2.5. Reflection Checkpoint

Key Takeaways

Before proceeding, ensure you can:

• Choose between multi-service and single-service resources based on quota and isolation requirements
• Select the correct authentication method (API key for dev, managed identity for prod)
• Configure network security appropriately (public, selected networks, private endpoint)
• Implement Content Safety and adjust thresholds vs. categories for different issues
• Apply RBAC roles following least-privilege principles

Connecting Forward

In Phase 3, you'll implement generative AI solutions using Azure OpenAI. The authentication patterns you learned here (managed identity, API key headers) apply directly to OpenAI calls. The resource planning decisions become "which model deployment?" and "which Foundry project?"

Self-Check Questions

1. A production application experiences intermittent 429 (rate limit) errors. What three approaches could address this, and which involves spending more money vs. optimizing usage?

2. A company's Content Safety system is blocking legitimate medical content that contains terms like "self-harm" in clinical contexts. Should they adjust severity thresholds, remove categories, or use blocklists? Why?