@@ -96,6 +96,9 @@ param imageVersion string = 'latest'
9696@description ('Version of the GPT model to deploy:' )
9797param gptModelVersion string = '2024-08-06'
9898
99+ @description ('Use this parameter to use an existing AI project resource ID' )
100+ param azureExistingAIProjectResourceId string = ''
101+
99102param existingLogAnalyticsWorkspaceId string = ''
100103
101104var allTags = union (
@@ -221,23 +224,40 @@ module network 'modules/network.bicep' = if (enablePrivateNetworking) {
221224}
222225
223226module aiServices 'modules/ai-foundry/main.bicep' = {
224- name : take ('aiservices- ${resourcesName }-deployment ' , 64 )
227+ name : take ('avm.res.cognitive-services.account. ${resourcesName }' , 64 )
225228 #disable-next-line no-unnecessary-dependson
226229 dependsOn : [logAnalyticsWorkspace , network ] // required due to optional flags that could change dependency
227230 params : {
228231 name : '${abbrs .ai .aiFoundry }${resourcesName }'
229232 location : aiDeploymentsLocation
230233 sku : 'S0'
231234 kind : 'AIServices'
232- deployments : [modelDeployment ]
235+ deployments : [ modelDeployment ]
233236 projectName : '${abbrs .ai .aiFoundryProject }${resourcesName }'
237+ projectDescription : '${abbrs .ai .aiFoundryProject }${resourcesName }'
234238 logAnalyticsWorkspaceResourceId : enableMonitoring ? logAnalyticsWorkspaceResourceId : ''
235239 privateNetworking : enablePrivateNetworking
236240 ? {
237241 virtualNetworkResourceId : network .outputs .vnetResourceId
238242 subnetResourceId : network .outputs .subnetPrivateEndpointsResourceId
239243 }
240244 : null
245+ existingFoundryProjectResourceId : azureExistingAIProjectResourceId
246+ disableLocalAuth : true //Should be set to true for WAF aligned configuration
247+ customSubDomainName : 'ais-${resourcesName }'
248+ apiProperties : {
249+ //staticsEnabled: false
250+ }
251+ allowProjectManagement : true
252+ managedIdentities : {
253+ systemAssigned : true
254+ }
255+ publicNetworkAccess : 'Enabled'
256+ networkAcls : {
257+ bypass : 'AzureServices'
258+ defaultAction : 'Allow'
259+ }
260+ privateEndpoints : []
241261 roleAssignments : [
242262 {
243263 principalId : appIdentity .outputs .principalId
@@ -314,9 +334,9 @@ module keyVault 'modules/keyVault.bicep' = {
314334 : null
315335 roleAssignments : [
316336 {
317- principalId : aiServices .outputs .?systemAssignedMIPrincipalId ?? ''
337+ principalId : aiServices .outputs .?systemAssignedMIPrincipalId ?? appIdentity . outputs . principalId
318338 principalType : 'ServicePrincipal'
319- roleDefinitionIdOrName : 'Key Vault Reader '
339+ roleDefinitionIdOrName : 'Key Vault Administrator '
320340 }
321341 ]
322342 tags : allTags
@@ -473,15 +493,15 @@ module containerAppBackend 'br/public:avm/res/app/container-app:0.17.0' = {
473493 }
474494 {
475495 name : 'AI_PROJECT_ENDPOINT'
476- value : aiServices .outputs .project .apiEndpoint // or equivalent
496+ value : aiServices .outputs .aiProjectInfo .apiEndpoint // or equivalent
477497 }
478498 {
479499 name : 'AZURE_AI_AGENT_PROJECT_CONNECTION_STRING' // This was not really used in code.
480- value : aiServices .outputs .project .apiEndpoint
500+ value : aiServices .outputs .aiProjectInfo .apiEndpoint
481501 }
482502 {
483503 name : 'AZURE_AI_AGENT_PROJECT_NAME'
484- value : aiServices .outputs .project .name
504+ value : aiServices .outputs .aiProjectInfo .name
485505 }
486506 {
487507 name : 'AZURE_AI_AGENT_RESOURCE_GROUP_NAME'
@@ -493,7 +513,7 @@ module containerAppBackend 'br/public:avm/res/app/container-app:0.17.0' = {
493513 }
494514 {
495515 name : 'AZURE_AI_AGENT_ENDPOINT'
496- value : aiServices .outputs .project .apiEndpoint
516+ value : aiServices .outputs .aiProjectInfo .apiEndpoint
497517 }
498518 {
499519 name : 'AZURE_CLIENT_ID'
0 commit comments