Merge pull request #383 from microsoft/dev

fix: merging from dev to main

Author: Roopan-Microsoft

azure.yaml

@@ -1,24 +1,24 @@
-name: modernize-your-code-solution-accelerator
-metadata:
-    template: modernize-your-code-solution-accelerator@1.0
-
-requiredVersions:
-  azd: '>= 1.18.0'
-
-parameters:
-  AzureAiServiceLocation:
-    type: string
-    default: japaneast
-  Prefix:
-    type: string
-    default: azdtemp
-  baseUrl:
-    type: string
-    default: 'https://raw.githubusercontent.com/microsoft/Modernize-your-code-solution-accelerator'
-deployment:
-  mode: Incremental
-  template: ./infra/main.bicep  # Path to the main.bicep file inside the 'deployment' folder
-  parameters:
-    AzureAiServiceLocation: ${{ parameters.AzureAiServiceLocation }}
-    Prefix: ${{ parameters.Prefix }}
-    baseUrl: ${{ parameters.baseUrl }}
+name: modernize-your-code-solution-accelerator
+metadata:
+    template: modernize-your-code-solution-accelerator@1.0
+
+requiredVersions:
+  azd: '>= 1.18.0 != 1.23.9'
+
+parameters:
+  AzureAiServiceLocation:
+    type: string
+    default: japaneast
+  Prefix:
+    type: string
+    default: azdtemp
+  baseUrl:
+    type: string
+    default: 'https://raw.githubusercontent.com/microsoft/Modernize-your-code-solution-accelerator'
+deployment:
+  mode: Incremental
+  template: ./infra/main.bicep  # Path to the main.bicep file inside the 'deployment' folder
+  parameters:
+    AzureAiServiceLocation: ${{ parameters.AzureAiServiceLocation }}
+    Prefix: ${{ parameters.Prefix }}
+    baseUrl: ${{ parameters.baseUrl }}

azure_custom.yaml

@@ -1,31 +1,31 @@
-name: modernize-your-code-solution-accelerator
-metadata:
-    template: modernize-your-code-solution-accelerator@1.0
-
-requiredVersions:
-  azd: '>= 1.18.0'
-
-parameters:
-  azureAiServiceLocation:
-    type: string
-    default: japaneast
-
-services:
-  backend:
-    project: ./src/backend
-    host: containerapp
-    language: python
-    docker:
-      path: Dockerfile
-      remoteBuild: true
-  frontend:
-    project: ./src/frontend
-    host: containerapp
-    language: js
-    docker:
-      path: Dockerfile
-      remoteBuild: true
-
-infra:
-  provider: bicep
-  path: infra
+name: modernize-your-code-solution-accelerator
+metadata:
+    template: modernize-your-code-solution-accelerator@1.0
+
+requiredVersions:
+  azd: '>= 1.18.0 != 1.23.9'
+
+parameters:
+  azureAiServiceLocation:
+    type: string
+    default: japaneast
+
+services:
+  backend:
+    project: ./src/backend
+    host: containerapp
+    language: python
+    docker:
+      path: Dockerfile
+      remoteBuild: true
+  frontend:
+    project: ./src/frontend
+    host: containerapp
+    language: js
+    docker:
+      path: Dockerfile
+      remoteBuild: true
+
+infra:
+  provider: bicep
+  path: infra

infra/main.bicep

@@ -742,15 +742,7 @@ module aiServices 'modules/ai-foundry/aifoundry.bicep' = {
     projectName: 'proj-${solutionSuffix}'
     projectDescription: 'proj-${solutionSuffix}'
     logAnalyticsWorkspaceResourceId: enableMonitoring ? logAnalyticsWorkspaceResourceId : ''
-    privateNetworking: enablePrivateNetworking
-      ? {
-          virtualNetworkResourceId: virtualNetwork!.outputs.resourceId
-          subnetResourceId: virtualNetwork!.outputs.pepsSubnetResourceId
-          cogServicesPrivateDnsZoneResourceId: avmPrivateDnsZones[dnsZoneIndex.cognitiveServices]!.outputs.resourceId
-          openAIPrivateDnsZoneResourceId: avmPrivateDnsZones[dnsZoneIndex.openAI]!.outputs.resourceId
-          aiServicesPrivateDnsZoneResourceId: avmPrivateDnsZones[dnsZoneIndex.aiServices]!.outputs.resourceId
-        }
-      : null
+    privateNetworking: null // Private endpoint is handled by the standalone aiFoundryPrivateEndpoint module
     existingFoundryProjectResourceId: azureExistingAIProjectResourceId
     disableLocalAuth: true //Should be set to true for WAF aligned configuration
     customSubDomainName: 'aif-${solutionSuffix}'
@@ -789,6 +781,45 @@ module aiServices 'modules/ai-foundry/aifoundry.bicep' = {
   }
 }
 
+var aiFoundryAiServicesResourceName = 'aif-${solutionSuffix}'
+var useExistingAiFoundryAiProject = !empty(azureExistingAIProjectResourceId)
+
+module aiFoundryPrivateEndpoint 'br/public:avm/res/network/private-endpoint:0.8.1' = if (enablePrivateNetworking && !useExistingAiFoundryAiProject) {
+  name: take('pep-${aiFoundryAiServicesResourceName}-deployment', 64)
+  params: {
+    name: 'pep-${aiFoundryAiServicesResourceName}'
+    customNetworkInterfaceName: 'nic-${aiFoundryAiServicesResourceName}'
+    location: location
+    tags: allTags
+    privateLinkServiceConnections: [
+      {
+        name: 'pep-${aiFoundryAiServicesResourceName}-connection'
+        properties: {
+          privateLinkServiceId: aiServices.outputs.resourceId
+          groupIds: ['account']
+        }
+      }
+    ]
+    privateDnsZoneGroup: {
+      privateDnsZoneGroupConfigs: [
+        {
+          name: 'ai-services-dns-zone-cognitiveservices'
+          privateDnsZoneResourceId: avmPrivateDnsZones[dnsZoneIndex.cognitiveServices]!.outputs.resourceId
+        }
+        {
+          name: 'ai-services-dns-zone-openai'
+          privateDnsZoneResourceId: avmPrivateDnsZones[dnsZoneIndex.openAI]!.outputs.resourceId
+        }
+        {
+          name: 'ai-services-dns-zone-aiservices'
+          privateDnsZoneResourceId: avmPrivateDnsZones[dnsZoneIndex.aiServices]!.outputs.resourceId
+        }
+      ]
+    }
+    subnetResourceId: virtualNetwork!.outputs.pepsSubnetResourceId
+  }
+}
+
 var appStorageContainerName = 'appstorage'
 
 module storageAccount 'modules/storageAccount.bicep' = {