Merge branch 'dev' of https://github.com/microsoft/Modernize-your-code-solution-accelerator into PSL-TS-19053

Author: Bangarraju-Microsoft

azure.yaml

@@ -26,14 +26,14 @@ hooks:
     posix:
       shell: sh
       run: >
-        chmod u+r+x ./scripts/validate_model_deployment_quota.sh; chmod u+r+x ./scripts/validate_model_quota.sh; ./scripts/validate_model_deployment_quota.sh --subscription "$AZURE_SUBSCRIPTION_ID" --location "${AZURE_AISERVICE_LOCATION:-japaneast}" --models-parameter "aiModelDeployments"
-      interactive: false
+        chmod u+r+x ./scripts/validate_model_deployment_quota.sh; chmod u+r+x ./scripts/validate_model_quota.sh; ./scripts/validate_model_deployment_quota.sh --SubscriptionId "$AZURE_SUBSCRIPTION_ID" --Location "${AZURE_AISERVICE_LOCATION:-japaneast}" --ModelsParameter "aiModelDeployments"
+      interactive: true
       continueOnError: false
 
     windows:
       shell: pwsh
       run: >
         $location = if ($env:AZURE_AISERVICE_LOCATION) { $env:AZURE_AISERVICE_LOCATION } else { "japaneast" };
         ./scripts/validate_model_deployment_quota.ps1 -SubscriptionId $env:AZURE_SUBSCRIPTION_ID -Location $location -ModelsParameter "aiModelDeployments"
-      interactive: false
+      interactive: true
       continueOnError: false

docs/CustomizingAzdParameters.md

@@ -9,7 +9,8 @@ By default this template will use the environment name as the prefix to prevent
 | Name                                   | Type    | Default Value    | Purpose                                                                                              |
 | -------------------------------------- | ------- | ---------------- | ---------------------------------------------------------------------------------------------------- |
 | `AZURE_ENV_NAME`                       | string  | `azdtemp`        | Used as a prefix for all resource names to ensure uniqueness across environments.                    |
-| `AZURE_LOCATION`                       | string  | `japaneast`      | Location of the Azure resources. Controls where the infrastructure will be deployed.                 |
+| `AZURE_LOCATION`                       | string  | `eastus2`      | Location of the Azure resources. Controls where the infrastructure will be deployed.                 |
+| `AZURE_AISERVICE_LOCATION`                       | string  | `japaneast`      | Set the Azure AI Service Location.                 |
 | `AZURE_ENV_MODEL_DEPLOYMENT_TYPE`      | string  | `GlobalStandard` | Change the Model Deployment Type (allowed values: Standard, GlobalStandard).                         |
 | `AZURE_ENV_MODEL_NAME`                 | string  | `gpt-4o`         | Set the Model Name (allowed values: gpt-4o).                                                         |
 | `AZURE_ENV_MODEL_VERSION`              | string  | `2024-08-06`     | Set the Azure model version (allowed values: 2024-08-06)    |

docs/DeploymentGuide.md

@@ -36,13 +36,18 @@ Check the [Azure Products by Region](https://azure.microsoft.com/en-us/explore/g
 
 When you start the deployment, most parameters will have **default values**, but you can update the following settings by following the steps [here](../docs/CustomizingAzdParameters.md):  
 
-| **Setting** | **Description** |  **Default value** |
-|------------|----------------|  ------------|
-| **Azure Region** | The region where resources will be created. | East US| 
-| **Resource Prefix** | Prefix for all resources created by this template. This prefix will be used to create unique names for all resources. The prefix must be unique within the resource group. | None |
-| **AI Location** | Location for all AI services resources. This location can be different from the resource group location | None |
-| **Capacity** | Configure capacity for **gpt-4o**. |  5k |
-| **Existing Log analytics workspace** | To reuse the existing Log analytics workspace Id. |  |
+| **Setting**                       | **Description**                                                                                      | **Default value**         |
+|----------------------------------|------------------------------------------------------------------------------------------------------|----------------------------|
+| **Azure Region**                 | The region where resources will be created.                                                         | East US                   |
+| **Resource Prefix**              | Prefix for all resources created by this template. This prefix will be used to create unique names for all resources. The prefix must be unique within the resource group. | azdtemp                   |
+| **AI Location**                  | Location for all AI services resources. This location can be different from the resource group location. | japaneast                 |
+| **Capacity**                     | Configure capacity for **gpt-4o**.                                                                   | 200                        |
+| **Model Deployment Type**        | Change the Model Deployment Type (allowed values: Standard, GlobalStandard).                        | GlobalStandard             |
+| **Model Name**                   | Set the Model Name (allowed values: gpt-4o).                                                        | gpt-4o                     |
+| **Model Version**                | Set the Azure model version (allowed values: 2024-08-06).                                           | 2024-08-06                 |
+| **Image Tag**                    | Set the Image tag (allowed values: latest, dev, hotfix).                                            | latest                     |
+| **Existing Log analytics workspace** | To reuse the existing Log analytics workspace Id.                                                | `<Existing Workspace Id>` |
+
 
 This accelerator can be configured to  use authentication. 
 

infra/abbreviations.json

@@ -2,6 +2,8 @@
     "ai": {
       "aiSearch": "srch-",
       "aiServices": "aisa-",
+      "aiFoundry": "aif-",
+      "aiFoundryProject": "aifp-",
       "aiVideoIndexer": "avi-",
       "machineLearningWorkspace": "mlw-",
       "openAIService": "oai-",

infra/deploy_ai_foundry.bicep

@@ -11,7 +11,9 @@ param managedIdentityObjectId string
 param aiServicesEndpoint string
 param aiServicesKey string
 param aiServicesId string
+param aureaiFoundryEndpoint string
 
+param aiFoundryName string
 param existingLogAnalyticsWorkspaceId string = ''
 
 var useExisting = !empty(existingLogAnalyticsWorkspaceId)
@@ -24,15 +26,10 @@ var abbrs = loadJsonContent('./abbreviations.json')
 var storageName = '${abbrs.storage.storageAccount}${solutionName}'
 
 var storageSkuName = 'Standard_LRS'
-var aiServicesName = '${abbrs.ai.aiServices}${solutionName}'
 var workspaceName = '${abbrs.managementGovernance.logAnalyticsWorkspace}${solutionName}'
 var keyvaultName = '${abbrs.security.keyVault}${solutionName}'
 var location = solutionLocation 
-var azureAiHubName = '${abbrs.ai.aiHub}${solutionName}'
-var aiHubFriendlyName = azureAiHubName
-var aiHubDescription = 'AI Hub for KM template'
-var aiProjectName = '${abbrs.ai.aiHubProject}${solutionName}'
-var aiProjectFriendlyName = aiProjectName
+
 var aiSearchName = '${solutionName}-search'
 var applicationInsightsName = '${solutionName}-appi'
 
@@ -73,125 +70,6 @@ resource applicationInsights 'Microsoft.Insights/components@2020-02-02' = {
 
 var storageNameCleaned = replace(replace(replace(replace('${storageName}cast', '-', ''), '_', ''), '.', ''),'/', '')
 
-
-
-
-resource storage 'Microsoft.Storage/storageAccounts@2022-09-01' = {
-  name: storageNameCleaned
-  location: location
-  sku: {
-    name: storageSkuName
-  }
-  kind: 'StorageV2'
-  identity: {
-    type: 'SystemAssigned'
-  }
-  properties: {
-    accessTier: 'Hot'
-    allowBlobPublicAccess: false
-    allowCrossTenantReplication: false
-    allowSharedKeyAccess: false
-    encryption: {
-      keySource: 'Microsoft.Storage'
-      requireInfrastructureEncryption: false
-      services: {
-        blob: {
-          enabled: true
-          keyType: 'Account'
-        }
-        file: {
-          enabled: true
-          keyType: 'Account'
-        }
-        queue: {
-          enabled: true
-          keyType: 'Service'
-        }
-        table: {
-          enabled: true
-          keyType: 'Service'
-        }
-      }
-    }
-    isHnsEnabled: false
-    isNfsV3Enabled: false
-    keyPolicy: {
-      keyExpirationPeriodInDays: 7
-    }
-    largeFileSharesState: 'Disabled'
-    minimumTlsVersion: 'TLS1_2'
-    networkAcls: {
-      bypass: 'AzureServices'
-      defaultAction: 'Allow'
-    }
-    supportsHttpsTrafficOnly: true
-  }
-}
-
-@description('This is the built-in Storage Blob Data Contributor.')
-resource blobDataContributor 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' existing = {
-  scope: subscription()
-  name: 'ba92f5b4-2d11-453d-a403-e96b0029c9fe'
-}
-
-resource storageroleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
-  name: guid(resourceGroup().id, managedIdentityObjectId, blobDataContributor.id)
-  scope: storage
-  properties: {
-    principalId: managedIdentityObjectId
-    roleDefinitionId: blobDataContributor.id
-    principalType: 'ServicePrincipal'
-  }
-}
-
-resource aiHub 'Microsoft.MachineLearningServices/workspaces@2023-08-01-preview' = {
-  name: azureAiHubName
-  location: location
-  identity: {
-    type: 'SystemAssigned'
-  }
-  properties: {
-    // organization
-    friendlyName: aiHubFriendlyName
-    description: aiHubDescription
-
-    // dependent resources
-    keyVault: keyVault.id
-    storageAccount: storage.id
-  }
-  kind: 'hub'
-
-  resource aiServicesConnection 'connections@2024-07-01-preview' = {
-    name: '${azureAiHubName}-connection-AzureOpenAI'
-    properties: {
-      category: 'AIServices'
-      target: aiServicesEndpoint
-      authType: 'ApiKey'
-      isSharedToAll: true
-      credentials: {
-        key: aiServicesKey
-      }
-      metadata: {
-        ApiType: 'Azure'
-        ResourceId: aiServicesId
-      }
-    }
-  }
-}
-
-resource aiHubProject 'Microsoft.MachineLearningServices/workspaces@2024-01-01-preview' = {
-  name: aiProjectName
-  location: location
-  kind: 'Project'
-  identity: {
-    type: 'SystemAssigned'
-  }
-  properties: {
-    friendlyName: aiProjectFriendlyName
-    hubResourceId: aiHub.id
-  }
-}
-
 resource tenantIdEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
   parent: keyVault
   name: 'TENANT-ID'
@@ -248,11 +126,11 @@ resource azureOpenAIEndpointEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-
   }
 }
 
-resource azureAIProjectConnectionStringEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
+resource azureAIProjectEndpointEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview' = {
   parent: keyVault
-  name: 'AZURE-AI-PROJECT-CONN-STRING'
+  name: 'AI-PROJECT-ENDPOINT'
   properties: {
-    value: '${split(aiHubProject.properties.discoveryUrl, '/')[2]};${subscription().subscriptionId};${resourceGroup().name};${aiHubProject.name}'
+    value: aureaiFoundryEndpoint
   }
 }
 
@@ -292,7 +170,7 @@ resource cogServiceNameEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-previ
   parent: keyVault
   name: 'COG-SERVICES-NAME'
   properties: {
-    value: aiServicesName
+    value: aiFoundryName
   }
 }
 
@@ -323,14 +201,9 @@ resource azureLocatioEntry 'Microsoft.KeyVault/vaults/secrets@2021-11-01-preview
 output keyvaultName string = keyvaultName
 output keyvaultId string = keyVault.id
 
-output aiServicesName string = aiServicesName 
 output aiSearchName string = aiSearchName
-output aiProjectName string = aiHubProject.name
 
 output storageAccountName string = storageNameCleaned
 
 output logAnalyticsId string = useExisting ? existingLogAnalyticsWorkspace.id : logAnalytics.id
-output storageAccountId string = storage.id
 output applicationInsightsConnectionString string = applicationInsights.properties.ConnectionString
-
-output projectConnectionString string = '${split(aiHubProject.properties.discoveryUrl, '/')[2]};${subscription().subscriptionId};${resourceGroup().name};${aiHubProject.name}'