Azure Best Practices
This section provides categorized best practices and recommendations for deploying and managing Azure AI workloads. The content is based on Microsoft’s official Azure OpenAI Best Practices Quick Reference Guide and the comprehensive AI Landing Zone checklist.
Best Practice Categories
Each file in this folder corresponds to a key area of Azure OpenAI deployment:
- 🚀 Application Deployment: Recommendations for application deployment, including DevOps and data classification.
- 🌐 BCDR: Business Continuity and Disaster Recovery (BCDR) strategies, such as multi-region deployments and failover.
- 💸 Cost Governance: Cost management, optimization, quota management, and usage monitoring.
- 🛡️ Governance & Security: Security baselines, access controls, compliance, and governance strategies.
- 👤 Identity & Access Management: Identity, authentication, and RBAC best practices.
- 🕸️ Network Topology & Connectivity: Networking, VNet isolation, private endpoints, and secure connectivity.
- ⚙️ Operations: Monitoring, logging, alerting, and operational excellence.
- 📋 Best Practices Summary: A consolidated summary of all key Azure OpenAI best practices.
Each markdown file contains a table with:
- Category and Subcategory
- Recommendation: Actionable best practice
- Service: Relevant Azure service
- Priority: (High/Medium/Low)
- Reference: Direct link to Microsoft documentation
Key Best Practice Themes
- Architecture: Design for scalability, reliability, and cost-efficiency using Azure’s Well-Architected Framework.
- Security: Encrypt data at rest and in transit, use RBAC, and follow the Azure Security Baseline for OpenAI.
- Governance: Apply resource tagging, enforce policies with Azure Policy, and ensure compliance with regulatory requirements.
- Networking: Use VNets and private endpoints to isolate and secure AI resources.
- Monitoring: Enable diagnostic logs, set up alerts, and use Azure Monitor for proactive health and performance management.
- Quota Management: Monitor usage, request quota increases proactively, and leverage Provisioned Throughput Units (PTUs) for predictable performance.
- BCDR: Deploy multi-region gateways (e.g., APIM + Azure Front Door) for high availability and disaster recovery.
Navigation
- ⬅️ Back to Home
- Azure Best Practices Index
- Application Deployment
- BC and DR
- Best Practices Summary
- Cost Governance
- Governance and Security
- Identity and Access Management
- Network Topology and Connectivity
- Operations
How to Use
These summaries help:
- Validate your Azure OpenAI architecture
- Uncover gaps in security, governance, or operations
- Guide implementation and review discussions
- Quickly access authoritative Microsoft documentation
For the full checklist and more details, see the Azure OpenAI Best Practices Quick Reference Guide.
This repository is not an official Microsoft product but is based on public Microsoft best practices and documentation as of April 2025.