Most teams hit this choice right after the demo works.
Do we run this agent as a Hosted Agent in Foundry Agent Service? Or do we run it ourselves as a Self‑Managed Agent on Azure?
Both are valid.
But they solve different problems.
And if you pick the wrong one, you either over‑engineer the stack or lose control where it matters.
Hosted Agents are a managed runtime inside Foundry Agent Service.
You bring your agent code. You package it as a container image. You push it to a container registry.
Foundry Agent Service then:
Pulls the image. Provisions compute. Assigns a dedicated Microsoft Entra ID to the agent. Exposes a dedicated endpoint.
And the platform handles the operational work:
Scaling. Session persistence. Observability. Lifecycle management.
Hosted Agents exist because most teams don’t want to rebuild hosting, scaling, identity, and telemetry from scratch.
Self‑Managed means you run the agent runtime yourself.
You deploy your agent like any other application on Azure:
Azure Container Apps. Azure Kubernetes Service. Azure Functions (including Functions hosted on Container Apps).
Your agent can still call Foundry models.
But you own everything around it:
Ingress and API gateway design. Scaling rules. State storage. Deployment rollout strategy. Monitoring and logs. Upgrade and rollback processes.
That’s the difference.
Hosted Agents outsource the runtime. Self‑Managed keeps it inside your platform engineering boundary.
Ask one question:
Do you want to manage agent infrastructure or agent logic?
If you want to manage agent logic, Hosted Agents fit.
If you want full control over infrastructure and you already have a mature platform team, Self‑Managed fits.
Hosted Agents make the most sense when:
You want faster path from code to production Hosted Agents remove cross‑cutting deployment work like container hosting, scaling, and identity wiring.
You want enterprise identity without custom glue The service assigns an Entra ID to the agent, which can be used for downstream access patterns.
You need stateful, multi‑turn agent sessions Hosted agents support persisting state and files across turns through the hosted runtime.
You want a supported private networking pattern Foundry Agent Service supports a private networking setup pattern designed for controlled network environments.
In short.
If your organization’s pain point is “agents are hard to operate,” Hosted Agents are designed to solve that.
Self‑Managed makes sense when:
You need full control over the runtime and network path If you require a specific API gateway design, custom TLS termination, custom observability pipelines, or deep service‑mesh integration, Self‑Managed is often cleaner.
You already run containers at scale and want consistency If your platform standard is Container Apps or AKS and all services deploy through the same pipeline, an agent is just another service.
You need custom scaling logic or event-driven execution Azure Functions hosted on Container Apps supports event-driven patterns and can be a better fit for “agent as workflow” designs.
You need strict control of state and data stores If you must control data residency choices down to specific storage services and policies, Self‑Managed gives you full ownership.
In short.
If your organization’s pain point is “we already have a platform, don’t add another,” Self‑Managed may be the simpler operational decision.
This is not “Hosted = public” and “Self‑Managed = private.”
Hosted Agents can be deployed in a private networking setup pattern.
Self‑Managed agents can obviously be private too because you own the environment.
So the decision is not privacy vs non‑privacy.
It’s who owns the operational surface area.
Choose Hosted Agents when: You want speed to production. You want managed scaling and lifecycle. You want agent identity handled cleanly. You want a supported private networking pattern.
Choose Self‑Managed when: You need full runtime control and deep integration into your platform. You already run containers and observability at scale. You need specialized scaling or event triggers. You want full ownership of state and deployment workflows.
Hosted Agents are not “low‑code agents.”
They are “bring your code, we run it.”
Self‑Managed Agents are not “more powerful agents.”
They are “you run everything.”
Both approaches can succeed.
The right choice is whichever one reduces risk in your organization:
Operational risk, if you lack a platform team. Or governance and integration risk, if you already have one.
If you’re deciding between Hosted Agents and Self‑Managed Agents and you’re stuck on questions like:
Where should identity live? How should private networking be done safely? What should be managed vs owned? What will your team be able to support in 12 months?
We're happy to share a practical decision checklist.
Feel free to contact us.
Unified governance for AI agents - Azure Foundry Control Plane gives CIOs full visibility, compliance, and control to expose risks...
