Align with changes in Basic (#20)

Azure-Samples · Oct 18, 2024 · a2dbce5 · a2dbce5
1 parent 6f23973
commit a2dbce5
Show file tree

Hide file tree

Showing 10 changed files with 214 additions and 137 deletions.
diff --git a/README.md b/README.md
diff --git a/infra-as-code/bicep/acr.bicep b/infra-as-code/bicep/acr.bicep
@@ -4,6 +4,7 @@
 
 @description('This is the base name for each Azure resource name (6-8 chars)')
 @minLength(6)
+@maxLength(8)
 param baseName string
 
 @description('The resource group location')
@@ -18,6 +19,8 @@ param createPrivateEndpoints bool = false
 // existing resource name params 
 param vnetName string
 param privateEndpointsSubnetName string
+
+@description('The name of the workload\'s existing Log Analytics workspace.')
 param logWorkspaceName string
 
 //variables
@@ -50,6 +53,7 @@ resource acrResource 'Microsoft.ContainerRegistry/registries@2023-01-01-preview'
     networkRuleSet: {
       defaultAction: 'Deny'
     }
+    anonymousPullEnabled: false
     publicNetworkAccess: 'Disabled'
     zoneRedundancy: 'Enabled'
   }

diff --git a/infra-as-code/bicep/applicationinsignts.bicep b/infra-as-code/bicep/applicationinsignts.bicep
@@ -1,10 +1,12 @@
 @description('This is the base name for each Azure resource name (6-8 chars)')
+@minLength(6)
+@maxLength(8)
 param baseName string
 
 @description('The resource group location')
 param location string = resourceGroup().location
 
-@description('Existing Log Analytics workspace name used for this workload.')
+@description('The name of the workload\'s existing Log Analytics workspace.')
 param logWorkspaceName string
 
 // Existing resources
@@ -22,7 +24,10 @@ resource applicationInsights 'Microsoft.Insights/components@2020-02-02' = {
   properties: {
     Application_Type: 'web'
     WorkspaceResourceId: logAnalyticsWorkspace.id
-    Flow_Type: 'Bluefield'
+    RetentionInDays: 90
+    IngestionMode: 'LogAnalytics'
+    publicNetworkAccessForIngestion: 'Enabled'
+    publicNetworkAccessForQuery: 'Enabled'
   }
 }
 

diff --git a/infra-as-code/bicep/keyvault.bicep b/infra-as-code/bicep/keyvault.bicep
@@ -3,6 +3,8 @@
 */
 
 @description('This is the base name for each Azure resource name (6-8 chars)')
+@minLength(6)
+@maxLength(8)
 param baseName string
 
 @description('The resource group location')
@@ -20,6 +22,7 @@ param createPrivateEndpoints bool = false
 param vnetName string
 param privateEndpointsSubnetName string
 
+@description('The name of the workload\'s existing Log Analytics workspace.')
 param logWorkspaceName string
 
 //variables
@@ -77,7 +80,6 @@ resource keyVault 'Microsoft.KeyVault/vaults@2019-09-01' = {
 //Key Vault diagnostic settings
 resource keyVaultDiagSettings 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
   name: '${keyVault.name}-diagnosticSettings'
-  // scope: DeployBlob::Blob
   scope: keyVault
   properties: {
     workspaceId: logWorkspace.id

diff --git a/infra-as-code/bicep/machinelearning.bicep b/infra-as-code/bicep/machinelearning.bicep
@@ -3,6 +3,8 @@
 */
 
 @description('This is the base name for each Azure resource name (6-8 chars)')
+@minLength(6)
+@maxLength(8)
 param baseName string
 
 @description('The resource group location')
@@ -15,7 +17,10 @@ param applicationInsightsName string
 param containerRegistryName string
 param keyVaultName string
 param mlStorageAccountName string
+
+@description('The name of the workload\'s existing Log Analytics workspace.')
 param logWorkspaceName string
+
 param openAiResourceName string
 
 // ---- Variables ----

diff --git a/infra-as-code/bicep/main.bicep b/infra-as-code/bicep/main.bicep
@@ -65,7 +65,7 @@ module jumpBoxModule 'jumpbox.bicep' = {
   }
 }
 
-// Deploy storage account with private endpoint and private DNS zone
+// Deploy Azure Storage account with private endpoint and private DNS zone
 module storageModule 'storage.bicep' = {
   name: 'storageDeploy'
   params: {
@@ -77,7 +77,7 @@ module storageModule 'storage.bicep' = {
   }
 }
 
-// Deploy key vault with private endpoint and private DNS zone
+// Deploy Azure Key Vault with private endpoint and private DNS zone
 module keyVaultModule 'keyvault.bicep' = {
   name: 'keyVaultDeploy'
   params: {
@@ -92,7 +92,7 @@ module keyVaultModule 'keyvault.bicep' = {
   }
 }
 
-// Deploy container registry with private endpoint and private DNS zone
+// Deploy Azure Container Registry with private endpoint and private DNS zone
 module acrModule 'acr.bicep' = {
   name: 'acrDeploy'
   params: {
@@ -128,14 +128,6 @@ module openaiModule 'openai.bicep' = {
   }
 }
 
-// Deploy the gpt 3.5 model within the Azure OpenAI service deployed above.
-module openaiModels 'openai-models.bicep' = {
-  name: 'openaiModelsDeploy'
-  params: {
-    openaiName: openaiModule.outputs.openAiResourceName
-  }
-}
-
 // Deploy machine learning workspace with private endpoint and private DNS zone
 module mlwModule 'machinelearning.bicep' = {
   name: 'mlwDeploy'
@@ -171,7 +163,7 @@ module gatewayModule 'gateway.bicep' = {
   }
 }
 
-// Deploy the web apps for the front end demo ui and the containerised promptflow endpoint
+// Deploy the web apps for the front end demo UI and the containerised promptflow endpoint
 module webappModule 'webapp.bicep' = {
   name: 'webappDeploy'
   params: {
@@ -187,7 +179,7 @@ module webappModule 'webapp.bicep' = {
     logWorkspaceName: logWorkspace.name
   }
   dependsOn: [
-    openaiModule
+    mlwModule
     acrModule
   ]
 }
diff --git a/infra-as-code/bicep/openai-models.bicep b/infra-as-code/bicep/openai-models.bicep
diff --git a/infra-as-code/bicep/openai.bicep b/infra-as-code/bicep/openai.bicep
@@ -1,4 +1,6 @@
 @description('This is the base name for each Azure resource name (6-8 chars)')
+@minLength(6)
+@maxLength(8)
 param baseName string
 
 @description('The resource group location')
@@ -7,7 +9,10 @@ param location string = resourceGroup().location
 // existing resource name params 
 param vnetName string
 param privateEndpointsSubnetName string
+
+@description('The name of the workload\'s existing Log Analytics workspace.')
 param logWorkspaceName string
+
 param keyVaultName string
 
 //variables
@@ -49,6 +54,7 @@ resource openAiAccount 'Microsoft.CognitiveServices/accounts@2023-10-01-preview'
     networkAcls: {
       defaultAction: 'Deny'
     }
+    // TODO: disableLocalAuth: true
   }
   sku: {
     name: 'S0'
@@ -153,6 +159,24 @@ resource openAiAccount 'Microsoft.CognitiveServices/accounts@2023-10-01-preview'
       ]
     }
   }
+
+  @description('Add a gpt-3.5 turbo deployment.')
+  resource gpt35 'deployments' = {
+    name: 'gpt35'
+    sku: {
+      name: 'Standard'
+      capacity: 25
+    }
+    properties: {
+      model: {
+        format: 'OpenAI'
+        name: 'gpt-35-turbo'
+        version: '0613' // If your selected region doesn't support this version, please change it.
+      }
+      raiPolicyName: openAiAccount::blockingFilter.name
+      versionUpgradeOption: 'NoAutoUpgrade'  // Always pin your dependencies, be intentional about updates.
+    }
+  }
 }
 
 //OpenAI diagnostic settings

diff --git a/infra-as-code/bicep/storage.bicep b/infra-as-code/bicep/storage.bicep
@@ -4,6 +4,7 @@
 
 @description('This is the base name for each Azure resource name (6-8 chars)')
 @minLength(6)
+@maxLength(8)
 param baseName string
 
 @description('The resource group location')
@@ -12,6 +13,8 @@ param location string = resourceGroup().location
 // existing resource name params 
 param vnetName string
 param privateEndpointsSubnetName string
+
+@description('The name of the workload\'s existing Log Analytics workspace.')
 param logWorkspaceName string
 
 // variables

diff --git a/infra-as-code/bicep/webapp.bicep b/infra-as-code/bicep/webapp.bicep
@@ -4,6 +4,7 @@
 
 @description('This is the base name for each Azure resource name (6-8 chars)')
 @minLength(6)
+@maxLength(8)
 param baseName string
 
 @description('The resource group location')
@@ -12,7 +13,7 @@ param location string = resourceGroup().location
 param developmentEnvironment bool
 param publishFileName string
 
-// existing resource name params 
+// existing resource name params
 param vnetName string
 param appServicesSubnetName string
 param privateEndpointsSubnetName string
@@ -28,7 +29,6 @@ var packageLocation = 'https://${storageName}.blob.${environment().suffixes.stor
 var appServicePrivateEndpointName = 'pep-${appName}'
 var appServicePfPrivateEndpointName = 'pep-${appName}-pf'
 
-
 var appInsightsName = 'appinsights-${appName}'
 
 var chatApiKey = '@Microsoft.KeyVault(SecretUri=https://${keyVaultName}.vault.azure.net/secrets/chatApiKey)'
@@ -42,7 +42,7 @@ var appServicePlanPremiumSku = 'Premium'
 var appServicePlanStandardSku = 'Standard'
 var appServicePlanSettings = {
   Standard: {
-    name: 'S1'
+    name: 'B2'
     capacity: 1
   }
   Premium: {
@@ -117,7 +117,7 @@ resource blobDataReaderRoleAssignment 'Microsoft.Authorization/roleAssignments@2
 }
 
 //App service plan
-resource appServicePlan 'Microsoft.Web/serverfarms@2022-09-01' = {
+resource appServicePlan 'Microsoft.Web/serverfarms@2023-12-01' = {
   name: appServicePlanName
   location: location
   sku: developmentEnvironment ? appServicePlanSettings[appServicePlanStandardSku] : appServicePlanSettings[appServicePlanPremiumSku]
@@ -129,7 +129,7 @@ resource appServicePlan 'Microsoft.Web/serverfarms@2022-09-01' = {
 }
 
 // Web App
-resource webApp 'Microsoft.Web/sites@2022-09-01' = {
+resource webApp 'Microsoft.Web/sites@2023-12-01' = {
   name: appName
   location: location
   kind: 'app'
@@ -323,6 +323,10 @@ resource appInsights 'Microsoft.Insights/components@2020-02-02' = {
   properties: {
     Application_Type: 'web'
     WorkspaceResourceId: logWorkspace.id
+    RetentionInDays: 90
+    IngestionMode: 'LogAnalytics'
+    publicNetworkAccessForIngestion: 'Enabled'
+    publicNetworkAccessForQuery: 'Enabled'
   }
 }