Beneath Abstraction

Introduction The Model Context Protocol (MCP) has changed the way how AI applications interact with external data sources and services, and the need to securely expose REST APIs as MCP servers has become more critical. Azure API Management provides an enterprise-grade solution that facilitates this transformation and along with its robust security, monitoring, and governance capabilities. In this post, I explore two approaches to expose REST APIs as MCP servers using Azure API Management: ...

Introduction In this blog post, we’ll dive into how to expose Azure AI Foundry endpoints through API Management, protect the APIs from overuse with token-based rate limiting, and monitor token usage per API subscriber. These features in API Management are known as GenAI gateway capabilities. Azure AI Foundry is a powerful platform for deploying and managing large language models (LLMs) for all sorts of AI-driven applications. These AI capabilities are available via API endpoints. Azure API Management is a platform designed to streamline and enhance the management of APIs, which offers a range of capabilities such as enhanced security, rate limiting, and monitoring etc. ...

Running Sidecar Containers in Azure App Service: An experiment with Dapr Today I decided to try Azure App Service’s new ability to run sidecar containers. My goal, To create a simple .NET API, run it in Azure App Service, and pair it with Dapr as a sidecar container and use it for state management. Locally, Dapr would connect to a local Redis docker container, and once deployed to Azure, it would seamlessly switch to Azure Cache for Redis. ...

Introduction In this blog post we look into a scalable and flexible platform to run microservices on Azure without the complexity of managing infrastructure. Azure Container Apps allows you to run containerized microservices and integrating Dapr (Distributed Application Runtime) can simplify the communication between services, manage state, and handle pub/sub messaging. This blog also shows how to set up Azure Container Apps, and how to deploy Dapr-enabled microservices that communicate with each other. ...

Understanding and Mitigating Prompt Injection Attacks with Prompt Shield in Azure AI Studio Introduction In the fast-changing landscape of Generative AI and its applications, keeping AI models secure and reliable is very important. Prompt injection is one of the prominent attack identified against AI Implementations. Azure AI Studio offers a solutions to tackle these threats and is called Prompt Shield. This blog will explain what prompt injection attacks are, their possible effects, and how Azure AI Studio’s Prompt Shield can protect against them. ...

This guide will walk you through the process of enhancing language models using RAG architecture in Azure AI Studio. Retrieval-Augmented Generation (RAG) enhances Large Language Model (LLM) capabilities, like those of GPTs, by integrating an information retrieval system. This addition grounds data and controls the context for the LLM’s response generation.

Introduction Azure Application Gateway provides a powerful solution for load balancing, SSL termination, and URL-based routing. In this blog post, we will discuss a common scenario where we need to forward traffic to two different Azure API Management instances based on the incoming URL, distinguishing between non-production and production environments. Problem Statement Consider a scenario where you have two separate instances of Azure API Management (Sku: any non consumption tier): one for non-production/testing (nonprod) and the other for production (prod). The requirement is to route incoming traffic through an Azure Application Gateway, forwarding requests to the appropriate API Management instance based on the path specified in the URL. Specifically, requests with the path /nonprod/* should be directed to the non-production API Management instance, while requests without this path should be forwarded to the production instance. ...