Featured image of post From Prototype to Production: Azure AI Foundry Agent Service Reaches General Availability
Azure AI

From Prototype to Production: Azure AI Foundry Agent Service Reaches General Availability

The Gap Between “It Works in the Demo” and “It Works in Production”

Anyone who has shepherded a technology project through a government procurement cycle knows the challenge: a vendor demo dazzles in a conference room, but the path from compelling prototype to production-hardened service is long, expensive, and filled with compliance checkpoints that most demos never account for. AI agents are no different.

For the past year, government IT teams have been experimenting with AI agents - conversational assistants that can search documents, call APIs, reason across multiple steps, and take actions on behalf of users. The prototypes have been impressive. The question that lands on every IT director’s desk is always the same: Is this actually ready for production?

As of March 2026, Microsoft has answered that question definitively for one of its most important platforms. Azure AI Foundry Agent Service is now generally available - moving from public preview into a fully supported, production-ready service backed by enterprise SLAs. This milestone matters enormously for government agencies that have been waiting for the right moment to graduate their AI agent pilots into real constituent-facing services.

What Is Azure AI Foundry Agent Service?

Foundry Agent Service is a fully managed platform for building, deploying, and scaling AI agents. At its core, it handles the hard infrastructure problems that have historically made AI agents fragile in enterprise environments: hosting, scaling, identity, observability, and security - so development teams can focus on the agent logic itself rather than the plumbing beneath it.

Every agent on the platform combines three core components:

  • A model (LLM): Provides reasoning and language capabilities. The service supports many models from the Foundry model catalog, including GPT-4o and GPT-5.x. Critically, you can swap models without changing your agent code.
  • Instructions: Define the agent’s goals, constraints, and behavior - through prompts, workflow definitions, or code.
  • Tools: Give the agent access to data and actions, such as web search, file search, Azure AI Search, code interpretation, MCP servers, and custom API calls.

The platform now supports three distinct agent types, designed for progressively more complex scenarios:

Prompt Agents (Generally Available)

Prompt agents are defined entirely through configuration - no code required. You specify instructions, select a model, attach tools, and the service handles orchestration and hosting automatically. This is the right starting point for most government use cases: internal FAQ bots, document summarization assistants, or constituent query routing.

Create them through the Foundry portal without writing a line of code, or deploy them programmatically via the SDK or REST API.

Workflow Agents (Preview)

Workflow agents orchestrate sequences of actions or coordinate multiple agents using declarative definitions built visually in the Foundry portal or defined in YAML through Visual Studio Code. They support branching logic, human-in-the-loop approval steps, and sequential or group-chat patterns between agents.

For government, this opens the door to multi-agent workflows where one agent routes a request, a second agent performs a document lookup, and a human supervisor approves before any output reaches a citizen.

Hosted Agents (Preview)

Hosted agents are code-based agents built with any framework of your choice - Semantic Kernel, LangGraph, or custom code - and deployed as containers on Foundry Agent Service. Your team writes the orchestration logic; the platform manages the runtime, scaling, and infrastructure.

The Production Deployment Lifecycle

What makes the GA release significant is not just the feature set - it is the complete build-test-deploy-monitor workflow that now has enterprise-grade backing behind every stage:

  1. Create - Define a prompt agent in the portal or build a hosted agent in code
  2. Test - Chat with your agent in the Agents Playground or run it locally before any production traffic touches it
  3. Trace - Inspect every model call, tool invocation, and decision with end-to-end agent tracing integrated with Application Insights
  4. Evaluate - Run evaluations to measure quality and catch regressions before they reach users
  5. Publish - Promote your agent to a managed resource with a stable, versioned endpoint. Published agents automatically inherit enterprise identity and access controls
  6. Monitor - Track performance and reliability with service metrics dashboards

The versioning system is worth highlighting for government teams specifically. As you iterate on an agent, versions are automatically snapshotted. You can roll back to any previous version or compare changes between versions - the same kind of change control discipline that government IT policies require for any production system.

Enterprise-Grade Infrastructure: What “GA” Actually Means

The GA designation is not just marketing. It signals that the underlying infrastructure has matured to meet enterprise requirements across four key dimensions:

Identity Per Agent

Each agent can be assigned a dedicated Microsoft Entra identity, enabling secure, scoped access to resources and APIs without sharing credentials across agents. For government environments that require strict separation of duties and auditable access patterns, this is critical. An agent handling benefits inquiries should not share credentials with an agent processing HR documents.

Private Networking

Foundry Agent Service supports a Standard Setup with Bring Your Own Virtual Network (BYO VNet), which allows agencies to run agent infrastructure entirely within their own Azure virtual network. This provides:

  • No public egress by default
  • Private endpoint DNS resolution for all connected resources
  • Data movement confined entirely to the agency’s network environment
  • Container injection that enables local communication of Azure resources within the same VNet

This is the configuration that satisfies the most common data-residency and data-exfiltration concerns in government security reviews. Deployment is supported via Bicep or Terraform templates, enabling infrastructure-as-code repeatability across environments.

Customer-Owned Data Storage

In the Standard Setup, all conversation history, file storage, and vector stores are stored in your own Azure resources - Azure Storage, Azure Cosmos DB, and Azure AI Search - not in Microsoft-managed shared infrastructure. Government agencies that need to apply their own retention policies, Customer Managed Keys (CMK), or audit trails to AI conversation data now have that control.

Content Safety and Guardrails

The platform integrates content filters that help mitigate prompt injection risks, including cross-prompt injection attacks (XPIA) - a threat vector particularly relevant for agents that process untrusted input from the public. Responsible AI guardrails are built in at the platform layer, not bolted on by the development team.

Why This Matters for Government

Government agencies face a specific set of pressures that make the GA milestone of Foundry Agent Service particularly meaningful:

Compliance accountability requires stable, auditable systems. Preview services carry an implicit caveat: things may change without notice. General availability means the API contract is stable, the service is covered by Azure’s standard SLAs, and the feature set is locked enough to build compliance documentation around. For agencies that must demonstrate technical controls to auditors, a GA service is categorically different from a preview.

Data sovereignty is non-negotiable. The BYO Virtual Network configuration and customer-owned storage options directly address the data residency requirements that many government agencies must satisfy. Keeping constituent data - including AI conversation history - within agency-controlled infrastructure is a compliance baseline in many public sector contexts, not a nice-to-have.

Agent identity and least-privilege access align with Zero Trust mandates. The federal Zero Trust Strategy and its state-level equivalents require that every workload - including AI agents - operate with the minimum permissions necessary for its function. Per-agent Entra identities and Azure RBAC integration allow agencies to implement that principle directly for their AI deployments.

Production reliability supports constituent-facing services. When an AI agent handles permit inquiries, benefits eligibility pre-screening, or public records requests, downtime has real consequences. The Foundry Agent Service’s fully managed runtime - handling hosting, scaling, and infrastructure - means agency development teams are not responsible for the operational burden of keeping the agent available. The versioning and rollback capabilities mean that a bad update can be reversed without a full re-deployment.

Phased adoption is supported by the tiered agent types. Government agencies can start with no-code prompt agents for simple use cases, prove value to leadership, and progressively adopt workflow agents and hosted agents as internal AI engineering maturity grows. The GA release provides a stable foundation for that multi-year journey.

Availability Considerations for Government Customers

Government customers operating in Azure Commercial can begin production deployments of Foundry Agent Service today. Customers operating in Azure Government (US Gov) regions should verify current availability and feature parity through the Azure Government services availability documentation, as some AI services reach government cloud regions on a rolling basis after commercial GA.

For Microsoft 365 GCC tenants, the agent publishing integration with Microsoft 365 Copilot and Teams - which allows published agents to surface directly in collaboration tools your workforce already uses - should be evaluated against the specific capability availability in GCC environments before planning production deployments that depend on this channel.

Getting Started

The recommended path for most government teams:

  1. Review the environment setup guide and choose between Basic, Standard, or Standard with Private Networking based on your data sensitivity requirements
  2. Deploy a prompt agent using the Foundry portal to validate your use case without writing code
  3. Evaluate the Standard Setup with BYO VNet if your agency’s security posture requires private network isolation
  4. Engage your Microsoft account team to discuss Azure Government availability and GCC-specific guidance for your planned workloads

The prototype-to-production gap for AI agents in government just got significantly smaller.

Resources

© 2024 - 2026 Mike Hacker
Azure Specialist ยท Microsoft