Note
This is a 90-minute workshop that gives you hands-on experience building a Compliance RAG Agent using Microsoft AI Foundry, the Foundry Toolkit for VS Code, and GitHub Copilot. You will go from zero to a fully deployed compliance assistant with a web UI.
By the end of this workshop, you will be able to:
- Provision Azure resources (AI Foundry, Blob Storage, Azure AI Search) required for a RAG agent.
- Upload and index compliance documents into Azure AI Search from Azure Blob Storage.
- Design and prototype an agent in Foundry Toolkit for VS Code Agent Builder with Azure AI Search as a grounding tool.
- Export agent code and debug real-world runtime errors using GitHub Copilot.
- Extend the agent with interactive input and a professional web UI using GitHub Copilot Agent mode.
- Containerize the application for deployment using Docker (Optional).
- Evaluate and refine agent responses through structured test scenarios.
flowchart LR
U[" User Query"] -->|"1. Submit"| UI[" Streamlit Web UI\napp_ui.py"]
UI -->|"2. Query"| A[" Azure AI Foundry\nAgent (GPT-4o)"]
A -->|"3. Search"| S[" Azure AI Search\nRAG Retrieval"]
S -->|"4. Retrieve"| B[" Blob Storage\nKB Documents"]
B -.->|"5. Chunks"| S
S -.->|"6. Context"| A
A -.->|"7. Report"| UI
UI -.->|"8. Display"| U
Azure = Brain (Models + Search) · Foundry Toolkit for VS Code = Agent Designer · GitHub Copilot = Builder + Debugger + Extender
Compliance and risk teams in fintech, banking, and manufacturing organizations must evaluate regulatory risks across multiple jurisdictions before onboarding vendors, handling cross-border data transfers, or signing contracts. Today, this process involves manually searching dozens of regulatory documents, cross-referencing multiple policies, and writing compliance reports from scratch — leading to slow turnaround and inconsistent risk assessments.
You will build Compliance Compass, an intelligent compliance RAG agent that:
- Accepts natural language queries — Users describe real-world compliance scenarios (e.g., "We are onboarding an AI vendor in China that will process customer payment data.")
- Retrieves relevant policies — The agent searches a curated Knowledge Base of 12 compliance documents via Azure AI Search.
- Analyzes risks — The agent reasons over retrieved policies to identify conflicts, obligations, and risks.
- Generates structured reports — The output includes risk scores, referenced policies, immediate actions, and escalation options.
User Prompt:
"Assessing risks for a new AI analytics vendor based in Singapore that will process our customer transaction data. Are there any RBI localization concerns?"
Agent Report (summarized):
- Risk Score: 7/10 (High)
- Key Findings: RBI mandates payment data storage in India; processing abroad allowed but data must return within 24 hours.
- Recommended Actions: Add data residency clause, conduct Transfer Impact Assessment, perform vendor cybersecurity audit.
- References: RBI Data Localization 2018 Guidelines, GDPR Article 44 Transfers.
Tip
Complete the modules in order — each builds on the previous one.
| Module | Title | What You Will Do | Duration |
|---|---|---|---|
| I | Prerequisites and Environment Setup | Install tools, authenticate with Azure, configure VS Code extensions | 10 min |
| II | Provisioning Azure Resources | Create AI Foundry hub, deploy models, set up Blob Storage and AI Search | 15 min |
| III | Designing the Agent in Foundry Toolkit for VS Code | Build the compliance agent visually with instructions and Azure AI Search tool | 10 min |
| IV | Exporting Code and Debugging with Copilot | Export to Python, encounter a real Azure SDK error, debug with Copilot | 15 min |
| V | Adding Interactive Input | Transform hardcoded queries into an interactive CLI with Copilot | 10 min |
| VI | Building a Professional Web UI | Generate a complete Streamlit chat UI using Copilot Agent mode | 15 min |
| VII | Containerization and Testing (Optional) | Dockerize the app with Docker (optional), run quality tests, refine agent instructions | 15 min |
Total Duration: ~90 minutes
| Technology | Role in Workshop |
|---|---|
| Microsoft AI Foundry | The brain — hosts GPT-4o (reasoning) and embedding model; manages agent deployment |
| Foundry Toolkit for VS Code | The designer — visual builder to configure agents, instructions, and tools without writing code |
| GitHub Copilot (Agent Mode) | The builder — debugs errors, generates code extensions, creates UI, writes Dockerfile |
| Azure AI Search | The memory — indexes and retrieves relevant compliance policies for RAG grounding |
| Azure Blob Storage | The storage — stores the 12 compliance Knowledge Base documents |
Note
Instructor Note: Each module contains step-by-step instructions. Participants copy prompts and let GitHub Copilot generate the output — minimal manual coding is required.
Click Next to proceed to Module I: Prerequisites and Environment Setup.