Executive takeaways
- Azure Government is FedRAMP High authorized and supports DoD SRG IL2, IL4, and IL5 workloads, with Azure Government Secret supporting IL6, providing a compliant foundation for AI services deployed in USGov regions [1][2].
- Core AI building blocks that underpin generative AI workloads are available in Azure Government, including Azure OpenAI Service, Azure Machine Learning, and several Azure AI services, as shown in Microsoft’s regional product availability listings and dedicated government guidance for Azure OpenAI [3][5].
- The Azure AI Foundry web experience and some Foundry-specific capabilities (model catalog Model-as-a-Service for non-OpenAI models, evaluations, and content safety integration) are not documented as available in sovereign clouds; treat them as commercial-only unless verified through agency-specific ATO review and current service listings. UNVERIFIED [4][5].
Why this matters
OMB M-24-10 requires agencies to manage AI risk and use secure, authorized infrastructure for sensitive data and consequential use cases; using FedRAMP-authorized environments is a baseline expectation for cloud AI deployments [6]. Program teams planning generative AI at IL4/IL5 must separate “what is authorized in Azure Government” from “what is only in commercial Azure” to avoid compliance gaps and procurement delays.
What is Azure AI Foundry
- Microsoft describes Azure AI Foundry as an end-to-end environment for building, evaluating, and deploying AI applications, integrating model catalog access, orchestration, safety, and observability features, delivered via ai.azure.com and Azure resources behind the scenes [4].
- Foundry is a brand and portal that composes services (Azure OpenAI Service, Azure Machine Learning, Azure AI services, storage, networking). FedRAMP authorizations apply to the cloud service boundary and services, not the brand experience itself [1][4].
FedRAMP and DoD SRG context
- Azure Government holds FedRAMP High authorization, and Azure public cloud offers FedRAMP Moderate and High authorizations for many services; agencies still must obtain system-level ATOs when deploying workloads [1].
- Azure Government supports DoD Cloud Computing SRG impact levels IL2, IL4, and IL5; Azure Government Secret supports IL6 for classified workloads [2].
- OMB M-24-10 directs agencies to implement AI governance, inventory, and control measures, leveraging authorized infrastructure and safeguards aligned to federal policy and NIST RMF practices [6].
What is FedRAMP-authorized and available in Azure Government today
The items below are supported in USGov regions and operate within the Azure Government FedRAMP High boundary. Agencies must confirm region-level availability and service scope for their specific deployment.
Azure OpenAI Service in Azure Government
- Microsoft provides dedicated guidance for using Azure OpenAI Service in Azure Government, including endpoints and region availability in USGov Azure; this indicates operational availability in the sovereign cloud [3].
- Services delivered inside Azure Government inherit its FedRAMP High authorization boundary; agencies should validate service scope in the latest FedRAMP package and product-by-region listings [1][5].
Azure Machine Learning
- Azure Machine Learning is listed among products available in USGov regions on Microsoft’s products-by-region site, indicating service availability for sovereign deployments [5].
- As part of Azure Government, use of AML resources benefits from the FedRAMP High authorization of the environment; agencies should verify workspace features needed for Foundry-style workflows within USGov [1][5].
Azure AI services and related building blocks
- Multiple Azure AI services (for example, language, vision, speech) and supporting services such as Azure AI Search, Azure Storage, Azure Key Vault, and Azure Kubernetes Service are shown as available in USGov regions via the products-by-region listings [5].
- These services operate inside the Azure Government boundary; program teams should constrain deployments to USGov Virginia or USGov Arizona and use private networking and data controls in line with agency ATOs [1][5].
DoD impact level alignment
- Deployments at IL4/IL5 should use Azure Government regions and controls consistent with DoD SRG; workloads requiring IL6 must use Azure Government Secret where applicable [2].
What remains commercial-only or not documented for sovereign clouds
The following items lack primary-source documentation confirming availability in Azure Government. Treat them as commercial-only until verified with current Microsoft service listings and agency ATO reviews. UNVERIFIED unless otherwise noted.
Azure AI Foundry portal
- There is no primary-source documentation confirming the ai.azure.com Foundry portal is offered within Azure Government sovereign endpoints. UNVERIFIED [4][5].
Foundry model catalog Model-as-a-Service for non-OpenAI models
- Public documentation describes MaaS offerings for third-party foundation models in Foundry’s commercial catalog; availability in USGov regions is not documented. UNVERIFIED [4][5].
Foundry evaluations, safety tools, and managed prompt flow experiences
- Foundry-integrated evaluation pipelines and safety tooling are documented for the commercial experience; sovereign cloud availability is not documented. UNVERIFIED [4].
Azure AI Content Safety in Azure Government
- Content Safety service is documented for commercial deployments; sovereign cloud support is not confirmed in primary sources. UNVERIFIED [5].
Notes on nuance:
- “Commercial-only” does not necessarily mean “not FedRAMP” because Azure public has FedRAMP authorizations; however, many federal missions and DoD workloads require Azure Government for US persons, data residency, and IL4/IL5/IL6 controls [1][2]. Agencies must align environment selection to mission and policy requirements.
Acquisition and deployment implications
Align to OMB M-24-10 and FedRAMP boundaries
- Use Azure Government for IL4/IL5 workloads and sensitive data, ensuring services are within the FedRAMP High package and USGov regions [1][2][6].
- When a needed Foundry feature is commercial-only, document risk and compensating controls and determine whether Azure public FedRAMP High meets the mission requirement, or implement equivalent capability using Azure Government services directly (Azure OpenAI Service APIs, AML, Azure AI services) [1][2][6].
Control plane and data plane segregation
- Prefer resource deployment via Azure Resource Manager in USGov, private endpoints, VNET integration, and customer-managed keys to satisfy agency ATO requirements; avoid cross-cloud dependencies from commercial Foundry experiences. Agencies should validate service-level features in USGov via current listings [5].
Testing and evaluation
- Conduct model evaluation and safety tests using AML pipelines and Azure OpenAI in USGov where possible; if Foundry evaluation tooling is unavailable in USGov, implement equivalent AML-based evaluation harnesses and log telemetry in sovereign storage. UNVERIFIED for Foundry-native evaluations in USGov [3][4][5].
Contracting and CLINs
- Reference the specific Azure Government services (Azure OpenAI Service, AML, Azure AI services) in solicitations and CLINs rather than the “Foundry” brand, and require USGov region deployment and FedRAMP High alignment. Use DoD SRG IL clauses as appropriate [1][2].
Decision checklist for program teams
- Confirm your required services are listed for USGov regions on Microsoft’s products-by-region page and within your agency’s ATO scope [5].
- Use Azure OpenAI Service guidance specific to Azure Government endpoints and regions; avoid assuming parity with commercial Foundry portal features [3].
- Reference FedRAMP and DoD SRG documentation to anchor environment selection and impact level requirements [1][2].
- Treat any Foundry portal features not explicitly documented for sovereign clouds as commercial-only until verified; plan alternatives using AML and service APIs. UNVERIFIED [4][5].
- Ensure alignment with OMB M-24-10 AI governance and risk management requirements in your deployment plan [6].
Microsoft platform context
- Azure Government provides the FedRAMP High, IL2/IL4/IL5-authorized foundation on which Azure OpenAI Service, Azure Machine Learning, and Azure AI services can be deployed for federal missions [1][2][3][5].
- Azure AI Foundry, as documented, is the commercial experience that composes these services; agencies should consume sovereign-supported services directly when Foundry portal features are not documented for USGov [4][5].
Confidence assessment
MEDIUM. Core claims about Azure Government FedRAMP and DoD IL posture are well-documented, as is Azure OpenAI Service guidance for Government. However, the Azure AI Foundry portal and several Foundry-specific capabilities lack primary-source confirmation for sovereign clouds; these are flagged UNVERIFIED and require agency review of current service listings or Microsoft confirmation.
Sources
- FedRAMP. https://learn.microsoft.com/en-us/azure/compliance/offerings/fedramp
- Department of Defense Cloud Computing Security Requirements Guide (SRG). https://learn.microsoft.com/en-us/azure/compliance/offerings/dod-csrg
- Use Azure OpenAI Service in Azure Government. https://learn.microsoft.com/en-us/azure/ai-services/openai/how-to/azure-government
- What is Azure AI Foundry. https://learn.microsoft.com/en-us/azure/ai-studio/what-is-ai-studio
- Products available by region. https://azure.microsoft.com/en-us/explore/global-infrastructure/products-by-region/
- M-24-10 Advancing Governance, Innovation, and Risk Management for Agency Use of Artificial Intelligence. https://www.whitehouse.gov/wp-content/uploads/2024/03/M-24-10-Advancing-Governance-Innovation-and-Risk-Management-for-Agency-Use-of-Artificial-Intelligence.pdf