Skip to content

Latest commit

 

History

History
 
 

dotnet

README.MD

Recommendation Service

This microservice orchestrates recommendation flows by leveraging Semantic Kernel. It integrates both native and semantic functions, alongside vector stores and connectors to provide accurate and intuitive recommendations. Detailed insights into the architecture and functionality of this service can be explored in the Synthesis use case.

Tip: For those keen on exploring advanced deep learning-based recommender systems, take a look at microsoft/recommenders which provides complex DLRMs.

Overview

Recommendation Service Architecture

Getting Started

Authentication

The services within this microservice communicate securely using OAuth flows facilitated by Azure Identity. This simplifies the process of securely managing credentials. The DefaultAzureCredential authentication mechanism is used in this setup.

If you're not using Visual Studio, it's advisable to use Azure Developer CLI to authenticate, which will then be propagated to AzureDefaultCredential.

azd auth login

Optionally, If dev cli didn't work, you can use service principal authentication. dev cyou can also set the following environment variables:

dotnet user-secrets set "AZURE_CLIENT_ID" ""
dotnet user-secrets set "AZURE_CLIENT_SECRET" ""
dotnet user-secrets set "AZURE_TENANT_ID" ""

Required services

The following services are required to run this microservice:

  1. Bing Search API
  2. Azure Cognitive Search
  3. Azure OpenAI
  4. Azure Cosmos DB
  5. Azure Storage

Including the following environment variables:

dotnet user-secrets set "BING_API_KEY" ""
dotnet user-secrets set "deploymentOrModelId" ""
dotnet user-secrets set "embeddingDeploymentOrModelId" ""
dotnet user-secrets set "endpoint" "https://{}.openai.azure.com/"
dotnet user-secrets set "apiKey" ""
dotnet user-secrets set "COSMOS_DB_CONNECTION_STRING" ""

Configuring Cosmos DB Managed Identity Access and Authentication (Optional)

Note: This section is only applicable if you're using DefaultAzureCredential for authentication.

To ensure the principal used has the necessary permissions to access Cosmos DB, you may need to create and assign a custom role. Here's how to do it:

  1. Create a JSON file for the custom role: For read-write access:

    {
   "RoleName":"CosmosDBReadWriteRole",
   "Type":"CustomRole",
   "AssignableScopes":[
      "/"
   ],
   "Permissions":[
      {
         "DataActions":[
            "Microsoft.DocumentDB/databaseAccounts/readMetadata",
            "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/*",
            "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/*"
         ]
      }
   ]
}

  2. Create the custom role using Azure CLI:

    resourceGroupName='<your-resource-group>'
accountName='<your-cosmos-account>'
az cosmosdb sql role definition create -a $accountName -g $resourceGroupName -b @role-definition.json

  3. List the role definitions to find the roleDefinitionId:

    az cosmosdb sql role definition list --account-name $accountName -g $resourceGroupName

    Find the roleDefinitionId from the output in the id field of the created custom role.

  4. Assign the custom role to your principal:

    roleDefinitionId='<role-definition-id>'
principalId='<principal-id>'
az cosmosdb sql role assignment create -a $accountName -g $resourceGroupName -s "/" -p $principalId -d $roleDefinitionId