Enabling Secure Access to Private Resources with Azure AI Foundry

One of our client’s key requirements was to build an AI agent that could securely access private resources without exposing any data over the public internet.

To meet this requirement, we followed an architecture similar to the diagram above, leveraging Azure AI Foundry with private networking.

How We Designed the Solution

As shown in the diagram, all core services - Azure Storage, AI Search, Foundry, and Cosmos DB - are placed behind private endpoints within the client’s virtual network. This ensures that none of these resources are publicly accessible.

We deployed the agent inside a dedicated subnet within the same VNet. This allowed the agent to communicate directly with these services through private endpoints, without any need to traverse the public internet.

The private endpoint subnet acts as a secure bridge between the agent and the underlying Azure services. At the same time, the client has full control over the network, including the option to apply firewall rules to manage outbound traffic.

Why This Approach Worked

All communication between the agent and data sources stays within the private network.

Sensitive data, including queries and retrieved content, never leaves the network boundary.

Access to resources is controlled through private endpoints and proper authorization.

This design removes the risks associated with public endpoints and ensures compliance with enterprise security requirements.

Final Outcome

Using this approach, we delivered an AI solution that is both secure and scalable. The client now has an agent that can safely interact with private data sources while maintaining full control over network traffic and access policies.

To learn more about the configuration, follow this documentation:

https://learn.microsoft.com/en-us/azure/foundry/agents/how-to/virtual-networks

How are you currently securing your AI workloads when accessing sensitive data?