Adding Foundry Agent MCP Private Connectivity Lab #256
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Labs/ai foundry private mcp
pablocast
changed the title
Changes to ensure inter-oprability with WSL and missing items from the VM Start up
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| env_var_name = secret_name.replace("-", "_") | ||
| os.environ[env_var_name] = secret.value | ||
| except Exception as e: | ||
| print(f"Error loading secret {secret_name}: {e}") |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
Collaborator
There was a problem hiding this comment.
It is not printing out the secret value, just the secret key to help troubleshooting in a test environment
…or URL to the final files upload location
New image adding MCP private endpoint diagram and updating notebook f…
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Purpose
This pull request adds a new hands-on lab for demonstrating secure, private connectivity to Azure AI Foundry using Model Context Protocol (MCP), Azure API Management, and Azure Front Door. It introduces comprehensive documentation, sample agent scripts, infrastructure configuration, and a clean-up notebook. The lab guides users through deploying a fully private AI infrastructure, securely running MCP agents, and cleaning up resources.
Key changes:
Documentation and Lab Instructions
README.MDdescribing the architecture, deployment steps, testing scenarios, and resource clean-up for the Azure AI Foundry Private Connectivity Lab. The documentation covers the use of private endpoints, APIM, Front Door, Key Vault, a jumpbox VM, and MCP integration, along with step-by-step instructions for setup and testing.Agent Scripts and Secure Secret Loading
agent/load_env_from_kv.py, a script for securely loading secrets from Azure Key Vault using managed identity and setting them as environment variables for the agent.agent/sample_agents_mcp.py, a comprehensive Python script that demonstrates creating and running an MCP-enabled AI agent, including secure authentication, dynamic tool approval, and step-by-step conversation logging.Infrastructure Configuration
bicepconfig.jsonto enable experimental extensibility features and Microsoft Graph extension support for Bicep deployments, supporting advanced infrastructure automation.Resource Clean-up
clean-up-resources.ipynb, a Jupyter notebook that provides a simple way to clean up all deployed Azure resources after the lab, helping users avoid unnecessary charges.Does this introduce a breaking change?
Pull Request Type
What kind of change does this Pull Request introduce?