n    B --\u003e C[LLMs: Reasoning, understanding, human-like responses]\n    C --\u003e D[Agents: LLMs with ability to act]\n\n    %% Styling\n    classDef step fill:#4a90e2,stroke:#333,stroke-width:2px,color:#fff,font-weight:bold;\n    class A,B,C,D step;\n\n    %% Extra notes\n    A:::step\n    B:::step\n    C:::step\n    D:::step\n```\n\n\u003e - We all `start with scripting`, no matter the language, it’s the first step. `Simple/complex instructions, written line by line`, to get something done\n\u003e - Then comes `machine learning`. At this stage, we’re not reinventing the math, we’re `leveraging powerful packages built on deep statistical and mathematical foundations.` These tools let us `automate smarter processes, like reviewing claims with predictive analytics. You’re not just coding anymore; you’re building systems that learn and adapt.`\n\u003e - `LLMs`. This is what most people mean when they say `AI.` Think of `yourself as the architect, and the LLM as your strategic engine. You can plug into it via an API, a key, or through integrated services. It’s not just about automation, it’s about reasoning, understanding, and generating human-like responses.`\n\u003e - And finally, `agents`. These are LLMs with the `ability to act`. They don’t just respond, `they take initiative. They can create code, trigger workflows, make decisions, interact with tools, with other agents. It’s where intelligence meets execution`\n\n\u003e [!TIP]\n\u003e Please `clone/download` this repository to use this configuration as a blueprint.\n\n\u003e [!IMPORTANT]\n\u003e This example is based on a `public network site and is intended for demonstration purposes only`. It showcases how several Azure resources can work together to achieve the desired result. Consider the section below about [Important Considerations for Production Environment](#important-considerations-for-production-environment).\n\n\u003cimg width=\"1194\" height=\"565\" alt=\"image\" src=\"https://github.com/user-attachments/assets/c8730a94-df95-4682-8b82-483c50194973\" /\u003e\n\nFrom [Ignite 2024: Announcing the Azure AI Foundry SDK](https://techcommunity.microsoft.com/blog/azure-ai-foundry-blog/ignite-2024-announcing-the-azure-ai-foundry-sdk/4295862)\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eList of References \u003c/b\u003e (Click to expand)\u003c/summary\u003e\n\n- [Azure AI Foundry: Your AI App and agent factory](https://azure.microsoft.com/en-us/blog/azure-ai-foundry-your-ai-app-and-agent-factory/)\n- [Microsoft Build 2025: The age of AI agents and building the open agentic web](https://blogs.microsoft.com/blog/2025/05/19/microsoft-build-2025-the-age-of-ai-agents-and-building-the-open-agentic-web/)\n- [Azure AI Foundry Agent Service documentation](https://learn.microsoft.com/en-us/azure/ai-services/agents/)\n- [What are the resource providers for Azure services](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/azure-services-resource-providers)\n- [Role-based access control for Azure OpenAI in Azure AI Foundry Models](https://learn.microsoft.com/en-us/azure/ai-services/openai/how-to/role-based-access-control)\n- [Quickstart: Deploy Azure AI Search service using Terraform](https://learn.microsoft.com/en-us/azure/search/search-get-started-terraform)\n- [azurerm_ai_foundry_project](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/ai_foundry_project)\n- [azure ai agent](https://github.com/nileshvj2/azure_ai_agent_workshop) - SMC workshop\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eTable of Content \u003c/b\u003e (Click to expand)\u003c/summary\u003e\n\n- [Overview](#overview)\n- [Important Considerations for Production Environment](#important-considerations-for-production-environment)\n\n\u003c/details\u003e\n\n## Overview \n\n\u003e Below are the resources set up in Azure via Terraform. Please [follow this guide](./terraform-infrastructure/) to deploy the listed resources:\n\n\u003cdiv align=\"center\"\u003e\n  \u003cimg src=\"https://github.com/user-attachments/assets/7aed9e41-cf9a-4c34-a49c-94a55236bffc\" alt=\"Centered Image\" style=\"border: 2px solid #4CAF50; border-radius: 5px; padding: 5px;\"/\u003e\n\u003c/div\u003e\n\n1. **Azure AI Foundry** `Hub and Project`\n2. **Azure AI Foundry connections** (`using key or Entra authentication`)\n    - Azure `Open AI` service\n    - Azure `AI search` service\n3. **Azure Infrastructure Components:**\n    - **Azure Key Vault**: Securely store and manage secrets, keys, and certificates.\n    - **Azure Storage Account**: Provides a scalable storage solution for AI-related data.\n    - **Resource Group**: Centralized management for deployed Azure resources.\n4. **Permissions assigned in Azure AI Foundry:**\n    - `Azure AI Developer` permission for AI project/resource group level.\n    - `Cognitive Services OpenAI User` permission at resource group level.\n5. **Post-Provisioning Steps**:\n    - **Deploy GPT-4o-mini** (or `any GPT model of your choice`) 🡢 `AFTER provisioning Azure Open AI`.\n    - **Deploy text-embedding-ada-002** 🡢 `AFTER provisioning Azure Open AI` using the appropriate model deployment approach.\n    - **Create Azure AI Search Index** 🡢 `AFTER provisioning Azure AI Search`.\n\n## Important Considerations for Production Environment\n\n\u003cdetails\u003e\n  \u003csummary\u003ePublic Network Site\u003c/summary\u003e\n  \n  \u003e This example is based on a public network site and is intended for demonstration purposes only. It showcases how several Azure resources can work together to achieve the desired result.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n  \u003csummary\u003ePrivate Network Configuration\u003c/summary\u003e\n\n \u003e For enhanced security, consider configuring your Azure resources to operate within a private network. This can be achieved using Azure Virtual Network (VNet) to isolate your resources and control inbound and outbound traffic. Implementing private endpoints for services like Azure Blob Storage and Azure Functions can further secure your data by restricting access to your VNet.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n  \u003csummary\u003eSecurity\u003c/summary\u003e\n\n  \u003e Ensure that you implement appropriate security measures when deploying this solution in a production environment. This includes: \u003cbr/\u003e\n  \u003e\n  \u003e - Securing Access: Use Azure Entra ID (formerly known as Azure Active Directory or Azure AD) for authentication and role-based access control (RBAC) to manage permissions. \u003cbr/\u003e\n  \u003e - Managing Secrets: Store sensitive information such as connection strings and API keys in Azure Key Vault. \u003cbr/\u003e\n  \u003e - Data Encryption: Enable encryption for data at rest and in transit to protect sensitive information.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n  \u003csummary\u003eScalability\u003c/summary\u003e\n\n  \u003e While this example provides a basic setup, you may need to scale the resources based on your specific requirements. Azure services offer various scaling options to handle increased workloads. Consider using: \u003cbr/\u003e\n  \u003e\n  \u003e - Auto-scaling: Configure auto-scaling for Azure Functions and other services to automatically adjust based on demand. \u003cbr/\u003e\n  \u003e - Load Balancing: Use Azure Load Balancer or Application Gateway to distribute traffic and ensure high availability.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n  \u003csummary\u003eCost Management\u003c/summary\u003e\n\n  \u003e Monitor and manage the costs associated with your Azure resources. Use Azure Cost Management and Billing to track usage and optimize resource allocation.\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n  \u003csummary\u003eCompliance\u003c/summary\u003e\n\n  \u003e Ensure that your deployment complies with relevant regulations and standards. Use Azure Policy to enforce compliance and governance policies across your resources.\n\u003c/details\u003e\n\n\u003cdetails\u003e\n  \u003csummary\u003eDisaster Recovery\u003c/summary\u003e\n   \n\u003e Implement a disaster recovery plan to ensure business continuity in case of failures. Use Azure Site Recovery and backup solutions to protect your data and applications.\n\n\u003c/details\u003e\n\n\u003e [!NOTE]\n\u003e Please note that `these demos are intended as a guide and are based on my personal experiences. For official guidance, support, or more detailed information, please refer to Microsoft's official documentation or contact Microsoft directly`: [Microsoft Sales and Support](https://support.microsoft.com/contactus?ContactUsExperienceEntryPointAssetId=S.HP.SMC-HOME)\n\n\u003c!-- START BADGE --\u003e\n\u003cdiv align=\"center\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Total%20views-39-limegreen\" alt=\"Total views\"\u003e\n  \u003cp\u003eRefresh Date: 2025-07-17\u003c/p\u003e\n\u003c/div\u003e\n\u003c!-- END BADGE --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmicrosoftcloudessentials-learninghub%2Fai-agent-infra-blueprint","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmicrosoftcloudessentials-learninghub%2Fai-agent-infra-blueprint","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmicrosoftcloudessentials-learninghub%2Fai-agent-infra-blueprint/lists"}