Define and enforce security policies across all AI agents.
Prevent agents from sending PII data to external endpoints
All agents must be deployed within a Virtual Network
Agents must not have Contributor or Owner roles
Code execution agents require human approval
All agent actions must be logged to Azure Monitor
Agents must use Azure AD instead of function keys
Outbound traffic must be filtered through Azure Firewall
All secrets must be rotated every 90 days