azure-aigateway
oleh Azure
Konfigurasikan Azure API Management (APIM) sebagai AI Gateway untuk mengamankan, mengamati, mengontrol model AI, server MCP, dan agen. Membantu dalam pembatasan kecepatan, caching semantik, keamanan konten, penyeimbangan beban.
npx skills add https://github.com/microsoft/GitHub-Copilot-for-Azure --skill azure-aigatewayAzure AI Gateway
Configure Azure API Management (APIM) as an AI Gateway for governing AI models, MCP tools, and agents.
To deploy APIM, use the azure-prepare skill. See APIM deployment guide.
When to Use This Skill
| Category | Triggers |
|---|---|
| Model Governance | "semantic caching", "token limits", "load balance AI", "track token usage" |
| Tool Governance | "rate limit MCP", "protect my tools", "configure my tool", "convert API to MCP" |
| Agent Governance | "content safety", "jailbreak detection", "filter harmful content" |
| Configuration | "add Azure OpenAI backend", "configure my model", "add AI Foundry model" |
| Testing | "test AI gateway", "call OpenAI through gateway" |
Quick Reference
| Policy | Purpose | Details |
|---|---|---|
azure-openai-token-limit | Cost control | Model Policies |
azure-openai-semantic-cache-lookup/store | 60-80% cost savings | Model Policies |
azure-openai-emit-token-metric | Observability | Model Policies |
llm-content-safety | Safety & compliance | Agent Policies |
rate-limit-by-key | MCP/tool protection | Tool Policies |
Get Gateway Details
# Get gateway URL
az apim show --name <apim-name> --resource-group <rg> --query "gatewayUrl" -o tsv
# List backends (AI models)
az apim backend list --service-name <apim-name> --resource-group <rg> \
--query "[].{id:name, url:url}" -o table
# Get subscription key
az apim subscription keys list \
--service-name <apim-name> --resource-group <rg> --subscription-id <sub-id>
Test AI Endpoint
GATEWAY_URL=$(az apim show --name <apim-name> --resource-group <rg> --query "gatewayUrl" -o tsv)
curl -X POST "${GATEWAY_URL}/openai/deployments/<deployment>/chat/completions?api-version=2024-02-01" \
-H "Content-Type: application/json" \
-H "Ocp-Apim-Subscription-Key: <key>" \
-d '{"messages": [{"role": "user", "content": "Hello"}], "max_tokens": 100}'
Common Tasks
Add AI Backend
See references/patterns.md for full steps.
# Discover AI resources
az cognitiveservices account list --query "[?kind=='OpenAI']" -o table
# Create backend
az apim backend create --service-name <apim> --resource-group <rg> \
--backend-id openai-backend --protocol http --url "https://<aoai>.openai.azure.com/openai"
# Grant access (managed identity)
az role assignment create --assignee <apim-principal-id> \
--role "Cognitive Services User" --scope <aoai-resource-id>
Apply AI Governance Policy
Recommended policy order in <inbound>:
- Authentication - Managed identity to backend
- Semantic Cache Lookup - Check cache before calling AI
- Token Limits - Cost control
- Content Safety - Filter harmful content
- Backend Selection - Load balancing
- Metrics - Token usage tracking
See references/policies.md for complete example.
Troubleshooting
| Issue | Solution |
|---|---|
| Token limit 429 | Increase tokens-per-minute or add load balancing |
| No cache hits | Lower score-threshold to 0.7 |
| Content false positives | Increase category thresholds (5-6) |
| Backend auth 401 | Grant APIM "Cognitive Services User" role |
See references/troubleshooting.md for details.
References
- Detailed Policies - Full policy examples
- Configuration Patterns - Step-by-step patterns
- Troubleshooting - Common issues
- AI-Gateway Samples
- GenAI Gateway Docs
SDK Quick References
- Content Safety: Python | TypeScript
- API Management: Python | .NET
Lebih banyak skill dari Azure
azure-ai
Azure
Gunakan untuk Azure AI: Search, Speech, OpenAI, Document Intelligence. Membantu pencarian, pencarian vektor/hibrida, ucapan-ke-teks, teks-ke-ucapan, transkripsi, OCR.
appinsights-instrumentation
Azure
Panduan untuk menginstrumentasi aplikasi web dengan Azure Application Insights. Menyediakan pola telemetri, pengaturan SDK, dan referensi konfigurasi.
azure-compliance
Azure
Kemampuan audit kepatuhan dan keamanan Azure yang komprehensif termasuk penilaian praktik terbaik, pemantauan kedaluwarsa Key Vault, dan validasi konfigurasi sumber daya.
azure-compute
Azure
Rekomendasikan ukuran VM Azure, VM Scale Sets (VMSS), dan konfigurasi berdasarkan kebutuhan beban kerja, persyaratan kinerja, dan batasan anggaran.
azure-cost-optimization
Azure
Mengidentifikasi dan mengukur penghematan biaya di seluruh langganan Azure dengan menganalisis biaya aktual, metrik pemanfaatan, dan menghasilkan rekomendasi optimasi yang dapat ditindaklanjuti.
azure-deploy
Azure
Jalankan deployment ke Azure. Langkah akhir setelah persiapan dan validasi. Menjalankan perintah azd up, azd deploy, atau penyediaan infrastruktur.
azure-diagnostics
Azure
Debug dan pecahkan masalah produksi di Azure. Mencakup diagnostik Container Apps dan Function Apps, analisis log dengan KQL, pemeriksaan kesehatan, serta resolusi masalah umum.
azure-hosted-copilot-sdk
Azure
Bangun dan sebarkan aplikasi GitHub Copilot SDK ke Azure.