Bring visibility of VmSize to main.bicep

DocGailZhou · DocGailZhou · commit a0a43be44610 · 2025-06-27T15:38:20.000-04:00
diff --git a/azure.v2.yaml b/azure.v2.yaml
@@ -0,0 +1,20 @@
+name: modernize-your-code-solution-accelerator
+metadata:
+    template: modernize-your-code-solution-accelerator@1.0
+parameters:
+  AzureAiServiceLocation:
+    type: string
+    default: japaneast
+  Prefix:
+    type: string
+    default: azdtemp
+  baseUrl:
+    type: string
+    default: 'https://raw.githubusercontent.com/microsoft/Modernize-your-code-solution-accelerator'
+infrastructure:
+  mode: Incremental
+  template: ./infra/main.bicep  # Path to the main.bicep file inside the 'infrastructure' folder
+  parameters:
+    AzureAiServiceLocation: ${{ parameters.AzureAiServiceLocation }}
+    Prefix: ${{ parameters.Prefix }}
+    baseUrl: ${{ parameters.baseUrl }}
diff --git a/infra/main.bicep b/infra/main.bicep
@@ -61,6 +61,9 @@ param secondaryLocation string?
 @description('Optional. Enable private networking for the resources. Set to true to enable private networking. Defaults to false.')
 param enablePrivateNetworking bool = useWafAlignedArchitecture? true : false
 
+@description('Optional. Size of the Jumpbox Virtual Machine when created. Set to custom value if enablePrivateNetworking is true.')
+param vmSize string? 
+
 @description('Optional. Admin username for the Jumpbox Virtual Machine. Set to custom value if enablePrivateNetworking is true.')
 @secure()
 //param vmAdminUsername string = take(newGuid(), 20)
@@ -71,15 +74,6 @@ param vmAdminUsername string?
 //param vmAdminPassword string = newGuid()
 param vmAdminPassword string?
 
-@allowed([
-  'Standard_B2s'
-  'Standard_D2s_v3'
-  'Standard_D4s_v3'
-  'Standard_DS2_v2'
-])
-@description('Optional. Size of the Jumpbox Virtual Machine when created. Set to custom value if enablePrivateNetworking is true. Defaults to Standard_B2s.')
-param vmSize string? 
-
 @description('Optional. Specifies the resource tags for all the resources. Tag "azd-env-name" is automatically added to all resources.')
 param tags object = {}
 
@@ -209,14 +203,15 @@ module applicationInsights 'br/public:avm/res/insights/component:0.6.0' = if (en
   }
 }
 
+
 module network 'modules/network.bicep' = if (enablePrivateNetworking) {
   name: take('network-${resourcesName}-deployment', 64)
   params: {
     resourcesName: resourcesName
     logAnalyticsWorkSpaceResourceId: logAnalyticsWorkspaceResourceId
     vmAdminUsername: vmAdminUsername ?? 'JumpboxAdminUser'
     vmAdminPassword: vmAdminPassword ?? 'JumpboxAdminP@ssw0rd1234!'
-    vmSize: vmSize ?? 'Standard_B2s'
+    vmSize: vmSize ??  'Standard_DS2_v2' // Default VM size 
     location: location
     tags: allTags
     enableTelemetry: enableTelemetry
diff --git a/infra/main.parameters.json b/infra/main.parameters.json
@@ -29,6 +29,9 @@
     "secondaryLocation": {
       "value": "${AZURE_ENV_COSMOS_SECONDARY_LOCATION}"
     },
+    "vmSize": {
+      "value": "${AZURE_ENV_JUMPBOX_SIZE}"
+    },
     "vmAdminUsername": {
       "value": "${AZURE_ENV_JUMPBOX_ADMIN_USERNAME}"
     },
diff --git a/infra/modules/ai-foundry/ai-services.bicep b/infra/modules/ai-foundry/ai-services.bicep
@@ -296,7 +296,7 @@ resource cognitiveService 'Microsoft.CognitiveServices/accounts@2025-04-01-previ
         ]
       : null
     // true is not supported today
-    encryption: null // Customer managed key encryption is used, but the property is required.
+    encryption: null // Customer managed key encryption is not used, but the property is required.
     migrationToken: migrationToken
     restore: restore
     restrictOutboundNetworkAccess: restrictOutboundNetworkAccess
diff --git a/infra/modules/network.bicep b/infra/modules/network.bicep
@@ -26,6 +26,14 @@ param vmAdminPassword string
 param vmSize string
 
 
+// VM Size Notes:
+// 1 B-series VMs (like Standard_B2ms) do not support accelerated networking.
+// 2 Pick a VM size that does support accelerated networking (the usual jump-box candidates):
+//     Standard_DS2_v2 (2 vCPU, 7 GiB RAM, Premium SSD) // The most broadly available (it’s a legacy SKU supported in virtually every region).
+//     Standard_D2s_v3 (2 vCPU, 8 GiB RAM, Premium SSD) //  next most common
+//     Standard_D2s_v4 (2 vCPU, 8 GiB RAM, Premium SSD)  // Newest, so fewer regions availabl
+
+
 // Subnet Classless Inter-Doman Routing (CIDR)  Sizing Reference Table (Best Practices)
 // | CIDR      | # of Addresses | # of /24s | Notes                                 |
 // |-----------|---------------|-----------|----------------------------------------|

Original file line number	Diff line number	Diff line change
`@@ -296,7 +296,7 @@ resource cognitiveService 'Microsoft.CognitiveServices/accounts@2025-04-01-previ`
`296`	`296`	`]`
`297`	`297`	`: null`
`298`	`298`	`// true is not supported today`
`299`		`- encryption: null // Customer managed key encryption is used, but the property is required.`
	`299`	`+ encryption: null // Customer managed key encryption is not used, but the property is required.`
`300`	`300`	`migrationToken: migrationToken`
`301`	`301`	`restore: restore`
`302`	`302`	`restrictOutboundNetworkAccess: restrictOutboundNetworkAccess`