Provisioning¶
The Azure Agent Workbench scaffold lives under infra/azure-agent-workbench/.
This topology exists to make LeafEnterprise the durable backend execution plane for savings/audit, scoped dashboard, evidence retrieval, and agent work. It should not be read as a generic cloud diagram.
Infrastructure Shape¶
The Bicep target provisions:
- AKS cluster,
- CPU, memory, and GPU worker pools,
- lane-scoped managed identities,
- Azure Container Registry,
- Key Vault,
- ADLS Gen2 storage,
- Azure AI Services,
- Azure AI Search,
- API Management,
- Service Bus queue
agent-tasks, - Log Analytics and Application Insights.
Backend Authority Mapping¶
| Backend responsibility | Azure/runtime component |
|---|---|
| Long-running agent work | AKS lane workers plus Service Bus dispatch. |
| Evidence and artifact replay | ADLS Gen2 bronze/silver/artifact containers. |
| Curated migration and evidence tables | Azure SQL dedicated stores. |
| Current claims runtime | AWS SQL through backend-controlled credentials until deliberate promotion. |
| Contract packet retrieval | Microsoft Graph / OneDrive through backend-only resolver code. |
| Enterprise retrieval | Azure AI Search / Foundry IQ indexes over governed chunks. |
| AI calls | Azure OpenAI through backend guardrails and APIM policy. |
| Secret boundaries | Key Vault and managed identity. |
Required Follow-Up Before Production Claims¶
- Bind AKS Workload ID service accounts for each lane.
- Configure APIM AI gateway policies.
- Configure Azure OpenAI / Foundry provider routes.
- Configure Foundry IQ knowledge sources over Azure AI Search.
- Validate private endpoint connectivity before public network lockdown.
- Put source credential profiles in Key Vault.
- Run Service Bus dispatch and worker receipt smokes.
Security Defaults¶
Owner access is audited break-glass. Normal employee roles must not receive broad QuickBooks, Salesforce write, or platform/security write access by default.