
This architecture defines a highly secure, enterprise-grade path for deploying Copilot Studio agents within a regulated environment. It prioritizes zero-trust networking, centralized API management, and robust security observability.
1. User Access and Perimeter Security
The journey begins at the Client Device (Laptop or Azure Virtual Desktop). User identity is strictly governed by Entra ID RBAC, ensuring that only authorized personnel can initiate sessions. Network traffic is routed through Zscaler Web Security Service (WSS), providing an essential layer of perimeter defense, URL filtering, and threat protection before the request ever reaches the cloud environment.
2. The Agent Ecosystem (Copilot Studio SaaS)
At the heart of the solution is Copilot Studio SaaS.
- Unstructured RAG: For knowledge-based queries, the agent leverages a Retrieval-Augmented Generation (RAG) model connected to SharePoint (Microsoft SaaS). This allows the agent to provide grounded responses based on unstructured internal documentation without moving that data out of the Microsoft security boundary.
- Power Platform Integration: The agent resides within the Power Platform ecosystem, which acts as the orchestration layer for more complex data requests.
3. Secure Connectivity (The “Tunnel”)
To bridge the gap between the public SaaS layer and private data, the architecture utilizes a Secure Tunnel into a Managed VNet. This is a critical architectural pivot that ensures traffic does not traverse the public internet when accessing sensitive business systems.
- Private Endpoint & DNS: Within the VNet, traffic is funneled through Private Endpoints supported by Private DNS. This ensures that the backend services are not exposed to the public internet and are only resolvable within the private network.
4. API Management and Data Auditing
All requests for structured data are routed through Azure API Management (APIM).
- Governance & Auditing: APIM serves as the “gatekeeper,” enforcing policies, rate limiting, and—most importantly—providing a full Audit trail of every query made to the backend.
- Final Destination (Data Lake, SQL Data): The ultimate data source is the SDH SQL Data (Single Data House). By placing APIM in front of the SQL database, the architecture ensures that the database never has a public IP and that every “Read” or “Write” action is authenticated and recorded.
5. Security Observability (Microsoft Sentinel)
Security operations are centralized through Microsoft Sentinel (SIEM).
- DLP Integration: Data Loss Prevention (DLP) logs from the Power Platform are streamed to Sentinel to monitor for unauthorized data movement.
- Telemetry: APIM feeds real-time telemetry and access logs into Sentinel.This creates a closed-loop observability system where security teams can detect, investigate, and respond to anomalies across the entire path from the agent to the SQL database.