diff --git a/infra/deploy_ai_foundry.bicep b/infra/deploy_ai_foundry.bicep index 9783fee..13b4efa 100644 --- a/infra/deploy_ai_foundry.bicep +++ b/infra/deploy_ai_foundry.bicep @@ -1,7 +1,4 @@ // Creates Azure dependent resources for Azure AI studio -@minLength(3) -@maxLength(15) -@description('Solution Name') param solutionName string param solutionLocation string param keyVaultName string @@ -11,7 +8,6 @@ param managedIdentityObjectId string param aiServicesEndpoint string param aiServicesKey string param aiServicesId string - var abbrs = loadJsonContent('./abbreviations.json') var storageName = '${abbrs.storage.storageAccount}${solutionName}hubst' var storageSkuName = 'Standard_LRS' @@ -27,7 +23,6 @@ var aiProjectFriendlyName = aiProjectName var aiSearchName = '${abbrs.ai.aiSearch}${solutionName}' - resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' existing = { name: keyVaultName } @@ -45,9 +40,7 @@ resource logAnalytics 'Microsoft.OperationalInsights/workspaces@2023-09-01' = { } -var storageNameCleaned = replace(replace(replace(replace('${storageName}cast', '-', ''), '_', ''), '.', ''),'/', '') - - +var storageNameCleaned = replace(storageName, '-', '') resource storage 'Microsoft.Storage/storageAccounts@2022-09-01' = { @@ -119,7 +112,7 @@ resource storageroleAssignment 'Microsoft.Authorization/roleAssignments@2022-04- } resource aiHub 'Microsoft.MachineLearningServices/workspaces@2023-08-01-preview' = { - name: azureAiHubName + name: aiHubName location: location identity: { type: 'SystemAssigned' @@ -136,7 +129,7 @@ resource aiHub 'Microsoft.MachineLearningServices/workspaces@2023-08-01-preview' kind: 'hub' resource aiServicesConnection 'connections@2024-07-01-preview' = { - name: '${azureAiHubName}-connection-AzureOpenAI' + name: '${aiHubName}-connection-AzureOpenAI' properties: { category: 'AIServices' target: aiServicesEndpoint @@ -305,5 +298,3 @@ output storageAccountName string = storageNameCleaned output logAnalyticsId string = logAnalytics.id output storageAccountId string = storage.id - -output projectConnectionString string = '${split(aiHubProject.properties.discoveryUrl, '/')[2]};${subscription().subscriptionId};${resourceGroup().name};${aiHubProject.name}' diff --git a/infra/deploy_keyvault.bicep b/infra/deploy_keyvault.bicep index a10a9af..a23970b 100644 --- a/infra/deploy_keyvault.bicep +++ b/infra/deploy_keyvault.bicep @@ -35,7 +35,9 @@ resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' = { enabledForDeployment: true enabledForDiskEncryption: true enabledForTemplateDeployment: true + enableRbacAuthorization: true + publicNetworkAccess: 'enabled' sku: { family: 'A' diff --git a/infra/deploy_managed_identity.bicep b/infra/deploy_managed_identity.bicep index 6e0b9dc..5af3232 100644 --- a/infra/deploy_managed_identity.bicep +++ b/infra/deploy_managed_identity.bicep @@ -10,10 +10,8 @@ param solutionName string param solutionLocation string @description('Name') - param miName string - resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { name: miName location: solutionLocation diff --git a/infra/main.bicep b/infra/main.bicep index 696237e..03dc951 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -1,11 +1,9 @@ @minLength(3) - @maxLength(10) @description('Prefix for all resources created by this template. This prefix will be used to create unique names for all resources. The prefix must be unique within the resource group.') param ResourcePrefix string var abbrs = loadJsonContent('./abbreviations.json') - @allowed([ 'australiaeast' 'brazilsouth' @@ -32,13 +30,24 @@ var abbrs = loadJsonContent('./abbreviations.json') 'westus3' ]) @description('Location for all Ai services resources. This location can be different from the resource group location.') -param AzureAiServiceLocation string // The location used for all deployed resources. This location must be in the same region as the resource group. +param AiLocation string // The location used for all deployed resources. This location must be in the same region as the resource group. param capacity int = 5 -var uniqueId = toLower(uniqueString(subscription().id, safePrefix, resourceGroup().location)) -var UniquePrefix = 'cm${padLeft(take(uniqueId, 12), 12, '0')}' -var ResourcePrefix = take('cm${safePrefix}${UniquePrefix}', 15) -var imageVersion = 'latest' + +@description('A unique prefix for all resources in this deployment. This should be 3-10 characters long:') +//param environmentName string +var randomString = substring(uniqueString(resourceGroup().id), 0, 4) +@description('The location used for all deployed resources') +// Generate a unique string based on the base name and a unique identifier +//var uniqueSuffix = uniqueString(resourceGroup().id, ResourcePrefix) + +// Take the first 4 characters of the unique string to use as a suffix +//var randomSuffix = substring(ResourcePrefix, 0, min(10, length(ResourcePrefix))) + +// Combine the base name with the random suffix +var finalName = '${ResourcePrefix}-${randomString}' + +var imageVersion = 'rc1' var location = resourceGroup().location var dblocation = resourceGroup().location var cosmosdbDatabase = 'cmsadb' @@ -48,15 +57,14 @@ var cosmosdbLogContainer = 'cmsalog' var deploymentType = 'GlobalStandard' var containerName = 'appstorage' var llmModel = 'gpt-4o' +var prefixCleaned = replace(toLower(finalName), '-', '') var storageSkuName = 'Standard_LRS' - var storageContainerName = '${abbrs.storage.storageAccount}${prefixCleaned}' var gptModelVersion = '2024-08-06' var aiServicesName = '${abbrs.ai.aiServices}${prefixCleaned}' - var aiModelDeployments = [ { name: llmModel @@ -70,26 +78,24 @@ var aiModelDeployments = [ } ] -resource azureAiServices 'Microsoft.CognitiveServices/accounts@2024-04-01-preview' = { - name: azureAiServicesName +resource aiServices 'Microsoft.CognitiveServices/accounts@2024-04-01-preview' = { + name: aiServicesName location: location sku: { name: 'S0' } kind: 'AIServices' properties: { - customSubDomainName: aiServicesName apiProperties: { // statisticsEnabled: false } - } } @batchSize(1) -resource azureAiServicesDeployments 'Microsoft.CognitiveServices/accounts/deployments@2023-05-01' = [for aiModeldeployment in aiModelDeployments: { - parent: azureAiServices //aiServices_m +resource aiServicesDeployments 'Microsoft.CognitiveServices/accounts/deployments@2023-05-01' = [for aiModeldeployment in aiModelDeployments: { + parent: aiServices //aiServices_m name: aiModeldeployment.name properties: { model: { @@ -111,10 +117,8 @@ resource azureAiServicesDeployments 'Microsoft.CognitiveServices/accounts/deploy module managedIdentityModule 'deploy_managed_identity.bicep' = { name: 'deploy_managed_identity' params: { - miName:'${abbrs.security.managedIdentity}${prefixCleaned}' solutionName: prefixCleaned - solutionLocation: location } scope: resourceGroup(resourceGroup().name) @@ -125,10 +129,8 @@ module managedIdentityModule 'deploy_managed_identity.bicep' = { module kvault 'deploy_keyvault.bicep' = { name: 'deploy_keyvault' params: { - keyvaultName: '${abbrs.security.keyVault}${prefixCleaned}' solutionName: prefixCleaned - solutionLocation: location managedIdentityObjectId:managedIdentityModule.outputs.managedIdentityOutput.objectId } @@ -137,27 +139,27 @@ module kvault 'deploy_keyvault.bicep' = { // ==========AI Foundry and related resources ========== // -module azureAifoundry 'deploy_ai_foundry.bicep' = { +module aifoundry 'deploy_ai_foundry.bicep' = { name: 'deploy_ai_foundry' params: { - solutionName: ResourcePrefix - solutionLocation: AzureAiServiceLocation + solutionName: prefixCleaned + solutionLocation: AiLocation keyVaultName: kvault.outputs.keyvaultName gptModelName: llmModel gptModelVersion: gptModelVersion managedIdentityObjectId:managedIdentityModule.outputs.managedIdentityOutput.objectId - aiServicesEndpoint: azureAiServices.properties.endpoint - aiServicesKey: azureAiServices.listKeys().key1 - aiServicesId: azureAiServices.id + aiServicesEndpoint: aiServices.properties.endpoint + aiServicesKey: aiServices.listKeys().key1 + aiServicesId: aiServices.id } scope: resourceGroup(resourceGroup().name) } module containerAppsEnvironment 'br/public:avm/res/app/managed-environment:0.9.1' = { - name: toLower('${ResourcePrefix}conAppsEnv') + name: toLower('${prefixCleaned}conAppsEnv') params: { - logAnalyticsWorkspaceResourceId: azureAifoundry.outputs.logAnalyticsId - name: toLower('${ResourcePrefix}manenv') + logAnalyticsWorkspaceResourceId: aifoundry.outputs.logAnalyticsId + name: toLower('${prefixCleaned}manenv') location: location zoneRedundant: false managedIdentities: managedIdentityModule @@ -165,12 +167,10 @@ module containerAppsEnvironment 'br/public:avm/res/app/managed-environment:0.9.1 } module databaseAccount 'br/public:avm/res/document-db/database-account:0.9.0' = { - name: toLower('${ResourcePrefix}cosmos') + name: toLower('${prefixCleaned}database') params: { // Required parameters - name: toLower('${abbrs.databases.cosmosDBDatabase}${prefixCleaned}databaseAccount') - // Non-required parameters enableAnalyticalStorage: true location: dblocation @@ -234,9 +234,7 @@ module databaseAccount 'br/public:avm/res/document-db/database-account:0.9.0' = } module containerAppFrontend 'br/public:avm/res/app/container-app:0.13.0' = { - name: toLower('${abbrs.containers.containerApp}${prefixCleaned}containerAppFrontend') - params: { managedIdentities: { systemAssigned: true @@ -266,9 +264,7 @@ module containerAppFrontend 'br/public:avm/res/app/container-app:0.13.0' = { scaleMinReplicas: 1 scaleMaxReplicas: 1 environmentResourceId: containerAppsEnvironment.outputs.resourceId - name: toLower('${abbrs.containers.containerApp}${prefixCleaned}containerFrontend') - // Non-required parameters location: location } @@ -276,9 +272,7 @@ module containerAppFrontend 'br/public:avm/res/app/container-app:0.13.0' = { resource containerAppBackend 'Microsoft.App/containerApps@2023-05-01' = { - name: toLower('${abbrs.containers.containerApp}${prefixCleaned}containerBackend') - location: location identity: { type: 'SystemAssigned' @@ -331,7 +325,7 @@ resource containerAppBackend 'Microsoft.App/containerApps@2023-05-01' = { } { name: 'AZURE_OPENAI_ENDPOINT' - value: 'https://${azureAifoundry.outputs.aiServicesName}.openai.azure.com/' + value: 'https://${aifoundry.outputs.aiServicesName}.openai.azure.com/' } { name: 'MIGRATOR_AGENT_MODEL_DEPLOY' @@ -361,26 +355,6 @@ resource containerAppBackend 'Microsoft.App/containerApps@2023-05-01' = { name: 'TERMINATION_MODEL_DEPLOY' value: llmModel } - { - name: 'AZURE_AI_AGENT_MODEL_DEPLOYMENT_NAME' - value: llmModel - } - { - name: 'AZURE_AI_AGENT_PROJECT_NAME' - value: azureAifoundry.outputs.aiProjectName - } - { - name: 'AZURE_AI_AGENT_RESOURCE_GROUP_NAME' - value: resourceGroup().name - } - { - name: 'AZURE_AI_AGENT_SUBSCRIPTION_ID' - value: subscription().subscriptionId - } - { - name: 'AZURE_AI_AGENT_PROJECT_CONNECTION_STRING' - value: azureAifoundry.outputs.projectConnectionString - } ] resources: { cpu: 1 @@ -454,7 +428,7 @@ var openAiContributorRoleId = 'a001fd3d-188f-4b5d-821b-7da978bf7442' // Fixed R resource openAiRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { name: guid(containerAppBackend.id, openAiContributorRoleId) - scope: azureAiServices + scope: aiServices properties: { roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', openAiContributorRoleId) // OpenAI Service Contributor principalId: containerAppBackend.identity.principalId @@ -471,25 +445,9 @@ resource containers 'Microsoft.Storage/storageAccounts/blobServices/containers@2 properties: { publicAccess: 'None' } - dependsOn: [azureAifoundry] + dependsOn: [aifoundry] }] -resource aiHubProject 'Microsoft.MachineLearningServices/workspaces@2024-01-01-preview' existing = { - name: '${ResourcePrefix}-prj' // aiProjectName must be calculated - available at main start. -} - -resource aiDeveloper 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = { - name: '64702f94-c441-49e6-a78b-ef80e0188fee' -} - -resource aiDeveloperAccessProj 'Microsoft.Authorization/roleAssignments@2022-04-01' = { - name: guid(containerAppBackend.name, aiHubProject.id, aiDeveloper.id) - scope: aiHubProject - properties: { - roleDefinitionId: aiDeveloper.id - principalId: containerAppBackend.identity.principalId - } -} resource contributorRoleDefinition 'Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions@2021-06-15' existing = { name: '${databaseAccount.name}/00000000-0000-0000-0000-000000000002' diff --git a/infra/main.bicepparam b/infra/main.bicepparam index a369041..649aead 100644 --- a/infra/main.bicepparam +++ b/infra/main.bicepparam @@ -1,4 +1,4 @@ using './main.bicep' -param AzureAiServiceLocation = readEnvironmentVariable('AZURE_LOCATION','japaneast') -param Prefix = readEnvironmentVariable('AZURE_ENV_NAME','azdtemp') +param AiLocation = readEnvironmentVariable('AZURE_LOCATION','japaneast') +param ResourcePrefix = readEnvironmentVariable('AZURE_ENV_NAME','azdtemp') diff --git a/infra/main.json b/infra/main.json index 79accc5..75e1a88 100644 --- a/infra/main.json +++ b/infra/main.json @@ -4,21 +4,20 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.33.93.31351", "templateHash": "9645396053164913156" - } }, "parameters": { - "Prefix": { + "ResourcePrefix": { "type": "string", "minLength": 3, + "maxLength": 10, "metadata": { - "description": "Prefix for all resources created by this template. This should be 3-20 characters long. If your provide a prefix longer than 20 characters, it will be truncated to 20 characters." + "description": "Prefix for all resources created by this template. This prefix will be used to create unique names for all resources. The prefix must be unique within the resource group." } }, - "AzureAiServiceLocation": { + "AiLocation": { "type": "string", "allowedValues": [ "australiaeast", @@ -55,7 +54,6 @@ } }, "variables": { - "$fxv#0": { "ai": { "aiSearch": "srch-", @@ -287,7 +285,6 @@ "randomString": "[substring(uniqueString(resourceGroup().id), 0, 4)]", "finalName": "[format('{0}-{1}', parameters('ResourcePrefix'), variables('randomString'))]", "imageVersion": "rc1", - "location": "[resourceGroup().location]", "dblocation": "[resourceGroup().location]", "cosmosdbDatabase": "cmsadb", @@ -297,12 +294,11 @@ "deploymentType": "GlobalStandard", "containerName": "appstorage", "llmModel": "gpt-4o", + "prefixCleaned": "[replace(toLower(variables('finalName')), '-', '')]", "storageSkuName": "Standard_LRS", - "storageContainerName": "[format('{0}{1}', variables('abbrs').storage.storageAccount, variables('prefixCleaned'))]", "gptModelVersion": "2024-08-06", "aiServicesName": "[format('{0}{1}', variables('abbrs').ai.aiServices, variables('prefixCleaned'))]", - "aiModelDeployments": [ { "name": "[variables('llmModel')]", @@ -324,29 +320,27 @@ { "type": "Microsoft.CognitiveServices/accounts", "apiVersion": "2024-04-01-preview", - "name": "[variables('azureAiServicesName')]", + "name": "[variables('aiServicesName')]", "location": "[variables('location')]", "sku": { "name": "S0" }, "kind": "AIServices", "properties": { - "customSubDomainName": "[variables('aiServicesName')]", "apiProperties": {} - } }, { "copy": { - "name": "azureAiServicesDeployments", + "name": "aiServicesDeployments", "count": "[length(variables('aiModelDeployments'))]", "mode": "serial", "batchSize": 1 }, "type": "Microsoft.CognitiveServices/accounts/deployments", "apiVersion": "2023-05-01", - "name": "[format('{0}/{1}', variables('azureAiServicesName'), variables('aiModelDeployments')[copyIndex()].name)]", + "name": "[format('{0}/{1}', variables('aiServicesName'), variables('aiModelDeployments')[copyIndex()].name)]", "properties": { "model": { "format": "OpenAI", @@ -360,21 +354,19 @@ "capacity": "[variables('aiModelDeployments')[copyIndex()].sku.capacity]" }, "dependsOn": [ - "[resourceId('Microsoft.CognitiveServices/accounts', variables('azureAiServicesName'))]" + "[resourceId('Microsoft.CognitiveServices/accounts', variables('aiServicesName'))]" ] }, { "type": "Microsoft.App/containerApps", "apiVersion": "2023-05-01", - "name": "[toLower(format('{0}{1}containerBackend', variables('abbrs').containers.containerApp, variables('prefixCleaned')))]", - "location": "[variables('location')]", "identity": { "type": "SystemAssigned" }, "properties": { - "managedEnvironmentId": "[reference(resourceId('Microsoft.Resources/deployments', toLower(format('{0}conAppsEnv', variables('ResourcePrefix')))), '2022-09-01').outputs.resourceId.value]", + "managedEnvironmentId": "[reference(resourceId('Microsoft.Resources/deployments', toLower(format('{0}conAppsEnv', variables('prefixCleaned')))), '2022-09-01').outputs.resourceId.value]", "configuration": { "ingress": { "external": true, @@ -393,7 +385,7 @@ "env": [ { "name": "COSMOSDB_ENDPOINT", - "value": "[reference(resourceId('Microsoft.Resources/deployments', toLower(format('{0}cosmos', variables('ResourcePrefix')))), '2022-09-01').outputs.endpoint.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', toLower(format('{0}database', variables('prefixCleaned')))), '2022-09-01').outputs.endpoint.value]" }, { "name": "COSMOSDB_DATABASE", @@ -450,26 +442,6 @@ { "name": "TERMINATION_MODEL_DEPLOY", "value": "[variables('llmModel')]" - }, - { - "name": "AZURE_AI_AGENT_MODEL_DEPLOYMENT_NAME", - "value": "[variables('llmModel')]" - }, - { - "name": "AZURE_AI_AGENT_PROJECT_NAME", - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, resourceGroup().name), 'Microsoft.Resources/deployments', 'deploy_ai_foundry'), '2022-09-01').outputs.aiProjectName.value]" - }, - { - "name": "AZURE_AI_AGENT_RESOURCE_GROUP_NAME", - "value": "[resourceGroup().name]" - }, - { - "name": "AZURE_AI_AGENT_SUBSCRIPTION_ID", - "value": "[subscription().subscriptionId]" - }, - { - "name": "AZURE_AI_AGENT_PROJECT_CONNECTION_STRING", - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, resourceGroup().name), 'Microsoft.Resources/deployments', 'deploy_ai_foundry'), '2022-09-01').outputs.projectConnectionString.value]" } ], "resources": { @@ -482,8 +454,8 @@ }, "dependsOn": [ "[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, resourceGroup().name), 'Microsoft.Resources/deployments', 'deploy_ai_foundry')]", - "[resourceId('Microsoft.Resources/deployments', toLower(format('{0}conAppsEnv', variables('ResourcePrefix'))))]", - "[resourceId('Microsoft.Resources/deployments', toLower(format('{0}cosmos', variables('ResourcePrefix'))))]", + "[resourceId('Microsoft.Resources/deployments', toLower(format('{0}conAppsEnv', variables('prefixCleaned'))))]", + "[resourceId('Microsoft.Resources/deployments', toLower(format('{0}database', variables('prefixCleaned'))))]", "[resourceId('Microsoft.Storage/storageAccounts', variables('storageContainerName'))]" ] }, @@ -544,7 +516,6 @@ "type": "Microsoft.Authorization/roleAssignments", "apiVersion": "2022-04-01", "scope": "[format('Microsoft.Storage/storageAccounts/{0}', variables('storageContainerName'))]", - "name": "[guid(resourceId('Microsoft.App/containerApps', toLower(format('{0}{1}containerBackend', variables('abbrs').containers.containerApp, variables('prefixCleaned')))), 'Storage Blob Data Contributor')]", "properties": { "roleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'ba92f5b4-2d11-453d-a403-e96b0029c9fe')]", @@ -552,14 +523,12 @@ }, "dependsOn": [ "[resourceId('Microsoft.App/containerApps', toLower(format('{0}{1}containerBackend', variables('abbrs').containers.containerApp, variables('prefixCleaned'))))]", - "[resourceId('Microsoft.Storage/storageAccounts', variables('storageContainerName'))]" ] }, { "type": "Microsoft.Authorization/roleAssignments", "apiVersion": "2022-04-01", - "scope": "[format('Microsoft.CognitiveServices/accounts/{0}', variables('aiServicesName'))]", "name": "[guid(resourceId('Microsoft.App/containerApps', toLower(format('{0}{1}containerBackend', variables('abbrs').containers.containerApp, variables('prefixCleaned')))), variables('openAiContributorRoleId'))]", "properties": { @@ -569,7 +538,6 @@ "dependsOn": [ "[resourceId('Microsoft.CognitiveServices/accounts', variables('aiServicesName'))]", "[resourceId('Microsoft.App/containerApps', toLower(format('{0}{1}containerBackend', variables('abbrs').containers.containerApp, variables('prefixCleaned'))))]" - ] }, { @@ -587,19 +555,6 @@ "[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, resourceGroup().name), 'Microsoft.Resources/deployments', 'deploy_ai_foundry')]" ] }, - { - "type": "Microsoft.Authorization/roleAssignments", - "apiVersion": "2022-04-01", - "scope": "[format('Microsoft.MachineLearningServices/workspaces/{0}', format('{0}-prj', variables('ResourcePrefix')))]", - "name": "[guid(toLower(format('{0}Bck-ca', variables('ResourcePrefix'))), resourceId('Microsoft.MachineLearningServices/workspaces', format('{0}-prj', variables('ResourcePrefix'))), resourceId('Microsoft.Authorization/roleDefinitions', '64702f94-c441-49e6-a78b-ef80e0188fee'))]", - "properties": { - "roleDefinitionId": "[resourceId('Microsoft.Authorization/roleDefinitions', '64702f94-c441-49e6-a78b-ef80e0188fee')]", - "principalId": "[reference(resourceId('Microsoft.App/containerApps', toLower(format('{0}Bck-ca', variables('ResourcePrefix')))), '2023-05-01', 'full').identity.principalId]" - }, - "dependsOn": [ - "[resourceId('Microsoft.App/containerApps', toLower(format('{0}Bck-ca', variables('ResourcePrefix'))))]" - ] - }, { "type": "Microsoft.Resources/deployments", "apiVersion": "2022-09-01", @@ -615,7 +570,7 @@ "value": "[format('{0}{1}', variables('abbrs').security.managedIdentity, variables('prefixCleaned'))]" }, "solutionName": { - "value": "[variables('ResourcePrefix')]" + "value": "[variables('prefixCleaned')]" }, "solutionLocation": { "value": "[variables('location')]" @@ -627,10 +582,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.33.93.31351", "templateHash": "4801202077166882355" - } }, "parameters": { @@ -650,8 +603,6 @@ }, "miName": { "type": "string", - - "metadata": { "description": "Name" } @@ -716,7 +667,7 @@ "value": "[format('{0}{1}', variables('abbrs').security.keyVault, variables('prefixCleaned'))]" }, "solutionName": { - "value": "[variables('ResourcePrefix')]" + "value": "[variables('prefixCleaned')]" }, "solutionLocation": { "value": "[variables('location')]" @@ -731,10 +682,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.33.93.31351", "templateHash": "15626032116057754317" - } }, "parameters": { @@ -787,7 +736,9 @@ "enabledForDeployment": true, "enabledForDiskEncryption": true, "enabledForTemplateDeployment": true, + "enableSoftDelete": false, "enableRbacAuthorization": true, + "enablePurgeProtection": true, "publicNetworkAccess": "enabled", "sku": { "family": "A", @@ -836,10 +787,10 @@ "mode": "Incremental", "parameters": { "solutionName": { - "value": "[variables('ResourcePrefix')]" + "value": "[variables('prefixCleaned')]" }, "solutionLocation": { - "value": "[parameters('AzureAiServiceLocation')]" + "value": "[parameters('AiLocation')]" }, "keyVaultName": { "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, resourceGroup().name), 'Microsoft.Resources/deployments', 'deploy_keyvault'), '2022-09-01').outputs.keyvaultName.value]" @@ -854,13 +805,13 @@ "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, resourceGroup().name), 'Microsoft.Resources/deployments', 'deploy_managed_identity'), '2022-09-01').outputs.managedIdentityOutput.value.objectId]" }, "aiServicesEndpoint": { - "value": "[reference(resourceId('Microsoft.CognitiveServices/accounts', variables('azureAiServicesName')), '2024-04-01-preview').endpoint]" + "value": "[reference(resourceId('Microsoft.CognitiveServices/accounts', variables('aiServicesName')), '2024-04-01-preview').endpoint]" }, "aiServicesKey": { - "value": "[listKeys(resourceId('Microsoft.CognitiveServices/accounts', variables('azureAiServicesName')), '2024-04-01-preview').key1]" + "value": "[listKeys(resourceId('Microsoft.CognitiveServices/accounts', variables('aiServicesName')), '2024-04-01-preview').key1]" }, "aiServicesId": { - "value": "[resourceId('Microsoft.CognitiveServices/accounts', variables('azureAiServicesName'))]" + "value": "[resourceId('Microsoft.CognitiveServices/accounts', variables('aiServicesName'))]" } }, "template": { @@ -869,20 +820,13 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.33.93.31351", "templateHash": "17234510752657929213" - } }, "parameters": { "solutionName": { - "type": "string", - "minLength": 3, - "maxLength": 15, - "metadata": { - "description": "Solution Name" - } + "type": "string" }, "solutionLocation": { "type": "string" @@ -907,14 +851,9 @@ }, "aiServicesId": { "type": "string" - }, - "storageName": { - "type": "string", - "defaultValue": "[format('{0}hubst', parameters('solutionName'))]" } }, "variables": { - "$fxv#0": { "ai": { "aiSearch": "srch-", @@ -1156,13 +1095,12 @@ "aiProjectFriendlyName": "[variables('aiProjectName')]", "aiSearchName": "[format('{0}{1}', variables('abbrs').ai.aiSearch, parameters('solutionName'))]", "storageNameCleaned": "[replace(variables('storageName'), '-', '')]" - }, "resources": [ { "type": "Microsoft.MachineLearningServices/workspaces/connections", "apiVersion": "2024-07-01-preview", - "name": "[format('{0}/{1}', variables('azureAiHubName'), format('{0}-connection-AzureOpenAI', variables('azureAiHubName')))]", + "name": "[format('{0}/{1}', variables('aiHubName'), format('{0}-connection-AzureOpenAI', variables('aiHubName')))]", "properties": { "category": "AIServices", "target": "[parameters('aiServicesEndpoint')]", @@ -1177,7 +1115,7 @@ } }, "dependsOn": [ - "[resourceId('Microsoft.MachineLearningServices/workspaces', variables('azureAiHubName'))]" + "[resourceId('Microsoft.MachineLearningServices/workspaces', variables('aiHubName'))]" ] }, { @@ -1263,7 +1201,7 @@ { "type": "Microsoft.MachineLearningServices/workspaces", "apiVersion": "2023-08-01-preview", - "name": "[variables('azureAiHubName')]", + "name": "[variables('aiHubName')]", "location": "[variables('location')]", "identity": { "type": "SystemAssigned" @@ -1290,10 +1228,10 @@ }, "properties": { "friendlyName": "[variables('aiProjectFriendlyName')]", - "hubResourceId": "[resourceId('Microsoft.MachineLearningServices/workspaces', variables('azureAiHubName'))]" + "hubResourceId": "[resourceId('Microsoft.MachineLearningServices/workspaces', variables('aiHubName'))]" }, "dependsOn": [ - "[resourceId('Microsoft.MachineLearningServices/workspaces', variables('azureAiHubName'))]" + "[resourceId('Microsoft.MachineLearningServices/workspaces', variables('aiHubName'))]" ] }, { @@ -1460,16 +1398,12 @@ "storageAccountId": { "type": "string", "value": "[resourceId('Microsoft.Storage/storageAccounts', variables('storageNameCleaned'))]" - }, - "projectConnectionString": { - "type": "string", - "value": "[format('{0};{1};{2};{3}', split(reference(resourceId('Microsoft.MachineLearningServices/workspaces', variables('aiProjectName')), '2024-01-01-preview').discoveryUrl, '/')[2], subscription().subscriptionId, resourceGroup().name, variables('aiProjectName'))]" } } } }, "dependsOn": [ - "[resourceId('Microsoft.CognitiveServices/accounts', variables('azureAiServicesName'))]", + "[resourceId('Microsoft.CognitiveServices/accounts', variables('aiServicesName'))]", "[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, resourceGroup().name), 'Microsoft.Resources/deployments', 'deploy_keyvault')]", "[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, resourceGroup().name), 'Microsoft.Resources/deployments', 'deploy_managed_identity')]" ] @@ -1477,7 +1411,7 @@ { "type": "Microsoft.Resources/deployments", "apiVersion": "2022-09-01", - "name": "[toLower(format('{0}conAppsEnv', variables('ResourcePrefix')))]", + "name": "[toLower(format('{0}conAppsEnv', variables('prefixCleaned')))]", "properties": { "expressionEvaluationOptions": { "scope": "inner" @@ -1488,7 +1422,7 @@ "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, resourceGroup().name), 'Microsoft.Resources/deployments', 'deploy_ai_foundry'), '2022-09-01').outputs.logAnalyticsId.value]" }, "name": { - "value": "[toLower(format('{0}manenv', variables('ResourcePrefix')))]" + "value": "[toLower(format('{0}manenv', variables('prefixCleaned')))]" }, "location": { "value": "[variables('location')]" @@ -2096,7 +2030,7 @@ { "type": "Microsoft.Resources/deployments", "apiVersion": "2022-09-01", - "name": "[toLower(format('{0}cosmos', variables('ResourcePrefix')))]", + "name": "[toLower(format('{0}database', variables('prefixCleaned')))]", "properties": { "expressionEvaluationOptions": { "scope": "inner" @@ -2104,9 +2038,7 @@ "mode": "Incremental", "parameters": { "name": { - "value": "[toLower(format('{0}{1}databaseAccount', variables('abbrs').databases.cosmosDBDatabase, variables('prefixCleaned')))]" - }, "enableAnalyticalStorage": { "value": true @@ -5914,9 +5846,7 @@ { "type": "Microsoft.Resources/deployments", "apiVersion": "2022-09-01", - "name": "[toLower(format('{0}{1}containerAppFrontend', variables('abbrs').containers.containerApp, variables('prefixCleaned')))]", - "properties": { "expressionEvaluationOptions": { "scope": "inner" @@ -5937,9 +5867,7 @@ "env": [ { "name": "API_URL", - "value": "[format('https://{0}', reference(resourceId('Microsoft.App/containerApps', toLower(format('{0}{1}containerBackend', variables('abbrs').containers.containerApp, variables('prefixCleaned')))), '2023-05-01').configuration.ingress.fqdn)]" - } ], "image": "[format('cmsacontainerreg.azurecr.io/cmsafrontend:{0}', variables('imageVersion'))]", @@ -5964,12 +5892,10 @@ "value": 1 }, "environmentResourceId": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', toLower(format('{0}conAppsEnv', variables('ResourcePrefix')))), '2022-09-01').outputs.resourceId.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', toLower(format('{0}conAppsEnv', variables('prefixCleaned')))), '2022-09-01').outputs.resourceId.value]" }, "name": { - "value": "[toLower(format('{0}{1}containerFrontend', variables('abbrs').containers.containerApp, variables('prefixCleaned')))]" - }, "location": { "value": "[variables('location')]" @@ -7141,10 +7067,8 @@ } }, "dependsOn": [ - "[resourceId('Microsoft.App/containerApps', toLower(format('{0}{1}containerBackend', variables('abbrs').containers.containerApp, variables('prefixCleaned'))))]", "[resourceId('Microsoft.Resources/deployments', toLower(format('{0}conAppsEnv', variables('prefixCleaned'))))]", - "[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, resourceGroup().name), 'Microsoft.Resources/deployments', 'deploy_managed_identity')]" ] }, @@ -7178,9 +7102,7 @@ } }, "scriptContent": { - "value": "[format('az cosmosdb sql role assignment create --resource-group \"{0}\" --account-name \"{1}\" --role-definition-id \"{2}\" --scope \"{3}\" --principal-id \"{4}\"', resourceGroup().name, reference(resourceId('Microsoft.Resources/deployments', toLower(format('{0}database', variables('prefixCleaned')))), '2022-09-01').outputs.name.value, resourceId('Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions', split(format('{0}/00000000-0000-0000-0000-000000000002', toLower(format('{0}database', variables('prefixCleaned')))), '/')[0], split(format('{0}/00000000-0000-0000-0000-000000000002', toLower(format('{0}database', variables('prefixCleaned')))), '/')[1]), reference(resourceId('Microsoft.Resources/deployments', toLower(format('{0}database', variables('prefixCleaned')))), '2022-09-01').outputs.resourceId.value, reference(resourceId('Microsoft.App/containerApps', toLower(format('{0}{1}containerBackend', variables('abbrs').containers.containerApp, variables('prefixCleaned')))), '2023-05-01', 'full').identity.principalId)]" - } }, "template": { @@ -7709,10 +7631,8 @@ } }, "dependsOn": [ - "[resourceId('Microsoft.App/containerApps', toLower(format('{0}{1}containerBackend', variables('abbrs').containers.containerApp, variables('prefixCleaned'))))]", "[resourceId('Microsoft.Resources/deployments', toLower(format('{0}database', variables('prefixCleaned'))))]", - "[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, resourceGroup().name), 'Microsoft.Resources/deployments', 'deploy_managed_identity')]" ] } diff --git a/src/backend/requirements.txt b/src/backend/requirements.txt index c5d6b63..9271f9d 100644 --- a/src/backend/requirements.txt +++ b/src/backend/requirements.txt @@ -17,7 +17,7 @@ azure-cosmos azure-servicebus azure-mgmt-storage azure-functions - +azure-ai-projects==1.0.0b9 # Development tools pytest pytest-mock