You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/DeploymentGuide.md
+13-9Lines changed: 13 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -66,24 +66,28 @@ To adjust quota settings, follow these [steps](../docs/AzureGPTQuotaSettings.md)
66
66
67
67
The [`infra`](../infra) folder contains the [`main.bicep`](../infra/main.bicep) Bicep script, which defines all Azure infrastructure components for this solution.
68
68
69
-
By default, the `azd up` command uses the [`main.bicepparam`](../infra/main.bicepparam) file to deploy the solution. This file is pre-configured for a **sandbox environment**— ideal for development and proof-of-concept scenarios, with minimal security and cost controls for rapid iteration.
69
+
When running `azd up`, you’ll now be prompted to choose between a **WAF-aligned configuration** and a **sandbox configuration**using a simple selection:
70
70
71
-
For **production deployments**, the repository also provides [`main.waf-aligned.bicepparam`](../infra/main.waf-aligned.bicepparam), which applies a [WAF-aligned](https://learn.microsoft.com/en-us/azure/well-architected/) configuration. This option enables additional Azure best practices for reliability, security, cost optimization, operational excellence, and performance efficiency, such as:
71
+
- A **sandbox environment** — ideal for development and proof-of-concept scenarios, with minimal securityand cost controls for rapid iteration.
72
72
73
-
- Enhanced network security (e.g., Network protection with private endpoints)
74
-
- Stricter access controls and managed identities
75
-
- Logging, monitoring, and diagnostics enabled by default
76
-
- Resource tagging and cost management recommendations
73
+
- A **production deployments environment**, which applies a [Well-Architected Framework (WAF) aligned](https://learn.microsoft.com/en-us/azure/well-architected/) configuration. This option enables additional Azure best practices for reliability, security, cost optimization, operational excellence, and performance efficiency, such as:
74
+
- Enhanced network security (e.g., Network protection with private endpoints)
75
+
- Stricter access controls and managed identities
76
+
- Logging, monitoring, and diagnostics enabled by default
77
+
- Resource tagging and cost management recommendations
77
78
78
79
**How to choose your deployment configuration:**
79
80
80
-
- Use the default [`main.bicepparam`](../infra/main.bicepparam) for a sandbox/dev environment.
81
-
- For a WAF-aligned, production-ready deployment, copy the contents of [`main.waf-aligned.bicepparam`](../infra/main.waf-aligned.bicepparam) into `main.bicepparam` before running `azd up`.
- Select **`true`** to deploy a **WAF-aligned, production-ready environment**
86
+
- Select **`false`** to deploy a **lightweight sandbox/dev environment**
87
+
-
83
88
> [!TIP]
84
89
> Always review and adjust parameter values (such as region, capacity, security settings and log analytics workspace configuration) to match your organization’s requirements before deploying. For production, ensure you have sufficient quota and follow the principle of least privilege for all identities and role assignments.
85
90
86
-
87
91
Pick from the options below to see step-by-step instructions for: GitHub Codespaces, VS Code Dev Containers, Local Environments, and Bicep deployments.
0 commit comments