Assign least-privilege Azure roles, not broad contributor rights

Give workloads and people the narrow Azure role they need instead of defaulting to Contributor.

July 5, 2026 · 2 min · 274 words

Keep model name and deployment name in config

Do not hard-code model routing decisions into application logic.

July 5, 2026 · 2 min · 281 words

Use managed identity before connection strings

Prefer Azure-managed identities over long-lived secrets in deployed applications.

July 5, 2026 · 2 min · 292 words