From e27947c1ce87b8b44850a3c8213e273f71afb56f Mon Sep 17 00:00:00 2001 From: Kristian Nese Date: Fri, 9 Feb 2024 09:42:28 +0100 Subject: [PATCH] adding compute vision (#527) * adding compute vision * adding ux for vision * adding ai vision --- .../generativeAi/EnterpriseAIPortal.json | 228 +++++++++++++++++- fsi/solutions/generativeAi/aoaiArm.json | 116 ++++++++- fsi/solutions/generativeAi/azureAiSearch.json | 28 +-- .../generativeAi/azureComputerVision.json | 202 ++++++++++++++++ fsi/solutions/generativeAi/azureOpenAi.json | 1 + 5 files changed, 540 insertions(+), 35 deletions(-) create mode 100644 fsi/solutions/generativeAi/azureComputerVision.json diff --git a/fsi/solutions/generativeAi/EnterpriseAIPortal.json b/fsi/solutions/generativeAi/EnterpriseAIPortal.json index b7bf51e1..5241b20a 100644 --- a/fsi/solutions/generativeAi/EnterpriseAIPortal.json +++ b/fsi/solutions/generativeAi/EnterpriseAIPortal.json @@ -1373,8 +1373,8 @@ { "name": "aiUseCaseDeployment", "type": "Microsoft.Common.OptionsGroup", - "label": "Create Azure AI services for the initial use cases", - "defaultValue": "Yes", + "label": "Create required Azure services for the initial use cases", + "defaultValue": "No", "toolTip": "", "constraints": { "allowedValues": [ @@ -1432,7 +1432,7 @@ }, { "label": "Image and video recognition", - "description": "analyze images and provide textual responses to questions about them. It incorporates both natural language processing and visual understanding.", + "description": "Analyze images and provide textual responses to questions about them. It incorporates both natural language processing and visual understanding.", "value": "vision" } ], @@ -1441,7 +1441,14 @@ "visible": "[equals(steps('aiAuxiliarySettings').aiUseCaseDeployment, 'Yes')]" }, { - "name": "aSearchSection", + "name": "aiAddServicesSection", + "type": "Microsoft.Common.Section", + "label": "Required services for the selected use case", + "elements": [], + "visible": "[equals(steps('aiAuxiliarySettings').aiUseCaseDeployment, 'Yes')]" + }, + { + "name": "aiSearchSection", "type": "Microsoft.Common.Section", "label": "Azure AI Search", "elements": [], @@ -1624,6 +1631,209 @@ "required": true }, "visible": "[equals(steps('aiAuxiliarySettings').aiUseCaseDeployment, 'Yes')]" + }, + { + "name": "aiAddServicesSectionVision", + "type": "Microsoft.Common.Section", + "label": "Required services for the selected use case", + "elements": [], + "visible": "[and(equals(steps('aiAuxiliarySettings').aiUseCaseDeployment, 'Yes'), equals(steps('aiAuxiliarySettings').aiUseCaseSelection, 'vision'))]" + }, + { + "name": "aiVisionSection", + "type": "Microsoft.Common.Section", + "label": "Azure AI Vision", + "elements": [], + "visible": "[and(equals(steps('aiAuxiliarySettings').aiUseCaseDeployment, 'Yes'), equals(steps('aiAuxiliarySettings').aiUseCaseSelection, 'vision'))]" + }, + { + "name": "aiVisionInfo", + "type": "Microsoft.Common.TextBlock", + "visible": "[and(equals(steps('aiAuxiliarySettings').aiUseCaseSelection, 'vision'), equals(steps('aiAuxiliarySettings').aiUseCaseDeployment, 'Yes'))]", + "options": { + "icon": "None", + "text": "Azure AI Vision is a unified service that offers innovative computer vision capabilities. Give your apps the ability to analyze images, read text, and detect faces with prebuilt image tagging, text extraction with optical character recognition (OCR), and responsible facial recognition. Incorporate vision features into your projects with no machine learning experience required.", + "uri": "https://www.microsoft.com" + } + }, + { + "name": "aiVisionNetworkSection", + "type": "Microsoft.Common.Section", + "label": "Network Settings", + "elements": [], + "visible": "[and(equals(steps('aiAuxiliarySettings').aiUseCaseSelection, 'vision'), equals(steps('aiAuxiliarySettings').aiUseCaseDeployment, 'Yes'))]" + }, + { + "name": "aiVisionDisableNetworkAccess", + "type": "Microsoft.Common.OptionsGroup", + "label": "Disable Public Network Access", + "defaultValue": "Yes (recommended)", + "toolTip": "", + "constraints": { + "allowedValues": [ + { + "label": "Yes (recommended)", + "value": "Yes" + }, + { + "label": "No", + "value": "No" + } + ], + "required": true + }, + "visible": "[and(equals(steps('aiAuxiliarySettings').aiUseCaseDeployment, 'Yes'), equals(steps('aiAuxiliarySettings').aiUseCaseSelection, 'vision'))]" + }, + { + "name": "aiVisionRestrictOutboundNetworkAccess", + "type": "Microsoft.Common.OptionsGroup", + "label": "Restric Outbound Network Access for AI Vision", + "defaultValue": "Yes (recommended)", + "toolTip": "", + "constraints": { + "allowedValues": [ + { + "label": "Yes (recommended)", + "value": "Yes" + }, + { + "label": "No", + "value": "No" + } + ], + "required": true + }, + "visible": "[equals(steps('aiAuxiliarySettings').aiVisionDisableNetworkAccess, 'Yes')]" + }, + { + "name": "aiVisionNwLocationOption", + "type": "Microsoft.Common.OptionsGroup", + "label": "Deploy the Private Endpoint for Azure AI Vision into the same region as the Azure AI Vision service", + "defaultValue": "Yes", + "toolTip": "This will deploy the Private Endpoint in the provided subnet and will also associate an Application Security Group", + "constraints": { + "allowedValues": [ + { + "label": "Yes", + "value": "Yes" + }, + { + "label": "No", + "value": "No" + } + ], + "required": true + }, + "visible": "[and(equals(steps('aiAuxiliarySettings').aiUseCaseSelection, 'vision'), equals(steps('aiAuxiliarySettings').aiVisionDisableNetworkAccess, 'Yes'))]" + }, + { + "name": "aiVisionLocationsApi", + "type": "Microsoft.Solutions.ArmApiControl", + "request": { + "method": "GET", + "path": "locations?api-version=2019-11-01" + } + }, + { + "name": "aiVisionNwLocation", + "type": "Microsoft.Common.DropDown", + "label": "Select region for the Private Endpoint", + "filter": true, + "toolTip": "Select the target region for the Private Endpoint", + "constraints": { + "allowedValues": "[map(steps('aiAuxiliarySettings').aiVisionLocationsApi.value,(item) => parse(concat('{\"label\":\"',item.displayName,'\",\"value\":\"',item.name,'\"}')))]", + "required": true + }, + "visible": "[and(not(equals(steps('aiAuxiliarySettings').aiVisionNwLocationOption, 'Yes')), equals(steps('aiAuxiliarySettings').aiVisionDisableNetworkAccess, 'Yes'))]" + }, + { + "name": "aiVisionSubnetId", + "type": "Microsoft.Common.TextBox", + "label": "ResourceId of existing subnet for connecting Private Endpoint", + "placeholder": "", + "defaultValue": "", + "toolTip": "Use only allowed characters", + "constraints": { + "required": true + }, + "visible": "[and(equals(steps('aiAuxiliarySettings').aiUseCaseSelection, 'vision'), equals(steps('aiAuxiliarySettings').aiVisionDisableNetworkAccess, 'Yes'))]" + }, + { + "name": "aiVisionauthzSection", + "type": "Microsoft.Common.Section", + "label": "Authorization Settings", + "elements": [], + "visible": "[equals(steps('aiAuxiliarySettings').aiUseCaseSelection, 'vision')]" + }, + { + "name": "aiVisionRbacAuthz", + "type": "Microsoft.Common.OptionsGroup", + "label": "Enable Azure RBAC authorization", + "defaultValue": "Yes (recommended)", + "toolTip": "", + "constraints": { + "allowedValues": [ + { + "label": "Yes (recommended)", + "value": "Yes" + }, + { + "label": "No, use local authorization with API key", + "value": "No" + } + ], + "required": true + }, + "visible": "[equals(steps('aiAuxiliarySettings').aiUseCaseSelection, 'vision')]" + }, + { + "name": "aiVisionSystemIdentity", + "type": "Microsoft.Common.OptionsGroup", + "label": "Enable Managed Identity (System-assigned) for Azure AI Vision", + "defaultValue": "Yes (recommended)", + "toolTip": "When enabling Managed Identity and usage of Customer-Managed keys, this identity will have RBAC permission access the Azure Open AI instance.", + "constraints": { + "allowedValues": [ + { + "label": "Yes (recommended)", + "value": "Yes" + }, + { + "label": "No", + "value": "No" + } + ], + "required": true + }, + "visible": "[equals(steps('aiAuxiliarySettings').aiUseCaseSelection, 'vision')]" + }, + { + "name": "aiVisionMonSection", + "type": "Microsoft.Common.Section", + "label": "Azure Monitor Settings", + "elements": [], + "visible": "[equals(steps('aiAuxiliarySettings').aiUseCaseSelection, 'vision')]" + }, + { + "name": "aiVisionMonCreation", + "type": "Microsoft.Common.OptionsGroup", + "label": "Enable Diagnostic Settings for logging and threat detection", + "defaultValue": "Yes (recommended)", + "toolTip": "", + "constraints": { + "allowedValues": [ + { + "label": "Yes (recommended)", + "value": "Yes" + }, + { + "label": "No", + "value": "No" + } + ], + "required": true + }, + "visible": "[equals(steps('aiAuxiliarySettings').aiUseCaseSelection, 'vision')]" } ] } @@ -1678,7 +1888,15 @@ "kvMonCreation": "[steps('kvSettings').kvMonCreation]", "stMonCreation": "[steps('stSettings').stMonCreation]", "aiMonCreation": "[steps('aiSettings').aiMonCreation]", - "aiSearchMonCreation": "[steps('aiAuxiliarySettings').aiSearchMonCreation]" + "aiSearchMonCreation": "[steps('aiAuxiliarySettings').aiSearchMonCreation]", + "aiVisionDisableNetworkAccess": "[steps('aiAuxiliarySettings').aiVisionDisableNetworkAccess]", + "aiVisionRbacAuthz": "[steps('aiAuxiliarySettings').aiVisionRbacAuthz]", + "aiVisionNwLocation": "[if(equals(steps('aiAuxiliarySettings').aiVisionNwLocationOption, 'Yes'), steps('basics').resourceScope.location.name, steps('aiAuxiliarySettings').aiVisionNwLocation)]", + "aiVisionSubnetId": "[steps('aiAuxiliarySettings').aiVisionSubnetId]", + "aiVisionSystemIdentity": "[steps('aiAuxiliarySettings').aiVisionSystemIdentity]", + "aiVisionMonCreation": "[steps('aiAuxiliarySettings').aiVisionMonCreation]", + "aiVisionRestrictOutboundNetworkAccess": "[steps('aiAuxiliarySettings').aiVisionRestrictOutboundNetworkAccess]", + "aiUseCaseSelection": "[steps('aiAuxiliarySettings').aiUseCaseSelection]" }, "kind": "Subscription", "location": "[steps('basics').resourceScope.location.name]", diff --git a/fsi/solutions/generativeAi/aoaiArm.json b/fsi/solutions/generativeAi/aoaiArm.json index 5826133f..ab23b22d 100644 --- a/fsi/solutions/generativeAi/aoaiArm.json +++ b/fsi/solutions/generativeAi/aoaiArm.json @@ -392,6 +392,58 @@ "Yes", "No" ] + }, + "visionRbacAuthz": { + "type": "string", + "defaultValue": "No", + "allowedValues": [ + "Yes", + "No" + ] + }, + "visionSubnetId": { + "type": "string", + "defaultValue": "" + }, + "visionDisableNetworkAccess": { + "type": "string", + "defaultValue": "No", + "allowedValues": [ + "Yes", + "No" + ] + }, + "visionNwLocation": { + "type": "string", + "defaultValue": "[parameters('location')]" + }, + "visionSystemIdentity": { + "type": "string", + "defaultValue": "No", + "allowedValues": [ + "Yes", + "No" + ] + }, + "visionRestrictOutboundNetworkAccess": { + "type": "string", + "defaultValue": "No", + "allowedValues": [ + "Yes", + "No" + ] + }, + "visionMonCreation": { + "type": "string", + "defaultValue": "No", + "allowedValues": [ + "Yes", + "No" + ] + }, + "aiUseCaseSelection": { + "type": "string", + "defaultValue": "" } }, "variables": { @@ -408,7 +460,8 @@ "azureOpenAiCmkTemplateUri": "[uri(deployment().properties.templateLink.uri, 'cmkAzureOpenAi.json')]", "azureOpenAiModelTemplateUri": "[uri(deployment().properties.templateLink.uri, 'modelDeployment.json')]", "azureOpenAiContentFilterTemplateUri": "[uri(deployment().properties.templateLink.uri, 'contentFilter.json')]", - "azureAiSearchTemplateUri": "[uri(deployment().properties.templateLink.uri, 'azureAiSearch.json')]" + "azureAiSearchTemplateUri": "[uri(deployment().properties.templateLink.uri, 'azureAiSearch.json')]", + "azureComputerVisionTemplateUri": "[uri(deployment().properties.templateLink.uri, 'azureComputerVision.json')]" }, "deploymentSuffix": "[concat('-', deployment().location, guid(parameters('prefix')))]", "deploymentNames": { @@ -430,7 +483,8 @@ "azureOpenAiFinalDeploymentName": "[take(concat(parameters('prefix'), '-aoaicmk', variables('deploymentSuffix')), 64)]", "azureOpenAiModelDeploymentName": "[take(concat(parameters('prefix'), '-aoaiModel', variables('deploymentSuffix')), 64)]", "azureOpenAIContentFilterDeploymentName": "[take(concat(parameters('prefix'), '-aoaiContentFilter', variables('deploymentSuffix')), 64)]", - "azureAiSearchDeploymentName": "[take(concat(parameters('prefix'), 'aaisearch', variables('deploymentSuffix')), 64)]" + "azureAiSearchDeploymentName": "[take(concat(parameters('prefix'), 'aaisearch', variables('deploymentSuffix')), 64)]", + "azureComputerVisionDeploymentName": "[take(concat(parameters('prefix'), 'aicomputervision', variables('deploymentSuffix')), 64)]" }, "resourceNames": { "rgName": "[concat(parameters('prefix'), '-rg-', parameters('location'))]" @@ -721,9 +775,6 @@ "location": { "value": "[parameters('location')]" }, - "userIdentity": { - "value": "[parameters('userIdentity')]" - }, "aiSearchRbacAuthz": { "value": "[parameters('aiSearchRbacAuthz')]" }, @@ -734,7 +785,7 @@ "value": "[parameters('prefix')]" }, "aiSearchNwLocation": { - "value": "[parameters('aiNwLocation')]" + "value": "[parameters('aiSearchNwLocation')]" }, "aiSearchDisableNetworkAccess": { "value": "[parameters('aiSearchDisableNetworkAccess')]" @@ -751,6 +802,59 @@ } } }, + // Deploying Azure AI Vision + { + "condition": "[equals(parameters('aiUseCaseSelection'), 'vision')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[variables('deploymentNames').azureComputerVisionDeploymentName]", + "location": "[parameters('location')]", + "dependsOn": [ + "[concat('Microsoft.Resources/deployments/', variables('deploymentNames').keyVaultDeploymentName)]", + "[concat('Microsoft.Resources/deployments/', variables('deploymentNames').storageDeploymentName)]", + "[concat('Microsoft.Resources/deployments/', variables('deploymentNames').azMonDeploymentName)]", + "[concat('Microsoft.Resources/deployments/', variables('deploymentNames').azureOpenAiDeploymentName)]" + ], + "properties": { + "mode": "Incremental", + "templateLink": { + "contentVersion": "1.0.0.0", + "uri": "[variables('templateUris').azureComputerVisionTemplateUri]" + }, + "parameters": { + "rgName": { + "value": "[variables('resourceNames').rgName]" + }, + "location": { + "value": "[parameters('location')]" + }, + "visionRbacAuthz": { + "value": "[parameters('visionRbacAuthz')]" + }, + "visionSubnetId": { + "value": "[parameters('visionSubnetId')]" + }, + "prefix": { + "value": "[parameters('prefix')]" + }, + "visionNwLocation": { + "value": "[parameters('visionNwLocation')]" + }, + "visionDisableNetworkAccess": { + "value": "[parameters('visionDisableNetworkAccess')]" + }, + "visionSystemIdentity": { + "value": "[parameters('visionSystemIdentity')]" + }, + "visionRestrictOutboundNetworkAccess": { + "value": "[parameters('visionRestrictOutboundNetworkAccess')]" + }, + "visionMonCreation": { + "value": "[parameters('visionMonCreation')]" + } + } + } + }, // Retrieving objectId of the AOAI System Identity { "condition": "[equals(parameters('aiSystemIdentity'), 'Yes')]", diff --git a/fsi/solutions/generativeAi/azureAiSearch.json b/fsi/solutions/generativeAi/azureAiSearch.json index 81c480a8..5504ea1a 100644 --- a/fsi/solutions/generativeAi/azureAiSearch.json +++ b/fsi/solutions/generativeAi/azureAiSearch.json @@ -6,34 +6,27 @@ "type": "string", "defaultValue": "", "metadata": { - "description": "Provide the name of the resource group where the Azure Open AI instance that will be created" + "description": "Provide the name of the resource group where the Azure AI Search instance that will be created" } }, "location": { "type": "string", "defaultValue": "", "metadata": { - "description": "Select the location for the Azure Open AI instance that will be created" + "description": "Select the location for the Azure AI Search instance that will be created" } }, "prefix": { "type": "string", "defaultValue": "", "metadata": { - "description": "Provide name for the Azure Open AI instance that will be created" - } - }, - "userIdentity": { - "type": "string", - "defaultValue": "", - "metadata": { - "description": "Provide the user identity (objectId) that will be assigned to the Azure Open AI instance that will be created" + "description": "Provide name for the Azure AI Search instance that will be created" } }, "aiSearchSubnetId": { "type": "string", "metadata": { - "description": "Provide the subnet id where the Azure Open AI instance that will be connected" + "description": "Provide the subnet id where the Azure AI Search instance that will be connected" }, "defaultValue": "" }, @@ -203,19 +196,6 @@ } ] } - }, - { - "condition": "[not(empty(parameters('userIdentity')))]", - "type": "Microsoft.Authorization/roleAssignments", - "apiVersion": "2022-04-01", - "name": "[guid(deployment().name)]", - "dependsOn": [ - "[concat('Microsoft.Search/searchServices/', variables('name-compliant-azureAiSearch'))]" - ], - "properties": { - "roleDefinitionId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/', 'a001fd3d-188f-4b5d-821b-7da978bf7442')]", - "principalId": "[parameters('userIdentity')]" - } } ] } diff --git a/fsi/solutions/generativeAi/azureComputerVision.json b/fsi/solutions/generativeAi/azureComputerVision.json new file mode 100644 index 00000000..829b4f8e --- /dev/null +++ b/fsi/solutions/generativeAi/azureComputerVision.json @@ -0,0 +1,202 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "rgName": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Provide the name of the resource group where the Azure AI Vision instance that will be created" + } + }, + "location": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Select the location for the Azure AI Vision instance that will be created" + } + }, + "prefix": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Provide name for the Azure AI Vision instance that will be created" + } + }, + "visionSubnetId": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Provide the subnet id where the Azure AI Vision instance that will be connected" + } + }, + "visionSystemIdentity": { + "type": "string", + "defaultValue": "No", + "allowedValues": [ + "Yes", + "No" + ] + }, + "visionNwLocation": { + "type": "string", + "defaultValue": "[parameters('location')]" + }, + "visionDisableNetworkAccess": { + "type": "string", + "defaultValue": "No", + "allowedValues": [ + "Yes", + "No" + ] + }, + "visionRbacAuthz": { + "type": "string", + "defaultValue": "No", + "allowedValues": [ + "Yes", + "No" + ] + }, + "visionRestrictOutboundNetworkAccess": { + "type": "string", + "defaultValue": "No", + "allowedValues": [ + "Yes", + "No" + ] + }, + "visionMonCreation": { + "type": "string", + "defaultValue": "No", + "allowedValues": [ + "Yes", + "No" + ] + } + }, + "variables": { + "name-compliant-azureComputerVision": "[concat(parameters('prefix'), '-', parameters('location'), '-aivision')]", + "name-compliant-vision-pe": "[concat(parameters('prefix'), '-AzVision-pe')]", + "name-compliant-vision-asg": "[concat(parameters('prefix'), '-AzVision-asg')]", + "name-compliant-storage": "[toLower(take(concat(replace(replace(parameters('prefix'), '-', ''), '_', ''), parameters('location'), uniqueString(deployment().name)), 23))]", + "name-compliant-azMon": "[concat(parameters('prefix'), '-', parameters('location'), '-azmon')]", + "visionIdentity": { + "type": "SystemAssigned" + }, + "denyFwAcl": { + "defaultAction": "Deny", + "bypass": "AzureServices", + "ipRules": [], + "virtualNetworkRules": [] + } + }, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2022-09-01", + "name": "[parameters('rgName')]", + "location": "[parameters('location')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "azureOpenAi", + "resourceGroup": "[parameters('rgName')]", + "dependsOn": [ + "[resourceId('Microsoft.Resources/resourceGroups/', parameters('rgName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": {}, + "resources": [ + { + "type": "Microsoft.CognitiveServices/accounts", + "apiVersion": "2022-03-01", + "name": "[variables('name-compliant-azureComputerVision')]", + "location": "[parameters('location')]", + "identity": "[if(equals(parameters('visionSystemIdentity'), 'Yes'), variables('visionIdentity'), json('null'))]", + "sku": { + "name": "S1" + }, + "kind": "ComputerVision", + "properties": { + "customSubDomainName": "[toLower(variables('name-compliant-azureComputerVision'))]", + "publicNetworkAccess": "[if(equals(parameters('visionDisableNetworkAccess'), 'Yes'), 'Disabled', 'Enabled')]", + "disableLocalAuth": "[if(equals(parameters('visionRbacAuthz'), 'Yes'), bool('true'), bool('false'))]", + "restrictOutboundNetworkAccess": "[if(equals(parameters('visionRestrictOutboundNetworkAccess'), 'Yes'), bool('true'), bool('false'))]", + "networkAcls": "[if(equals(parameters('visionDisableNetworkAccess'), 'Yes'), variables('denyFwAcl'), json('null'))]" + } + }, + { + "condition": "[equals(parameters('visionMonCreation'), 'Yes')]", + "type": "Microsoft.CognitiveServices/accounts/providers/diagnosticSettings", + "apiVersion": "2021-05-01-preview", + "name": "[concat(variables('name-compliant-azureComputerVision'), '/', 'Microsoft.Insights/diag')]", + "location": "[parameters('location')]", + "dependsOn": [ + "[concat('Microsoft.CognitiveServices/accounts/', variables('name-compliant-azureComputerVision'))]" + ], + "properties": { + "workspaceId": "[concat(subscription().id, '/resourceGroups/', parameters('rgName'), '/providers/Microsoft.OperationalInsights/workspaces/', variables('name-compliant-azMon'))]", + "logs": [ + { + "categoryGroup": "allLogs", + "enabled": true + } + ] + } + }, + { + "condition": "[and(equals(parameters('visionDisableNetworkAccess'), 'Yes'), not(empty(parameters('visionSubnetId'))))]", + "type": "Microsoft.Network/applicationSecurityGroups", + "apiVersion": "2023-04-01", + "name": "[variables('name-compliant-vision-asg')]", + "location": "[parameters('visionNwLocation')]", + "dependsOn": [ + "[concat('Microsoft.CognitiveServices/accounts/', variables('name-compliant-azureComputerVision'))]" + ], + "properties": {} + }, + { + "condition": "[and(equals(parameters('visionDisableNetworkAccess'), 'Yes'), not(empty(parameters('visionSubnetId'))))]", + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2021-03-01", + "name": "[variables('name-compliant-vision-pe')]", + "location": "[parameters('visionNwLocation')]", + "dependsOn": [ + "[concat('Microsoft.CognitiveServices/accounts/', variables('name-compliant-azureComputerVision'))]", + "[concat('Microsoft.Network/applicationSecurityGroups/', variables('name-compliant-vision-asg'))]" + ], + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[variables('name-compliant-azureComputerVision')]", + "properties": { + "privateLinkServiceId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('rgName'), '/providers/Microsoft.CognitiveServices/accounts/', variables('name-compliant-azureComputerVision'))]", + "groupIds": [ + "account" + ] + } + } + ], + "subnet": { + "id": "[parameters('visionSubnetId')]" + }, + "applicationSecurityGroups": [ + { + "id": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('rgName'), '/providers/Microsoft.Network/applicationSecurityGroups/', variables('name-compliant-vision-asg'))]" + } + ] + } + } + ] + } + } + } + ], + "outputs": {} +} \ No newline at end of file diff --git a/fsi/solutions/generativeAi/azureOpenAi.json b/fsi/solutions/generativeAi/azureOpenAi.json index e1256ed3..b41ee586 100644 --- a/fsi/solutions/generativeAi/azureOpenAi.json +++ b/fsi/solutions/generativeAi/azureOpenAi.json @@ -32,6 +32,7 @@ }, "aiSubnetId": { "type": "string", + "defaultValue": "", "metadata": { "description": "Provide the subnet id where the Azure Open AI instance that will be connected" }