<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Kartik Anand</title>
    <description>The latest articles on DEV Community by Kartik Anand (@kartikanand_45).</description>
    <link>https://dev.to/kartikanand_45</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F232189%2Ff2a67e37-54de-4904-ad70-a74d4010bf2e.jpg</url>
      <title>DEV Community: Kartik Anand</title>
      <link>https://dev.to/kartikanand_45</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/kartikanand_45"/>
    <language>en</language>
    <item>
      <title># The Enterprise MCP Registry: Why APIM is the Right Home for Governed AI Tool Access</title>
      <dc:creator>Kartik Anand</dc:creator>
      <pubDate>Sun, 05 Jul 2026 15:16:51 +0000</pubDate>
      <link>https://dev.to/kartikanand_45/-the-enterprise-mcp-registry-why-apim-is-the-right-home-for-governed-ai-tool-access-15le</link>
      <guid>https://dev.to/kartikanand_45/-the-enterprise-mcp-registry-why-apim-is-the-right-home-for-governed-ai-tool-access-15le</guid>
      <description>&lt;p&gt;&lt;strong&gt;By Kartik Anand, Cloud &amp;amp; AI Architect | Agentic Systems on Azure&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;p&gt;Every enterprise AI team is solving the same problem independently right now: how do we connect our AI agents to our data systems?&lt;/p&gt;

&lt;p&gt;Each team figures out the MCP connection. Each team handles auth. Each team builds their own retry logic. Each team manages their own observability. And when something breaks at 2am, nobody knows which agent called which system or why.&lt;/p&gt;

&lt;p&gt;There’s a better pattern. And most organizations already own the infrastructure to build it.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  The Problem with Point-to-Point MCP Connections
&lt;/h2&gt;

&lt;p&gt;Model Context Protocol is the right abstraction for connecting AI agents to data systems. Snowflake exposes a managed MCP server. Databricks is building one. ServiceNow, SAP, and a dozen other enterprise platforms are following. The protocol is winning.&lt;/p&gt;

&lt;p&gt;But most implementations today look like this:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
ClaimsAgent. → Snowflake MCP (custom auth, custom retry)

PharmacyAgent. → Databricks MCP (different auth, different retry)

OpsAgent. → Fabric Data Agent (different auth again)

TicketingAgent. → ServiceNow MCP (yet another auth pattern)

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Point-to-point. No consistency. No central observability. No governance. Every team reinventing the same wheel with slightly different spokes.&lt;/p&gt;

&lt;p&gt;This is the microservices sprawl problem, arriving in the MCP era right on schedule.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  APIM as the Enterprise MCP Registry
&lt;/h2&gt;

&lt;p&gt;Azure API Management is already the right answer to this problem. It’s what you put in front of APIs when you need consistent auth, retry, rate limiting, versioning, and observability across a heterogeneous set of backends. MCP servers are APIs. The same governance logic applies.&lt;/p&gt;

&lt;p&gt;The pattern:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
Any AI Agent

. → APIM (Enterprise MCP Gateway)

. ├── /mcp/snowflake-claims. → Snowflake CLAIMS_MCP

. ├── /mcp/databricks-pharmacy → Databricks Genie

. ├── /mcp/fabric-hospitalops. → Fabric Data Agent

. ├── /mcp/sap-finance. → SAP MCP server

. └── /mcp/servicenow-tickets. → ServiceNow MCP server

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Every MCP server in the enterprise gets a consistent, governed endpoint. Any AI agent calls &lt;code&gt;/mcp/snowflake-claims&lt;/code&gt; — it doesn’t know or care what’s behind it. The agent’s job is reasoning. APIM’s job is everything else.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  What You Get Per MCP Endpoint
&lt;/h2&gt;

&lt;p&gt;Become a Medium member&lt;br&gt;
&lt;strong&gt;Auth normalization.&lt;/strong&gt; Every backend has its own authentication requirement. Snowflake wants one thing. ServiceNow wants another. APIM normalizes it — the agent sends its Entra ID token once, APIM handles the translation to whatever the backend expects. No agent ever holds a backend credential directly.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Retry per endpoint.&lt;/strong&gt; Snowflake’s Cortex Agent cold start behavior is different from Databricks Genie’s. Point-to-point connections handle this inconsistently or not at all. APIM lets you define the right retry policy for each backend independently — exponential backoff, max attempts, timeout — without touching agent code.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Rate limiting.&lt;/strong&gt; One rogue agent shouldn’t be able to hammer a shared Snowflake instance. APIM enforces per-caller, per-endpoint limits. The agent gets a clean error. The backend stays healthy.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Versioning.&lt;/strong&gt; &lt;code&gt;/mcp/snowflake-claims/v1&lt;/code&gt; and &lt;code&gt;/v2&lt;/code&gt; coexist while teams migrate. Agents that haven’t updated yet keep working. No big-bang cutover.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Unified observability.&lt;/strong&gt; Every MCP call across every backend flows through one logging layer. When something breaks at 2am, you have one place to look — which agent called which MCP server, what it sent, what came back, how long it took, whether it retried. This is the operational capability that makes the difference between a demo and a system.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Discovery.&lt;/strong&gt; APIM’s developer portal becomes your internal MCP catalog. Teams browse available MCP servers like an API marketplace — here’s what data sources your AI agents can reach, here’s how to connect, here’s the schema. New agents don’t start from scratch. They pick from the catalog.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  The Organizational Story
&lt;/h2&gt;

&lt;p&gt;Right now, connecting an AI agent to Snowflake requires knowing Snowflake’s MCP endpoint, handling their auth pattern, building retry logic, and figuring out observability. Every team does this independently.&lt;/p&gt;

&lt;p&gt;With APIM as the registry, that’s solved once, centrally, by the platform team. A new specialist agent doesn’t think about infrastructure. It thinks about its domain:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;“I need claims data → call &lt;code&gt;/mcp/snowflake-claims&lt;/code&gt;”&lt;/p&gt;

&lt;p&gt;“I need hospital ops → call &lt;code&gt;/mcp/fabric-hospitalops&lt;/code&gt;”&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;The platform team owns the registry. Domain teams own their agents. Clear separation. Clean ownership. This is how enterprise AI infrastructure actually scales.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  Why This Isn’t Being Built Yet
&lt;/h2&gt;

&lt;p&gt;Most organizations are still on their first or second MCP connection. The governance problem doesn’t feel urgent when you have two endpoints. It feels very urgent when you have twenty, owned by five different teams, called by a dozen agents, with no central visibility.&lt;/p&gt;

&lt;p&gt;The teams building MCP connections today are AI engineers. The teams that would naturally own a registry like this — platform engineering, API governance, cloud architecture — aren’t in the MCP conversation yet. That gap is where the mess accumulates.&lt;/p&gt;

&lt;p&gt;The organizations that build this registry now, before the sprawl sets in, will have a meaningfully better operational posture when the number of MCP connections scales.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  What This Looks Like in Practice
&lt;/h2&gt;

&lt;p&gt;In the architecture I’ve been building — an A2A orchestration platform across Snowflake and Microsoft Fabric — APIM already sits in front of the escalation action layer. The natural next step is extending that same APIM instance to front every MCP connection, not just the action tools.&lt;/p&gt;

&lt;p&gt;One APIM instance. Multiple MCP backends. Consistent governance across all of them. Any new data source the organization wants to make available to AI agents gets added as a new route — auth configured once, retry policy set, logging enabled, added to the catalog.&lt;/p&gt;

&lt;p&gt;That’s the enterprise MCP registry. It’s not a new product. It’s a new use of infrastructure you probably already have.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  The Three Things to Build First
&lt;/h2&gt;

&lt;p&gt;If you’re starting today:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;1. Route your first MCP connection through APIM.&lt;/strong&gt; Pick your highest-value MCP server — probably Snowflake or Databricks if you have them — and put APIM in front of it. Add the inbound auth policy and a basic retry policy. That’s your registry with one entry.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;2. Standardize the URL pattern.&lt;/strong&gt; Establish &lt;code&gt;/mcp/{platform}-{domain}&lt;/code&gt; as your naming convention before you have ten endpoints. Renaming later is painful.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;3. Enable logging to Application Insights.&lt;/strong&gt; One line in APIM policy. You’ll thank yourself the first time something fails and you need to know why.&lt;/p&gt;

&lt;p&gt;Everything else — versioning, rate limiting, the developer portal catalog — follows naturally once the first connection is clean.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;p&gt;The MCP ecosystem is moving fast. The governance layer is moving slower. The organizations that close that gap early will have the operational foundation to scale agentic AI without the chaos that usually follows platform adoption at speed.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Part of a series on enterprise agentic AI architecture. Full reference implementation: &lt;a href="https://github.com/kartikanand73/fabriciq-multi-agent-reference-architecture" rel="noopener noreferrer"&gt;HealthIQ Multi-Agent A2A Architecture&lt;/a&gt; · Deep dive: &lt;a href="https://medium.com/@kartikanand_11915/building-a-multi-agent-a2a-architecture-on-snowflake-and-microsoft-fabric-without-replacing-859c7238c603" rel="noopener noreferrer"&gt;Building a Multi-Agent A2A Architecture on Snowflake and Microsoft Fabric&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Kartik Anand — Cloud &amp;amp; AI Architect | &lt;a href="https://linkedin.com/in/kartanand" rel="noopener noreferrer"&gt;LinkedIn&lt;/a&gt; · &lt;a href="https://github.com/kartikanand73" rel="noopener noreferrer"&gt;GitHub&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>ai</category>
      <category>api</category>
      <category>architecture</category>
      <category>mcp</category>
    </item>
    <item>
      <title># Building a Multi-Agent A2A Architecture on Snowflake and Microsoft Fabric — Without Replacing Either</title>
      <dc:creator>Kartik Anand</dc:creator>
      <pubDate>Sun, 05 Jul 2026 15:13:15 +0000</pubDate>
      <link>https://dev.to/kartikanand_45/-building-a-multi-agent-a2a-architecture-on-snowflake-and-microsoft-fabric-without-replacing-3m1g</link>
      <guid>https://dev.to/kartikanand_45/-building-a-multi-agent-a2a-architecture-on-snowflake-and-microsoft-fabric-without-replacing-3m1g</guid>
      <description>&lt;p&gt;Every enterprise healthcare payer I work with has the same problem.&lt;/p&gt;

&lt;p&gt;They have years of investment in Snowflake — semantic models, claims analytics, carefully curated data products. They have Microsoft Fabric rolling out across their organization — lakehouses, Delta tables, real-time intelligence. They have Azure OpenAI licenses and ambitious AI roadmaps.&lt;/p&gt;

&lt;p&gt;And they’re asking the same question: &lt;em&gt;how do we put AI on top of all of this without ripping anything out?&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;This is the story of how I built HealthIQ — a unified healthcare intelligence platform that answers that question with a working, production-grade architecture.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  The Problem With “AI on Your Data”
&lt;/h2&gt;

&lt;p&gt;Most “AI on your data” demos show a chatbot connected to a single database. Ask it a question, it writes SQL, returns an answer. Clean. Simple. And completely inadequate for enterprise healthcare.&lt;/p&gt;

&lt;p&gt;Real healthcare analytics doesn’t live in one place. Claims financials live in Snowflake. Bed occupancy and staffing data live in Fabric lakehouses. Clinical policy documents live in document stores. Escalation workflows live in Logic Apps. Getting a complete picture of operational health requires crossing all of these — in a single, coherent answer.&lt;/p&gt;

&lt;p&gt;The naive solution is to build one giant agent with every tool attached. I’ve seen this fail. At scale, a single agent juggling ten tools loses coherence. Routing degrades. Context windows fill up. The model gets confused about which tool to call when.&lt;/p&gt;

&lt;p&gt;There’s a better pattern.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  The Architecture: Five Tiers, Two Specialists, One Orchestrator
&lt;/h2&gt;

&lt;p&gt;HealthIQ is built on a five-tier architecture with a multi-agent A2A (Agent-to-Agent) orchestration layer on top.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fuceb09e18ar5lplcwtq6.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fuceb09e18ar5lplcwtq6.png" alt=" " width="800" height="866"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Press enter or click to view image in full size&lt;/p&gt;

&lt;h3&gt;
  
  
  Tier 1 — Structured Analytics: Snowflake Cortex Agent
&lt;/h3&gt;

&lt;p&gt;The foundation is a Snowflake semantic view (&lt;code&gt;CLAIMS_SEMANTIC&lt;/code&gt;) that exposes curated claims metrics — total paid amounts, PMPM cost, denial rates by specialty, DRG utilization — as named business concepts rather than raw tables.&lt;/p&gt;

&lt;p&gt;On top of that semantic view sits a Snowflake Cortex Agent, exposed as a managed MCP (Model Context Protocol) server. This means any AI orchestrator can call it with natural language and get back structured analytics — without writing a line of SQL.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
Q: What were total claims paid in Q1 2026?

A: $370,685,724.65

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  Tier 2 — Operational Intelligence: Microsoft Fabric Data Agent
&lt;/h3&gt;

&lt;p&gt;Four Delta tables in a Fabric Lakehouse capture hospital operational data — bed occupancy, staffing ratios, patient volume, authorization status. A Fabric Data Agent (&lt;code&gt;HospitalOpsAgentV2&lt;/code&gt;) sits on top of these tables and answers operational questions in natural language.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
Q: Which facility has the highest occupancy?

A: Riverside Health (Southeast) at 92%

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  Tier 3 — Document Intelligence: Azure AI Search RAG
&lt;/h3&gt;

&lt;p&gt;A RAG layer built on Azure AI Search indexes a curated set of clinical policy documents, CMS benchmark reports, and medical director summaries — included here to showcase the pattern. In practice, this layer can connect to your existing document stores: SharePoint libraries, Azure Blob Storage, OneLake files, or any indexed enterprise content. The point isn’t the five documents I loaded — it’s that your existing knowledge assets become part of the reasoning chain without any restructuring. When the AI needs to explain &lt;em&gt;why&lt;/em&gt; a metric looks the way it does — not just what the number is — it pulls context from this layer.&lt;/p&gt;

&lt;h3&gt;
  
  
  Tier 4 — Orchestration: Azure AI Foundry
&lt;/h3&gt;

&lt;p&gt;This is where the intelligence lives. Two specialist agents coordinate through an A2A protocol:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;ClaimsIntelligenceAgent&lt;/strong&gt; — owns everything financial. It has access to the Snowflake MCP tool and the Policy Search RAG layer. It knows claims analytics the way a Senior Actuary knows claims analytics.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;HospitalOpsAgent&lt;/strong&gt; — owns everything operational. It has access to the Fabric Data Agent and an escalation workflow. It knows clinical capacity the way a COO knows clinical capacity.&lt;/p&gt;

&lt;p&gt;Above them sits &lt;strong&gt;HealthcareOrchestratorV3&lt;/strong&gt; — a master agent that does no data access directly. Its only job is to understand the question, route to the right specialist(s), and synthesize their responses into a single executive answer. I chose GPT-4.1 for both the specialists and the synthesis step — the routing and cross-domain reasoning needed reliable structured output more than raw speed, and GPT-4.1 held up consistently across multi-turn agent calls without drifting off format.&lt;/p&gt;

&lt;h3&gt;
  
  
  Tier 5 — Action: Azure API Management + Logic App
&lt;/h3&gt;

&lt;p&gt;This is where AI stops being a reporting layer and becomes an operational system. The action tier is unlimited in scope — constrained only by your business case, not the technology. Trigger a care management workflow. Update a claims record. Open a ServiceNow ticket. Push a notification to a clinical team. Invoke an RPA bot. Any system reachable via API becomes an action the AI can take.&lt;/p&gt;

&lt;p&gt;For this showcase, I kept it simple: when occupancy hits 92% and the user asks to escalate, the orchestrator delegates to HospitalOpsAgent, which calls an APIM-proxied Logic App and delivers an escalation email to the care management team. The full loop — question to action — closes in one conversation. The email is illustrative. The pattern is production-grade.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  The A2A Pattern: Why It Matters
&lt;/h2&gt;

&lt;p&gt;The key architectural insight is the separation between &lt;strong&gt;specialists&lt;/strong&gt; and &lt;strong&gt;orchestrators&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Each specialist agent is small, focused, and owns its own tools. ClaimsIntelligenceAgent doesn’t know anything about bed occupancy. HospitalOpsAgent doesn’t know anything about PMPM cost. They’re experts in one domain.&lt;/p&gt;

&lt;p&gt;The master orchestrator doesn’t touch data directly. It reasons about the question and delegates. For a cross-domain question like &lt;em&gt;”which hospitals have the highest occupancy and how does that correlate with our denial rates?”&lt;/em&gt; — it calls both specialists in parallel, waits for both responses, and synthesizes them into one answer.&lt;/p&gt;

&lt;p&gt;This is how enterprise AI scales. Not one monolithic agent that knows everything, but a network of specialists coordinated by an orchestrator. As your data estate grows, you add specialist agents — one per domain, owned by the team that knows that data best. The orchestrator barely changes.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
HealthcareOrchestratorV3

├── ClaimsIntelligenceAgent → Snowflake + Policy RAG

└── HospitalOpsAgent → Fabric Lakehouse + Escalation

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  What This Enables for Healthcare Payers
&lt;/h2&gt;

&lt;p&gt;For a managed care organization, this architecture answers the questions that actually matter:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;em&gt;”What’s driving our Cardiology denial rate, and how does it compare to CMS national benchmarks?”&lt;/em&gt; — Claims agent pulls the rate, RAG layer pulls the benchmark and the medical director’s context.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;em&gt;”Which facilities are at critical capacity right now?”&lt;/em&gt; — Ops agent returns live occupancy across all facilities, flags anything above 90%.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;em&gt;”Send an escalation alert for Riverside Health”&lt;/em&gt; — Ops agent calls the escalation workflow, email goes to the care management team, confirmation comes back in the chat.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;All of this in a single Teams conversation. No SQL. No dashboard hunting. No switching between systems.&lt;/p&gt;

&lt;h2&gt;
  
  
  The “Aha” Moment for Enterprise AI
&lt;/h2&gt;

&lt;p&gt;The insight that makes this architecture resonate with enterprise clients is simple:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;You don’t need to centralize your data to centralize your intelligence.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Snowflake stays in Snowflake. Fabric stays in Fabric. Each system keeps its own governance, its own semantic layer, its own access controls. The AI orchestration layer sits on top and coordinates — it doesn’t absorb.&lt;/p&gt;

&lt;p&gt;This is how you sell AI to an organization that has spent years building a data estate and isn’t going to blow it up for a chatbot.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  The Production Detail That Matters: APIM as a Proxy
&lt;/h2&gt;

&lt;p&gt;Here’s the real-world detail that demos never show you.&lt;/p&gt;

&lt;p&gt;Azure AI Foundry’s OpenAPI tool redacts query parameters before making HTTP calls. If your API uses query string authentication — SAS tokens, API version parameters — they get stripped to &lt;code&gt;?REDACTED&lt;/code&gt; before the call goes out.&lt;/p&gt;

&lt;p&gt;The fix: put Azure API Management in front. Foundry sends a clean call with just an &lt;code&gt;Ocp-Apim-Subscription-Key&lt;/code&gt; header. An APIM inbound policy uses &lt;code&gt;set-backend-service&lt;/code&gt; and &lt;code&gt;rewrite-uri&lt;/code&gt; to reconstruct the full URL with all parameters before forwarding. Foundry never sees the sensitive parameters. The API works correctly.&lt;/p&gt;

&lt;p&gt;This is the kind of pattern that separates a demo from a production architecture.&lt;/p&gt;

&lt;p&gt;Become a Medium member&lt;br&gt;
There’s a second reason APIM belongs in this architecture, and it matters more than the redaction workaround: identity and access control. No enterprise lets AI agents call backend systems anonymously, and an API gateway is exactly where you enforce that. APIM ties into your identity provider — Entra ID, OAuth, whatever your enterprise standardizes on — so every call from an agent carries a verifiable identity, not just a static key. You get centralized logging of who (or what agent) accessed which system and when, rate limiting per caller, and the ability to revoke access without touching the agent itself. For a healthcare payer handling PHI-adjacent operational and claims data, that audit trail isn’t optional — it’s the control that makes the rest of this architecture deployable in production.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  Guardrails and Observability: The Parts That Make This Trustworthy
&lt;/h2&gt;

&lt;p&gt;A working demo and a deployable system are different things. Two Foundry capabilities close that gap.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Guardrails.&lt;/strong&gt; Azure AI Foundry lets you attach guardrails directly to each agent — content filtering, jailbreak detection, and groundedness checks that run before a response ever reaches the user. In a healthcare context this matters concretely: you don’t want an agent confidently answering a clinical policy question from a hallucinated detail, and you don’t want a claims agent exposed to prompt injection through a malformed query. Guardrails sit at the agent level, so each specialist enforces its own policy independent of how the orchestrator routes to it.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Tracing.&lt;/strong&gt; Every agent call in Foundry — including the A2A hops between the orchestrator and each specialist — generates a trace. When a cross-domain question comes back wrong, or a tool call fails, the trace shows exactly which agent was invoked, what arguments it passed, what the tool returned, and how long each step took. This is the difference between debugging a black box and debugging a system. I used traces directly to diagnose a token-fetch failure in same-project A2A calls — without that visibility, it would have been a guessing exercise.&lt;/p&gt;

&lt;p&gt;For any architecture handling claims or clinical data, guardrails and tracing aren’t optional extras. They’re what a security or compliance review will ask about first.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  What I’d Harden Before Calling This Production-Ready
&lt;/h2&gt;

&lt;p&gt;It’s worth being honest about what a demo glosses over.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Error handling.&lt;/strong&gt; Specialist agents occasionally hit transient failures — an MCP server timeout, a token refresh delay. Right now the orchestrator surfaces the error in its synthesis rather than retrying silently, which is the right behavior for a demo but needs a proper retry-with-backoff policy in production, plus a fallback message that doesn’t expose internal error text to the end user.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Cost and latency.&lt;/strong&gt; Every specialist agent call has its own cost and latency profile. A cross-domain question that fans out to two agents in parallel costs roughly double a single-domain question and adds the synthesis call on top. At scale, the routing logic should account for this — not every question needs both specialists, and the keyword-based router I built for this showcase is a placeholder for a more deliberate semantic routing decision in GPT-4.1 itself.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Same-project A2A auth.&lt;/strong&gt; As of this writing, Foundry’s native A2A wiring for same-project agents has rough edges around managed identity token exchange. I worked around it with a Python orchestration layer calling each agent’s A2A endpoint directly — which works well, but native in-Foundry publishing to Teams is the cleaner long-term path once that matures.&lt;/p&gt;

&lt;p&gt;None of these are dealbreakers. They’re the normal gap between “I proved the pattern works” and “this is hardened for production traffic” — and naming that gap honestly is part of doing this work seriously.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  Tradeoffs I Considered and Rejected
&lt;/h2&gt;

&lt;p&gt;Every architectural choice here had a simpler alternative I deliberately didn’t take. Naming them — and why — matters more than the choice itself.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;A2A specialists vs. one agent with many tools.&lt;/strong&gt; The simpler path is a single agent with every tool attached: Snowflake MCP, Fabric Data Agent, RAG, escalation, all in one system prompt. I rejected this after watching it degrade in practice. Past roughly five or six tools, a single agent starts misrouting — calling the wrong tool, or calling the right tool with the wrong framing because it’s reasoning about ten things at once instead of one. The single-agent model also has an organizational failure mode that matters more long-term than the technical one: it has no clean ownership boundary. If the claims team and the ops team are both editing the same agent’s system prompt and tool list, you get merge conflicts in intent, not just in code. A2A specialists cost you orchestration overhead and an extra synthesis call. What you get back is a system where each team owns a contained blast radius, and a routing failure in one specialist doesn’t take down the other. For two specialists, the overhead is a fair trade. For ten, it’s close to mandatory.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;API gateway vs. native Foundry connectors.&lt;/strong&gt; Foundry’s native OpenAPI and MCP tool support is the path of least resistance, and I started there. I moved to an APIM-fronted pattern for two reasons that aren’t visible in a demo. First, the practical one: Foundry’s OpenAPI tool redacts query parameters, which silently breaks any backend using query-string auth — there’s no native workaround inside Foundry itself. Second, the more important one: native connectors authenticate with a static key the agent holds directly. That’s acceptable for a prototype and not acceptable for a system touching claims or clinical data in an enterprise with an identity-provider standard. The gateway costs you one more hop and one more resource to operate. It buys you centralized identity enforcement, audit logging, and the ability to revoke a single caller’s access without touching the agent. For a regulated industry, that’s not a nice-to-have — it’s close to a requirement once this leaves the sandbox.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;GPT-4.1 vs. a larger frontier model.&lt;/strong&gt; I deliberately did not reach for the most powerful available model. The reasoning load in this architecture is mostly routing and structured synthesis — deciding which specialist to call, and combining two already-coherent responses into one — not open-ended novel reasoning. GPT-4.1 holds format reliably across multi-turn agent calls, which matters more here than raw capability, and it’s meaningfully cheaper and faster at the volume an orchestration layer like this generates, since every user question can trigger two to three model calls under the hood. The tradeoff I’m explicitly making is ceiling for cost and latency: if a future specialist needs to do something closer to genuine multi-step clinical reasoning rather than structured retrieval-and-synthesis, that specific agent should probably sit on a more capable model while the orchestrator stays lightweight. Model choice in a multi-agent system doesn’t have to be uniform, and treating it as a single decision for the whole architecture is itself a mistake worth avoiding.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;What changes at 20 specialists instead of 2.&lt;/strong&gt; This architecture works cleanly at two specialists with keyword-based routing. It does not survive unchanged at twenty — the router has to become semantic rather than keyword-based, classifying intent against a registry of agent capabilities instead of matching against a static list of trigger words. The deeper shift is that operational discipline which is manageable per-agent at this scale — tracing, guardrails, governance — has to become a platform-level concern rather than something each specialist handles on its own. I cover what that looks like concretely further down. None of this invalidates the pattern; it’s the normal maturity curve from proof-of-concept to platform, and it’s worth being explicit that this piece describes the former.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  Everything That Went Into This
&lt;/h2&gt;

&lt;p&gt;It’s worth listing what actually got built, because the architecture diagram understates the amount of plumbing underneath it. None of this is glamorous, and all of it was necessary.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Data and semantic layer&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Snowflake semantic view (&lt;code&gt;CLAIMS_SEMANTIC&lt;/code&gt;) exposing claims metrics as named business concepts&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Snowflake Cortex Agent configured and published as a managed MCP server&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Microsoft Fabric Lakehouse with four Delta tables modeling hospital operations&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Fabric Data Agent built and tuned against those tables&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Azure AI Search index populated with clinical policy documents for the RAG layer&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Agents and orchestration&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Two specialist agents (&lt;code&gt;ClaimsIntelligenceAgent&lt;/code&gt;, &lt;code&gt;HospitalOpsAgent&lt;/code&gt;) built in Azure AI Foundry, each with its own system prompt, tool set, and guardrail configuration&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;A master orchestrator (&lt;code&gt;HealthcareOrchestratorV3&lt;/code&gt;) coordinating both specialists via the A2A protocol&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;A Python-based orchestration layer as a fallback path, handling routing, parallel agent calls, and GPT-4.1 synthesis directly against each agent’s A2A endpoint&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Identity and security&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;System-assigned managed identities enabled on the Foundry resource and, separately, on the Function App used for the API wrapper — turning these on isn’t a checkbox, it required explicit role assignments at the resource scope rather than relying on subscription-level inheritance&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;code&gt;Azure AI Developer&lt;/code&gt; role explicitly granted to each managed identity at the project/resource scope it needed to call&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Entra ID-based authentication wired into the A2A tool connections in place of static keys&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;APIM configured with subscription-key and identity-aware policies in front of every externally-callable tool&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Integration and action layer&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Azure API Management instance fronting the Snowflake MCP connection, with inbound policies (&lt;code&gt;set-backend-service&lt;/code&gt;, &lt;code&gt;rewrite-uri&lt;/code&gt;) to work around Foundry’s query-parameter redaction on OpenAPI tools&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;A second APIM-proxied connection in front of a Logic App for the escalation email workflow&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Teams channel publishing for the production-facing orchestrator&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Operational tooling&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;Guardrails configured per agent for content filtering and groundedness&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Full request tracing enabled across both specialist agents and the orchestrator, used directly to diagnose a same-project A2A token-fetch failure&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Python test harnesses validating each A2A endpoint independently before wiring them into the orchestrator&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The unglamorous truth about agentic AI architecture is that the agent logic is maybe 30% of the work. The other 70% is identity, networking, observability, and the small production-grade fixes — like the APIM redaction workaround — that never show up in a demo but determine whether the thing actually ships.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  The Real Takeaway: This Is a Blueprint, Not a One-Off
&lt;/h2&gt;

&lt;p&gt;Strip away the healthcare specifics and what’s left is a reusable pattern: take a large, ambiguous problem, decompose it into narrow specialist agents that each own one domain and one set of tools, and coordinate them with a master orchestrator that does routing and synthesis but touches no data directly. Claims and hospital operations are this instance of the pattern. The pattern itself applies anywhere a problem is too broad for one agent to reason about coherently but naturally splits along domain lines — financial services, supply chain, IT operations, customer support, regulatory compliance. The five tiers map differently each time; the shape doesn’t change.&lt;/p&gt;

&lt;p&gt;What makes a blueprint actually reusable, though, isn’t the happy-path architecture diagram — it’s the checklist of what every specialist agent has to support before it’s allowed into the system, regardless of domain. This is the part teams skip when they’re moving fast, and the part that turns into an incident six months later when they didn’t.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The minimum bar for any specialist agent joining the platform:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Guardrails&lt;/strong&gt; — content filtering, jailbreak detection, and groundedness checks configured at the agent level, not assumed to be inherited from the orchestrator&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Tracing&lt;/strong&gt; — full request/response tracing enabled by default, not added reactively after the first hard-to-diagnose failure&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Identity&lt;/strong&gt; — authenticates through the gateway with a verifiable identity (Entra ID or equivalent), never a static key held by the agent itself&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Tool ownership boundary&lt;/strong&gt; — a specialist’s tools are its own; no shared mutable state or shared credentials across specialists&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Failure mode defined&lt;/strong&gt; — an explicit answer to “what does this agent return when its tool fails,” not a default that leaks a stack trace to the end user&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Cost and latency budget&lt;/strong&gt; — a known per-call cost and latency profile, so the orchestrator’s routing decisions can be made with that cost visible, not discovered later in a bill&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Ownership and versioning&lt;/strong&gt; — a named team or owner, and a way to version the agent’s prompt and tools without breaking the orchestrator’s contract with it&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Onboarding contract with the orchestrator&lt;/strong&gt; — a clear description of what the agent does and doesn’t handle, so routing logic (keyword-based or semantic) has something accurate to route against&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;None of these are exotic. Most of them are the same governance disciplines that already exist for microservices, just translated to agents. The mistake is assuming agentic systems get a pass on that discipline because they’re new — they don’t, and the organizations that figure this out early are the ones who get past two specialist agents to twenty without the whole thing becoming unmanageable.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;h2&gt;
  
  
  What’s Next
&lt;/h2&gt;

&lt;p&gt;The agent marketplace model is the natural evolution. Today HealthIQ has two specialists — claims and hospital ops. In six months it could have ten: pharmacy, member engagement, regulatory compliance, prior authorization, quality metrics. Each owned by the team that knows that domain best. Each an independent A2A agent that plugs into the master orchestrator.&lt;/p&gt;

&lt;p&gt;The orchestrator barely changes. The intelligence scales linearly.&lt;/p&gt;

&lt;p&gt;That’s the architecture worth building toward.&lt;/p&gt;

&lt;p&gt;— -&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Kartik Anand is a Cloud &amp;amp; AI Architect at Microsoft working on enterprise data platform engagements in healthcare. He specializes in agentic AI architectures on Microsoft Fabric, Azure AI Foundry, and Snowflake.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Interested in building something similar? Connect with me on &lt;a href="https://dev.toKartik%20Anand%20|%20LinkedIn"&gt;LinkedIn&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>architecture</category>
      <category>agenticai</category>
      <category>mcp</category>
      <category>fabric</category>
    </item>
    <item>
      <title># Your Security Team Is Right to Block Local MCP Connections. Here’s the Alternative.</title>
      <dc:creator>Kartik Anand</dc:creator>
      <pubDate>Thu, 02 Jul 2026 22:19:37 +0000</pubDate>
      <link>https://dev.to/kartikanand_45/-your-security-team-is-right-to-block-local-mcp-connections-heres-the-alternative-3213</link>
      <guid>https://dev.to/kartikanand_45/-your-security-team-is-right-to-block-local-mcp-connections-heres-the-alternative-3213</guid>
      <description>&lt;p&gt;&lt;strong&gt;# Your Security Team Is Right to Block Local MCP Connections. Here’s the Alternative.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;**By Kartik Anand, Cloud &amp;amp; AI Architect | Agentic Systems on Azure**&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;— -&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;A healthcare enterprise I work with recently blocked their developers from connecting to MCP servers from local machines. The security team’s reasoning was straightforward: no audit trail, no identity enforcement, no rate limiting, no data loss prevention. Any developer connecting their laptop directly to a Fabric or Power BI MCP server is an ungoverned connection in an environment that can’t afford ungoverned connections.&lt;/p&gt;

&lt;p&gt;They were right to block it.&lt;/p&gt;

&lt;p&gt;The problem is they had no alternative to offer. Developers who wanted to use AI agents with their Fabric data were told no — full stop. The capability existed, the need existed, and the security posture made it inaccessible.&lt;/p&gt;

&lt;p&gt;I built a POC in an afternoon that changes that answer from “no” to “yes, through the right channel.”&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;— -&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;## The Problem With Local MCP Connections at Scale&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Model Context Protocol is the right abstraction for connecting AI agents to enterprise data systems. Snowflake, Microsoft Fabric, Power BI, Databricks — they’re all building managed MCP servers. The protocol is winning and the ecosystem is accelerating.&lt;/p&gt;

&lt;p&gt;But the default implementation pattern looks like this:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
Developer laptop → Fabric MCP server (direct)

Developer laptop → Power BI MCP server (direct)

Developer laptop → Snowflake MCP server (direct)

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Point-to-point. Each developer managing their own connection, their own credentials, their own everything. No consistency. No governance. No visibility into who called what and when.&lt;/p&gt;

&lt;p&gt;For a consumer use case, that’s fine. For an enterprise healthcare environment handling PHI-adjacent data, that’s a compliance problem waiting to happen. The security team’s instinct to block it isn’t obstruction — it’s the right call.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;— -&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;## The Pattern: API Management as an Enterprise MCP Gateway&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Azure API Management is already the right answer to ungoverned API access. It’s what you put in front of APIs when you need consistent auth, retry, rate limiting, versioning, and observability across heterogeneous backends. MCP servers are APIs. The same governance logic applies.&lt;/p&gt;

&lt;p&gt;The architecture:&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Ftworj76ks3wjev7w6eew.jpeg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Ftworj76ks3wjev7w6eew.jpeg" width="800" height="450"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Developer Machine (VS Code / Claude Desktop)&lt;/p&gt;

&lt;p&gt;→ Enterprise APIM Gateway (/mcp/fabric)&lt;/p&gt;

&lt;p&gt;→ Microsoft Fabric Core MCP Server&lt;/p&gt;

&lt;p&gt;(api.fabric.microsoft.com/v1/mcp/core)&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
The developer never touches the MCP server directly. They point their MCP client at the APIM endpoint. APIM validates their identity, enforces rate limits, exchanges tokens, forwards the request, logs the result, and returns the response. The MCP server sees a valid, governed request. The developer gets their answer.

What the security team gets:

- **\*\*Identity enforcement\*\***  — every call validated against Entra ID before it reaches Fabric

- **\*\*Audit trail\*\***  — every call logged with caller identity, timestamp, status, and duration

- **\*\*Rate limiting\*\***  — one developer can’t hammer a shared MCP server and impact others

- **\*\*No credential sprawl\*\***  — developers never hold Fabric credentials directly, only an APIM subscription key and their own Entra token

- **\*\*Single revocation point\*\***  — disable a developer’s subscription key without touching Fabric or the MCP server

What the developer gets: full Fabric MCP access, from VS Code or Claude Desktop, governed and audited. The answer changes from “no” to “yes, through the right channel.”

**— -**

**## What Microsoft Fabric Core MCP Actually Exposes**

Before building the gateway, it’s worth knowing what’s on the other side. Microsoft Fabric Core MCP Server is a remote, Microsoft-hosted endpoint at:

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;a href="https://api.fabric.microsoft.com/v1/mcp/core" rel="noopener noreferrer"&gt;https://api.fabric.microsoft.com/v1/mcp/core&lt;/a&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
It exposes 27 tools across five capability areas:

- **\*\*Workspace management\*\***  — list, get, create, update, delete workspaces

- **\*\*Item management\*\***  — list, get, create, update, delete, move Fabric items (Lakehouses, Warehouses, Notebooks, Data Agents, Semantic Models, Eventhouses, Pipelines)

- **\*\*Role management\*\***  — full RBAC management via natural language

- **\*\*Catalog search\*\***  — search across the entire Fabric estate

- **\*\*Knowledge\*\***  — Fabric documentation and capability discovery

In practice, a developer in VS Code with GitHub Copilot Agent mode can ask:

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;What Fabric workspaces do I have access to?&lt;/p&gt;

&lt;p&gt;List all items in the Clinical Data workspace&lt;/p&gt;

&lt;p&gt;Search the catalog for anything related to claims&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight xml"&gt;&lt;code&gt;
And get structured, accurate responses drawn from their actual Fabric environment — through the governed gateway, with every call logged.

**— -**

**## Building It: The APIM Policy That Makes It Work**

The core of the implementation is an APIM inbound/backend/outbound policy that handles auth, token exchange, retry, rate limiting, and audit logging in one place.

**\*\*Step 1 — Create a backend pointing to Fabric Core MCP:\*\***

In APIM → Backends → Add:

- Name: `fabric-core-mcp-backend`

- Runtime URL: `https://api.fabric.microsoft.com/v1/mcp/core`

**\*\*Step 2 — Create an API with suffix `/mcp/fabric` and a wildcard POST operation.\*\***

**\*\*Step 3 — Apply this policy:\*\***

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;

&lt;p&gt;&lt;br&gt;
xml&lt;/p&gt;







&lt;p&gt;&amp;lt;! — Validate the developer’s Entra ID token →&lt;/p&gt;

&lt;p&gt;&amp;lt;validate-jwt header-name=”Authorization”&lt;/p&gt;

&lt;p&gt;failed-validation-httpcode=”401"&lt;/p&gt;

&lt;p&gt;failed-validation-error-message=”Valid Entra ID token required”&amp;gt;&lt;/p&gt;





&lt;p&gt;&lt;a href="https://api.fabric.microsoft.com" rel="noopener noreferrer"&gt;https://api.fabric.microsoft.com&lt;/a&gt;&lt;/p&gt;





&lt;p&gt;&lt;a href="https://sts.windows.net/%7Btenant-id%7D/" rel="noopener noreferrer"&gt;https://sts.windows.net/{tenant-id}/&lt;/a&gt;&lt;/p&gt;





&lt;p&gt;&amp;lt;! — Capture caller identity for audit →&lt;/p&gt;

&lt;p&gt;&amp;lt;set-variable name=”caller-upn”&lt;/p&gt;

&lt;p&gt;value=”@(context.Request.Headers.GetValueOrDefault(“Authorization”, “unknown”))” /&amp;gt;&lt;/p&gt;

&lt;p&gt;&amp;lt;! — Exchange for managed identity token to call Fabric →&lt;/p&gt;

&lt;p&gt;&amp;lt;authentication-managed-identity&lt;/p&gt;

&lt;p&gt;resource=”&lt;a href="https://api.fabric.microsoft.com" rel="noopener noreferrer"&gt;https://api.fabric.microsoft.com&lt;/a&gt;"&lt;/p&gt;

&lt;p&gt;output-token-variable-name=”fabric-mi-token” /&amp;gt;&lt;/p&gt;

&lt;p&gt;&amp;lt;! — Replace developer token with MI token →&lt;/p&gt;



&lt;p&gt;@(“Bearer “ + (string)context.Variables[“fabric-mi-token”])&lt;/p&gt;



&lt;p&gt;&amp;lt;! — Rate limit: 100 calls per minute per developer →&lt;/p&gt;

&lt;p&gt;&amp;lt;rate-limit-by-key calls=”100"&lt;/p&gt;

&lt;p&gt;renewal-period=”60"&lt;/p&gt;

&lt;p&gt;counter-key=”@(context.Subscription.Id)”&lt;/p&gt;

&lt;p&gt;increment-condition=”@(true)” /&amp;gt;&lt;/p&gt;

&lt;p&gt;&amp;lt;! — Route to Fabric Core MCP backend →&lt;/p&gt;







&lt;p&gt;&amp;lt;! — Retry on transient failures and cold start →&lt;/p&gt;

&lt;p&gt;&amp;lt;retry condition=”@(context.Response.StatusCode == 503 ||&lt;/p&gt;

&lt;p&gt;context.Response.StatusCode == 429 ||&lt;/p&gt;

&lt;p&gt;context.Response.StatusCode == 500)”&lt;/p&gt;

&lt;p&gt;count=”3" interval=”2" delta=”2" max-interval=”10"&amp;gt;&lt;/p&gt;











&lt;p&gt;&amp;lt;! — Audit trace to Application Insights →&lt;/p&gt;



&lt;p&gt;@(&lt;/p&gt;

&lt;p&gt;“caller=” + (string)context.Variables[“caller-upn”] +&lt;/p&gt;

&lt;p&gt;“ status=” + context.Response.StatusCode.ToString() +&lt;/p&gt;

&lt;p&gt;“ duration_ms=” + context.Elapsed.TotalMilliseconds.ToString() +&lt;/p&gt;

&lt;p&gt;“ api=fabric-core-mcp”&lt;/p&gt;

&lt;p&gt;)&lt;/p&gt;















&lt;p&gt;application/json&lt;/p&gt;



&lt;p&gt;@(“{\”error\”: \”” + context.LastError.Message + “\”, \”status\”: “ + context.Response.StatusCode.ToString() + “}”)&lt;/p&gt;







&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
Replace `{tenant-id}` with your Entra ID tenant ID. That’s it — the policy handles everything else.

**— -**

**## Configuring the Developer’s Machine**

**\*\*VS Code (recommended — handles token refresh automatically):\*\***

In `.vscode/mcp.json` or the user-level `mcp.json`:

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;

&lt;p&gt;&lt;br&gt;
json&lt;/p&gt;

&lt;p&gt;{&lt;/p&gt;

&lt;p&gt;“servers”: {&lt;/p&gt;

&lt;p&gt;“enterprise-fabric”: {&lt;/p&gt;

&lt;p&gt;“type”: “http”,&lt;/p&gt;

&lt;p&gt;“url”: “&lt;a href="https://your-apim-instance.azure-api.net/mcp/fabric" rel="noopener noreferrer"&gt;https://your-apim-instance.azure-api.net/mcp/fabric&lt;/a&gt;",&lt;/p&gt;

&lt;p&gt;“headers”: {&lt;/p&gt;

&lt;p&gt;“Ocp-Apim-Subscription-Key”: “{developer-subscription-key}”&lt;/p&gt;

&lt;p&gt;}&lt;/p&gt;

&lt;p&gt;}&lt;/p&gt;

&lt;p&gt;}&lt;/p&gt;

&lt;p&gt;}&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
VS Code with GitHub Copilot handles the Entra ID token automatically. The developer just needs their APIM subscription key — which the platform team distributes via Key Vault, not email.

**\*\*Claude Desktop:\*\***

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;

&lt;p&gt;&lt;br&gt;
json&lt;/p&gt;

&lt;p&gt;{&lt;/p&gt;

&lt;p&gt;“mcpServers”: {&lt;/p&gt;

&lt;p&gt;“enterprise-fabric”: {&lt;/p&gt;

&lt;p&gt;“type”: “http”,&lt;/p&gt;

&lt;p&gt;“url”: “&lt;a href="https://your-apim-instance.azure-api.net/mcp/fabric" rel="noopener noreferrer"&gt;https://your-apim-instance.azure-api.net/mcp/fabric&lt;/a&gt;",&lt;/p&gt;

&lt;p&gt;“headers”: {&lt;/p&gt;

&lt;p&gt;“Ocp-Apim-Subscription-Key”: “{developer-subscription-key}”,&lt;/p&gt;

&lt;p&gt;“Authorization”: “Bearer {entra-token}”&lt;/p&gt;

&lt;p&gt;}&lt;/p&gt;

&lt;p&gt;}&lt;/p&gt;

&lt;p&gt;}&lt;/p&gt;

&lt;p&gt;}&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
Get the Entra token via `az account get-access-token — resource [https://api.fabric.microsoft.com](https://api.fabric.microsoft.com) — query accessToken -o tsv`. Note: tokens expire after 1 hour — VS Code handles this automatically, Claude Desktop requires manual refresh.

**— -**

**## What This Costs If You Already Have APIM**

Zero.

If your organization already runs an APIM instance — which most enterprise Azure environments do — this is one new backend, one new API route, and a policy. No new resource provisioning, no new monthly bill, no new approval process for infrastructure. You’re adding a capability to infrastructure you already own and operate.

If you need a new APIM instance, the Standard tier runs approximately $750/month and gives you a governed, audited, rate-limited gateway to your entire MCP estate for all developers — the cost of roughly one developer hour per day.

**— -**

**## The Registry Pattern: One Gateway for All MCP Servers**

The Fabric MCP connection is one spoke. The same APIM instance, the same policy pattern, the same auth and audit infrastructure extends to every MCP server your organization wants to expose:

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;

&lt;p&gt;&lt;br&gt;
plaintext&lt;/p&gt;

&lt;p&gt;Enterprise APIM Gateway&lt;/p&gt;

&lt;p&gt;→ /mcp/fabric → Fabric Core MCP Server&lt;/p&gt;

&lt;p&gt;→ /mcp/powerbi → Power BI Remote MCP&lt;/p&gt;

&lt;p&gt;→ /mcp/snowflake → Snowflake Cortex MCP&lt;/p&gt;

&lt;p&gt;→ /mcp/databricks → Databricks Genie MCP&lt;/p&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;


Each addition is one new backend and one new API operation. The governance layer — auth, audit, rate limiting, retry — is inherited automatically. New MCP servers don’t require new governance conversations. They require a backend entry and a subscription key.

That is the enterprise MCP registry. It’s not a new product or a new platform. It’s a new use of infrastructure most organizations already have, applied to a problem that’s only going to get more urgent as MCP adoption accelerates.

**— -**

**## The Honest Production Checklist**

Before calling this production-ready for a regulated environment:

- [] APIM managed identity has minimum required permissions on Fabric — Viewer only, not Contributor

- [] Subscription keys distributed via Key Vault — never email or Slack

- [] Application Insights connected and retention policy set to meet audit requirements

- [] Conditional access policy enforces MFA before Entra token issuance

- [] Rate limits tuned per team, not just per individual developer

- [] Private endpoint for APIM if PHI boundary requires no public ingress

- [] Subscription approval required — no self-service access

**— -**

**## Why This Matters Now**

MCP adoption is accelerating faster than enterprise governance is keeping up. Most organizations are currently in one of two states: blocking MCP entirely (the security team wins, developers lose), or allowing ungoverned direct connections (developers win, security loses).

The gateway pattern is the third option that neither side has articulated yet. The security team gets everything they actually need — identity enforcement, audit trail, access control, revocation. The developers get the capability they want — natural language access to enterprise data through the tools they already use.

The organizations that build this registry now, before MCP sprawl sets in, will have a meaningfully better operational posture when the number of MCP connections scales from two to twenty.

**— -**

_\*Kartik Anand — Cloud &amp;amp; AI Architect | Building agentic AI systems on Azure, Snowflake, and Microsoft Fabric\*_

_\*[LinkedIn](_https://linkedin.com/in/kartanand_) · [GitHub](_https://github.com/kartikanand73_) · [HealthIQ Multi-Agent Reference Architecture](_https://github.com/kartikanand73/fabriciq-multi-agent-reference-architecture_)\*_
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;

</description>
      <category>mcpserver</category>
      <category>modelcontextprotocol</category>
      <category>enterprisegovernance</category>
      <category>azureapimanagement</category>
    </item>
    <item>
      <title>From Manual Coordination to Prompt‑Driven Automation</title>
      <dc:creator>Kartik Anand</dc:creator>
      <pubDate>Sat, 11 Apr 2026 02:38:43 +0000</pubDate>
      <link>https://dev.to/kartikanand_45/from-manual-coordination-to-prompt-driven-automation-587a</link>
      <guid>https://dev.to/kartikanand_45/from-manual-coordination-to-prompt-driven-automation-587a</guid>
      <description>&lt;p&gt;How AI‑Driven Simulation in Microsoft Fabric Enables Scalable, Repeatable Performance Testing for Power BI Semantic Models Under Concurrent User Load&lt;/p&gt;

&lt;h3&gt;
  
  
  Introduction
&lt;/h3&gt;

&lt;p&gt;Validating the performance of enterprise‑scale analytics platforms has traditionally depended on simulating realistic user behavior through manual coordination.&lt;/p&gt;

&lt;p&gt;In environments where Power BI reports are expected to support concurrent access from multiple users — each interacting with dashboards using different filters, slicers, and navigation paths — performance testing typically involves assembling groups of participants to execute report interactions simultaneously while monitoring tools capture performance metrics.&lt;/p&gt;

&lt;p&gt;This process is difficult to scale, difficult to reproduce consistently, and often introduces variability that obscures meaningful performance insights.&lt;/p&gt;

&lt;p&gt;Recent advancements in AI‑assisted developer tooling, combined with automation capabilities available within Microsoft Fabric, are beginning to fundamentally reshape how this process can be executed.&lt;/p&gt;

&lt;h3&gt;
  
  
  The Traditional Model of Concurrent Testing
&lt;/h3&gt;

&lt;p&gt;Historically, evaluating how a Power BI semantic model performs under load has required:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Coordinating multiple testers to access the same report at the same time&lt;/li&gt;
&lt;li&gt;Instructing each participant to apply different filters or interaction paths&lt;/li&gt;
&lt;li&gt;Attempting to replicate realistic user behavior manually&lt;/li&gt;
&lt;li&gt;Capturing performance telemetry from client‑side or service‑side tools&lt;/li&gt;
&lt;li&gt;Repeating these sessions multiple times to approximate statistical confidence&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Beyond the logistical overhead, this approach introduces inconsistencies that make benchmarking difficult. Variations in how each user interacts with the report — whether through filter selections, page navigation, or query timing — can result in materially different performance characteristics from one test run to the next.&lt;/p&gt;

&lt;p&gt;Manual testing also limits the ability to rapidly re‑test performance after iterative changes to the semantic model, data model, or report design.&lt;/p&gt;

&lt;h3&gt;
  
  
  Introducing Prompt‑Driven Simulation
&lt;/h3&gt;

&lt;p&gt;By leveraging AI‑assisted developer tooling within Visual Studio Code — alongside extensibility capabilities available in Microsoft Fabric — it is now possible to simulate concurrent user interactions directly against Fabric‑hosted Power BI reports.&lt;/p&gt;

&lt;p&gt;Instead of assembling test participants, performance testing scenarios can be defined using natural‑language prompts that instruct the system to:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Identify the report and workspace under test&lt;/li&gt;
&lt;li&gt;Analyze available filters and slicers within the report&lt;/li&gt;
&lt;li&gt;Assign distinct interaction patterns to simulated users&lt;/li&gt;
&lt;li&gt;Execute report queries under concurrent load&lt;/li&gt;
&lt;li&gt;Apply dynamic or randomized filter selections per user&lt;/li&gt;
&lt;li&gt;Generate performance outputs for benchmarking analysis&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This allows simulated users to behave differently from one another — interacting with visuals using different filters, combinations, or navigational paths — closely mirroring real‑world usage patterns.&lt;/p&gt;

&lt;h3&gt;
  
  
  Automating the Execution Layer
&lt;/h3&gt;

&lt;p&gt;Once the testing intent is defined through prompt‑based interaction, the underlying tooling can generate executable scripts capable of simulating multiple concurrent sessions against the report environment.&lt;/p&gt;

&lt;p&gt;These scripts initiate parallel connections — each representing a simulated user — allowing independent query execution paths to be evaluated simultaneously.&lt;/p&gt;

&lt;p&gt;Because simulation logic is generated programmatically:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Testing scenarios become repeatable&lt;/li&gt;
&lt;li&gt;Interaction patterns can be standardized or randomized&lt;/li&gt;
&lt;li&gt;Concurrent user behavior can be scaled without manual coordination&lt;/li&gt;
&lt;li&gt;Benchmark tests can be executed consistently across environments&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This transforms performance testing from a manually orchestrated activity into a programmable validation mechanism that can be executed on demand.&lt;/p&gt;

&lt;h3&gt;
  
  
  Quantitative Impact on Testing Time
&lt;/h3&gt;

&lt;p&gt;In a recent automated simulation using prompt‑driven performance testing, the system was able to interpret report structure, assign distinct filter behaviors to simulated users, and successfully execute concurrent testing &lt;strong&gt;within a few minutes&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;By contrast, traditional manual concurrency testing typically requires:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Identifying available participants&lt;/li&gt;
&lt;li&gt;Scheduling aligned execution windows&lt;/li&gt;
&lt;li&gt;Coordinating test instructions&lt;/li&gt;
&lt;li&gt;Executing report interactions simultaneously&lt;/li&gt;
&lt;li&gt;Capturing and consolidating performance metrics&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;When automation reduces execution time to minutes, this introduces the potential to:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Perform &lt;strong&gt;repeated performance validation&lt;/strong&gt; after each semantic model update&lt;/li&gt;
&lt;li&gt;Benchmark optimization strategies across multiple test iterations&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Re‑run&lt;/strong&gt; concurrency simulations under different interaction scenarios&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Benchmarking and Comparative Analysis
&lt;/h3&gt;

&lt;p&gt;With prompt‑driven automation in place, performance testing transitions from a one‑time event into an iterative validation capability.&lt;/p&gt;

&lt;p&gt;For example, a report can be evaluated under isolated capacity conditions to establish a baseline performance profile. Subsequent changes — whether to data modeling strategy, filter logic, or visual design — can then be tested against that baseline to determine their impact on:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Average page load times&lt;/li&gt;
&lt;li&gt;Query execution latency&lt;/li&gt;
&lt;li&gt;Tail‑latency metrics under concurrency&lt;/li&gt;
&lt;li&gt;Filter‑driven query complexity&lt;/li&gt;
&lt;li&gt;Cache effectiveness across interaction patterns&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This enables teams to move beyond anecdotal performance feedback and toward quantifiable evidence of optimization impact.&lt;/p&gt;

&lt;h3&gt;
  
  
  Operational Implications
&lt;/h3&gt;

&lt;p&gt;The shift from manually coordinated testing sessions to prompt‑driven automation introduces several practical advantages:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Testing scenarios can be executed without scheduling participant availability&lt;/li&gt;
&lt;li&gt;Simulations can be scaled to arbitrary concurrency levels&lt;/li&gt;
&lt;li&gt;Interaction patterns can be randomized or standardized as needed&lt;/li&gt;
&lt;li&gt;Benchmark tests can be reproduced consistently over time&lt;/li&gt;
&lt;li&gt;Performance regressions can be identified earlier in the development lifecycle&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Performance testing can therefore become an integrated component of semantic model and report lifecycle management — rather than an isolated activity performed only at deployment milestones.&lt;/p&gt;

&lt;h3&gt;
  
  
  Conclusion
&lt;/h3&gt;

&lt;p&gt;As enterprise analytics platforms continue to evolve toward real‑time and self‑service consumption models, the ability to validate report performance under realistic usage conditions becomes increasingly critical.&lt;/p&gt;

&lt;p&gt;By combining AI‑assisted developer tooling with Microsoft Fabric’s extensibility model, it is now possible to simulate concurrent user behavior against Power BI reports through prompt‑driven automation — eliminating the need for manual coordination while enabling repeatable, benchmark‑based performance validation.&lt;/p&gt;

&lt;p&gt;This represents a meaningful step forward in transforming performance testing from an operational burden into a scalable, developer‑driven capability.&lt;/p&gt;

</description>
      <category>businessintelligence</category>
      <category>automation</category>
      <category>microsoftfabricpower</category>
      <category>dataengineering</category>
    </item>
    <item>
      <title>From Fragile Pipelines to Autonomous Lakehouse — Lessons from My Databricks Journey</title>
      <dc:creator>Kartik Anand</dc:creator>
      <pubDate>Tue, 02 Sep 2025 16:34:27 +0000</pubDate>
      <link>https://dev.to/kartikanand_45/from-fragile-pipelines-to-autonomous-lakehouse-lessons-from-my-databricks-journey-4ep7</link>
      <guid>https://dev.to/kartikanand_45/from-fragile-pipelines-to-autonomous-lakehouse-lessons-from-my-databricks-journey-4ep7</guid>
      <description>&lt;h3&gt;
  
  
  From Fragile Pipelines to Autonomous Lakehouse: My Databricks Journey
&lt;/h3&gt;

&lt;p&gt;I recently earned the &lt;strong&gt;Databricks Data Engineer certification&lt;/strong&gt; , and it’s reshaped how I think about modern data architectures. What once took hours of brittle cloud functions, redundant staging tables, and slow, preview-stage triggers can now be handled with &lt;em&gt;elegance and speed&lt;/em&gt;.&lt;/p&gt;

&lt;p&gt;Let me explain why this shift matters — and how it’s changing the way enterprises approach data engineering.&lt;/p&gt;

&lt;h3&gt;
  
  
  The Pain of Legacy ETL
&lt;/h3&gt;

&lt;p&gt;I still remember a project where we had to write custom cloud functions just to move data between layers. Every schema change forced us to spin up temporary tables. The functions were &lt;em&gt;slow, error-prone, and hard to maintain&lt;/em&gt;. It felt like duct-taping a data pipeline together.&lt;/p&gt;

&lt;p&gt;In another engagement, a client maintained a massive Azure data lake — but accessing it was a political maze. Every data request turned into a marathon of approvals and delays. If &lt;strong&gt;Unity Catalog&lt;/strong&gt; had been in place, we could’ve saved &lt;em&gt;weeks of back-and-forth&lt;/em&gt; and accelerated delivery.&lt;/p&gt;

&lt;h3&gt;
  
  
  What Databricks Gets Right
&lt;/h3&gt;

&lt;p&gt;Databricks isn’t just a platform — it’s a &lt;strong&gt;strategic enabler&lt;/strong&gt;. It unifies data engineering, analytics, and machine learning under one roof:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Delta Lake&lt;/strong&gt; : Atomic writes, schema enforcement, and ACID compliance&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;MLflow&lt;/strong&gt; : End-to-end experiment tracking and model lifecycle management&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Unity Catalog&lt;/strong&gt; : Centralized governance, fine-grained access control, and full data lineage&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Cloud Agnostic&lt;/strong&gt; : No vendor lock-in across AWS, Azure, and GCP&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;With Unity Catalog, &lt;em&gt;data provenance becomes transparent&lt;/em&gt;. You can trace a metrics report all the way back to its raw source — eliminating guesswork and political bottlenecks.&lt;/p&gt;

&lt;h3&gt;
  
  
  Speed to Market, Without the Bloat
&lt;/h3&gt;

&lt;p&gt;At the end of the day, companies care about &lt;strong&gt;speed to market&lt;/strong&gt; and &lt;strong&gt;cost efficiency&lt;/strong&gt;. Legacy approaches often come with hidden expenses — multiple services, brittle integrations, and steep maintenance overhead.&lt;/p&gt;

&lt;p&gt;Databricks simplifies this. The learning curve isn’t steep; it builds naturally on the data engineer’s existing skill set. And when enterprises embrace Databricks as part of their broader cloud migration, &lt;em&gt;much of the setup cost is absorbed&lt;/em&gt;. Yes, there’s investment in training — but the ROI in agility, governance, and scalability is undeniable.&lt;/p&gt;

&lt;h3&gt;
  
  
  The Road Ahead
&lt;/h3&gt;

&lt;p&gt;For data engineers architecting the future, the shift from fragile ETL pipelines to an &lt;strong&gt;autonomous Lakehouse&lt;/strong&gt; isn’t just a technical upgrade — it’s a &lt;em&gt;strategic leap&lt;/em&gt;. It elevates collaboration, accelerates time to insight, and unlocks new possibilities for AI-driven innovation.&lt;/p&gt;

&lt;p&gt;If you’re still wrestling with legacy data stacks, it’s time to rethink your architecture. The Lakehouse isn’t just a buzzword — it’s a &lt;strong&gt;blueprint for intelligent orchestration&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Let’s connect if you’re exploring Databricks, agentic systems, or autonomous analytics. I’d love to exchange ideas and hear how others are navigating this transformation.&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;#Databricks #Lakehouse #DataEngineering #DeltaLake #UnityCatalog #CloudArchitecture #AgenticSystems #ThoughtLeadership #AnalyticsTransformation&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Would you like help crafting a compelling headline image or Medium tags to boost visibility?&lt;/p&gt;

</description>
      <category>azuredatabricks</category>
      <category>etl</category>
    </item>
    <item>
      <title>Orchestration Pattern Meets Serverless (Durable Functions)</title>
      <dc:creator>Kartik Anand</dc:creator>
      <pubDate>Mon, 03 Aug 2020 20:25:45 +0000</pubDate>
      <link>https://dev.to/kartikanand_45/orchestration-pattern-meets-serverless-durable-functions-2n9g</link>
      <guid>https://dev.to/kartikanand_45/orchestration-pattern-meets-serverless-durable-functions-2n9g</guid>
      <description>&lt;p&gt;In the current digital transformation/micro-service era, orchestration pattern is another useful pattern that is used by lot of organizations for calling various services and then waiting for all services to complete before next step.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Azure Durable Functions&lt;/strong&gt; is a great service to implement orchestration pattern. The function orchestrates and chains-together calls to other functions. Those functions can be any or a combination (Functions/Logic Apps/Web Api/Microservices).The durable function is resilient to reboots of VMs/Applications.&lt;/p&gt;

&lt;p&gt;In my example, I have a service that calls 2 micro-services and waits for the results before moving to next step. This all is accomplished via &lt;strong&gt;single&lt;/strong&gt; durable function that will call 2 services and then wait till it receives results back from 2 services and then it makes a call to the next service. Alternatively, this could be accomplished by creating multiple functions and Queues to coordinate the flow of data. The alternative flow will introduce unnecessary services and increase the overall management of services.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fi7zy62nzms6hjdwnxx4g.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fi7zy62nzms6hjdwnxx4g.png" width="799" height="353"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Here are some key advantages:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;·Low Overhead&lt;/p&gt;

&lt;p&gt;·Reliability&lt;/p&gt;

&lt;p&gt;·Scalability&lt;/p&gt;

&lt;p&gt;·Serverless&lt;/p&gt;

&lt;p&gt;·Cost Saving&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;&lt;strong&gt;Key Source Code&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;var tasks = new Task[2];&lt;/p&gt;

&lt;p&gt;tasks[0] = context.CallActivityAsync(“ZipCodeAPI”, “LA2”);&lt;/p&gt;

&lt;p&gt;tasks[1] = context.CallActivityAsync(“LogicApp1”, “LA2”);&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;await Task.WhenAll(tasks); //Ensures Function waits for all chain functions to complete before moving to next step&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;[FunctionName(“ZipCodeAPI”)]&lt;/p&gt;

&lt;p&gt;public static string GetZipCode([ActivityTrigger] string name, ILogger log)&lt;/p&gt;

&lt;p&gt;{&lt;/p&gt;

&lt;p&gt;HttpWebRequest rqst = (HttpWebRequest)HttpWebRequest.Create(_url);&lt;/p&gt;

&lt;p&gt;rqst.Method = “POST”;&lt;/p&gt;

&lt;p&gt;rqst.ContentType = “application/json”;&lt;/p&gt;

&lt;p&gt;byte[] byteData = Encoding.UTF8.GetBytes(pJSON);&lt;/p&gt;

&lt;p&gt;}&lt;/p&gt;

&lt;p&gt;[FunctionName(“CountryCode”)]&lt;/p&gt;

&lt;p&gt;public static string GetCountryCode([ActivityTrigger] string name, ILogger log)&lt;/p&gt;

&lt;p&gt;{&lt;/p&gt;

&lt;p&gt;HttpWebRequest rqst = (HttpWebRequest)HttpWebRequest.Create(_url);&lt;/p&gt;

&lt;p&gt;rqst.Method = “POST”;&lt;/p&gt;

&lt;p&gt;rqst.ContentType = “application/json”;&lt;/p&gt;

&lt;p&gt;byte[] byteData = Encoding.UTF8.GetBytes(pJSON);&lt;/p&gt;

&lt;p&gt;}&lt;/p&gt;

</description>
      <category>azurefunctions</category>
      <category>azure</category>
      <category>durablefunctions</category>
      <category>serverless</category>
    </item>
  </channel>
</rss>
