# 🔍 Enterprise RAG with Azure AI Foundry (.NET)

## 📋 Learning Objectives

This notebook explains how to create enterprise-level Retrieval-Augmented Generation (RAG) systems using the Microsoft Agent Framework in .NET with Azure AI Foundry. You'll learn to develop production-ready agents capable of searching through documents and delivering precise, context-aware responses, all while ensuring enterprise security and scalability.

**Enterprise RAG Capabilities You'll Develop:**
- 📚 **Document Intelligence**: Advanced document processing powered by Azure AI services
- 🔍 **Semantic Search**: High-performance vector search with enterprise-grade features
- 🛡️ **Security Integration**: Role-based access control and data protection strategies
- 🏢 **Scalable Architecture**: Production-ready RAG systems with monitoring capabilities

## 🎯 Enterprise RAG Architecture

### Core Enterprise Components
- **Azure AI Foundry**: A managed enterprise AI platform with built-in security and compliance
- **Persistent Agents**: Stateful agents that maintain conversation history and context
- **Vector Store Management**: Enterprise-grade document indexing and retrieval
- **Identity Integration**: Azure AD authentication and role-based access control

### .NET Enterprise Benefits
- **Type Safety**: Compile-time validation for RAG operations and data structures
- **Async Performance**: Non-blocking document processing and search operations
- **Memory Management**: Efficient resource handling for large document collections
- **Integration Patterns**: Seamless integration with Azure services using dependency injection

## 🏗️ Technical Architecture

### Enterprise RAG Pipeline
```csharp
Document Upload → Security Validation → Vector Processing → Index Creation
                      ↓                    ↓                  ↓
User Query → Authentication → Semantic Search → Context Ranking → AI Response
```

### Core .NET Components
- **Azure.AI.Agents.Persistent**: Enterprise agent management with state persistence
- **Azure.Identity**: Integrated authentication for secure Azure service access
- **Microsoft.Agents.AI.AzureAI**: Azure-optimized agent framework implementation
- **System.Linq.Async**: High-performance asynchronous LINQ operations

## 🔧 Enterprise Features & Benefits

### Security & Compliance
- **Azure AD Integration**: Enterprise-grade identity management and authentication
- **Role-Based Access**: Granular permissions for document access and operations
- **Data Protection**: Encryption for sensitive documents both at rest and in transit
- **Audit Logging**: Comprehensive activity tracking for compliance purposes

### Performance & Scalability
- **Connection Pooling**: Efficient management of Azure service connections
- **Async Processing**: Non-blocking operations for high-throughput scenarios
- **Caching Strategies**: Smart caching for frequently accessed documents
- **Load Balancing**: Distributed processing for large-scale deployments

### Management & Monitoring
- **Health Checks**: Built-in monitoring for RAG system components
- **Performance Metrics**: Detailed analytics on search quality and response times
- **Error Handling**: Robust exception management with retry policies
- **Configuration Management**: Environment-specific settings with validation

## ⚙️ Prerequisites & Setup

**Development Environment:**
- .NET 9.0 SDK or higher
- Visual Studio 2022 or VS Code with C# extension
- Azure subscription with AI Foundry access

**Required NuGet Packages:**
```xml
<PackageReference Include="Microsoft.Extensions.AI" Version="9.9.0" />
<PackageReference Include="Azure.AI.Agents.Persistent" Version="1.2.0-beta.5" />
<PackageReference Include="Azure.Identity" Version="1.15.0" />
<PackageReference Include="System.Linq.Async" Version="6.0.3" />
<PackageReference Include="DotNetEnv" Version="3.1.1" />
```

**Azure Authentication Setup:**
```bash
# Install Azure CLI and authenticate
az login
az account set --subscription "your-subscription-id"
```

**Environment Configuration (.env file):**
```env
# Azure AI Foundry configuration (automatically handled via Azure CLI)
# Ensure you're authenticated to the correct Azure subscription
```

## 📊 Enterprise RAG Patterns

### Document Management Patterns
- **Bulk Upload**: Efficient handling of large document collections
- **Incremental Updates**: Real-time addition and modification of documents
- **Version Control**: Document versioning and change tracking
- **Metadata Management**: Rich attributes and taxonomy for documents

### Search & Retrieval Patterns
- **Hybrid Search**: Combining semantic and keyword search for optimal results
- **Faceted Search**: Multi-dimensional filtering and categorization
- **Relevance Tuning**: Custom scoring algorithms tailored to specific domains
- **Result Ranking**: Advanced ranking integrated with business logic

### Security Patterns
- **Document-Level Security**: Granular access control for individual documents
- **Data Classification**: Automatic sensitivity labeling and protection
- **Audit Trails**: Comprehensive logging of all RAG operations
- **Privacy Protection**: Detection and redaction of personally identifiable information (PII)

## 🔒 Enterprise Security Features

### Authentication & Authorization
```csharp
// Azure AD integrated authentication
var credential = new AzureCliCredential();
var agentsClient = new PersistentAgentsClient(endpoint, credential);

// Role-based access validation
if (!await ValidateUserPermissions(user, documentId))
{
    throw new UnauthorizedAccessException("Insufficient permissions");
}
```

### Data Protection
- **Encryption**: End-to-end encryption for documents and search indices
- **Access Controls**: Integration with Azure AD for user and group permissions
- **Data Residency**: Geographic data location controls for compliance
- **Backup & Recovery**: Automated backup and disaster recovery capabilities

## 📈 Performance Optimization

### Async Processing Patterns
```csharp
// Efficient async document processing
await foreach (var document in documentStream.AsAsyncEnumerable())
{
    await ProcessDocumentAsync(document, cancellationToken);
}
```

### Memory Management
- **Streaming Processing**: Handle large documents without memory overload
- **Resource Pooling**: Efficient reuse of expensive resources
- **Garbage Collection**: Optimized memory allocation strategies
- **Connection Management**: Proper lifecycle management of Azure service connections

### Caching Strategies
- **Query Caching**: Cache frequently executed searches
- **Document Caching**: In-memory caching for frequently accessed documents
- **Index Caching**: Optimized caching for vector indices
- **Result Caching**: Smart caching of generated responses

## 📊 Enterprise Use Cases

### Knowledge Management
- **Corporate Wiki**: Intelligent search across company knowledge bases
- **Policy & Procedures**: Automated guidance for compliance and procedures
- **Training Materials**: Intelligent assistance for learning and development
- **Research Databases**: Systems for analyzing academic and research papers

### Customer Support
- **Support Knowledge Base**: Automated responses for customer service
- **Product Documentation**: Intelligent retrieval of product information
- **Troubleshooting Guides**: Contextual assistance for problem-solving
- **FAQ Systems**: Dynamic generation of FAQs from document collections

### Regulatory Compliance
- **Legal Document Analysis**: Intelligence for contracts and legal documents
- **Compliance Monitoring**: Automated checks for regulatory compliance
- **Risk Assessment**: Analysis and reporting of risks based on documents
- **Audit Support**: Intelligent discovery of documents for audits

## 🚀 Production Deployment

### Monitoring & Observability
- **Application Insights**: Detailed telemetry and performance monitoring
- **Custom Metrics**: Tracking and alerting for business-specific KPIs
- **Distributed Tracing**: End-to-end tracking of requests across services
- **Health Dashboards**: Real-time visualization of system health and performance

### Scalability & Reliability
- **Auto-Scaling**: Automatic scaling based on load and performance metrics
- **High Availability**: Multi-region deployment with failover capabilities
- **Load Testing**: Validation of performance under enterprise-level loads
- **Disaster Recovery**: Automated backup and recovery procedures

Ready to create enterprise-grade RAG systems capable of handling sensitive documents at scale? Let's design intelligent knowledge systems for the enterprise! 🏢📖✨


In [1]:
#r "nuget: Microsoft.Extensions.AI, 9.9.1"

In [2]:
#r "nuget: Azure.AI.Agents.Persistent, 1.2.0-beta.5"
#r "nuget: Azure.Identity, 1.15.0"
#r "nuget: System.Linq.Async, 6.0.3"

In [None]:
#r "nuget: Microsoft.Agents.AI.AzureAI, 1.0.0-preview.251001.3"

In [None]:
#r "nuget: Microsoft.Agents.AI, 1.0.0-preview.251001.3"

In [6]:
#r "nuget: DotNetEnv, 3.1.1"

In [7]:
using System;
using System.Linq;
using Azure.AI.Agents.Persistent;
using Azure.Identity;
using Microsoft.Agents.AI;

In [8]:
 using DotNetEnv;

In [9]:
Env.Load("../../../.env");

In [10]:
var azure_foundry_endpoint = Environment.GetEnvironmentVariable("AZURE_AI_PROJECT_ENDPOINT") ?? throw new InvalidOperationException("AZURE_AI_PROJECT_ENDPOINT is not set.");
var azure_foundry_model_id = Environment.GetEnvironmentVariable("AZURE_AI_MODEL_DEPLOYMENT_NAME") ?? "gpt-4.1-mini";

In [11]:
string pdfPath = "./document.md";

In [12]:
using System.IO;

async Task<Stream> OpenImageStreamAsync(string path)
{
	return await Task.Run(() => File.OpenRead(path));
}

var pdfStream = await OpenImageStreamAsync(pdfPath);

In [13]:
var persistentAgentsClient = new PersistentAgentsClient(azure_foundry_endpoint, new AzureCliCredential());

In [14]:
PersistentAgentFileInfo fileInfo = await persistentAgentsClient.Files.UploadFileAsync(pdfStream, PersistentAgentFilePurpose.Agents, "demo.md");

In [15]:
PersistentAgentsVectorStore fileStore =
            await persistentAgentsClient.VectorStores.CreateVectorStoreAsync(
                [fileInfo.Id],
                metadata: new Dictionary<string, string>() { { "agentkey", bool.TrueString } });

In [16]:
PersistentAgent agentModel = await persistentAgentsClient.Administration.CreateAgentAsync(
            azure_foundry_model_id,
            name: "DotNetRAGAgent",
            tools: [new FileSearchToolDefinition()],
            instructions: """
                You are an AI assistant designed to answer user questions using only the information retrieved from the provided document(s).

                - If a user's question cannot be answered using the retrieved context, **you must clearly respond**: 
                "I'm sorry, but the uploaded document does not contain the necessary information to answer that question."
                - Do not answer from general knowledge or reasoning. Do not make assumptions or generate hypothetical explanations.
                - Do not provide definitions, tutorials, or commentary that is not explicitly grounded in the content of the uploaded file(s).
                - If a user asks a question like "What is a Neural Network?", and this is not discussed in the uploaded document, respond as instructed above.
                - For questions that do have relevant content in the document (e.g., Contoso's travel insurance coverage), respond accurately, and cite the document explicitly.

                You must behave as if you have no external knowledge beyond what is retrieved from the uploaded document.
                """,
            toolResources: new()
            {
                FileSearch = new()
                {
                    VectorStoreIds = { fileStore.Id },
                }
            },
            metadata: new Dictionary<string, string>() { { "agentkey", bool.TrueString } });

In [17]:
AIAgent agent = await persistentAgentsClient.GetAIAgentAsync(agentModel.Id);

In [18]:
AgentThread thread = agent.GetNewThread();

In [19]:
Console.WriteLine(await agent.RunAsync("Can you explain Contoso's travel insurance coverage?", thread));

Contoso's travel insurance coverage includes protection for medical emergencies, trip cancellations, and lost baggage. This ensures that travelers are supported in case of health-related issues during their trip, unforeseen cancellations, and the loss of their belongings while traveling【4:0†demo.md】.



---

**Disclaimer**:  
This document has been translated using the AI translation service [Co-op Translator](https://github.com/Azure/co-op-translator). While we aim for accuracy, please note that automated translations may contain errors or inaccuracies. The original document in its native language should be regarded as the authoritative source. For critical information, professional human translation is recommended. We are not responsible for any misunderstandings or misinterpretations resulting from the use of this translation.
