-
Notifications
You must be signed in to change notification settings - Fork 125
/
main.bicep
90 lines (75 loc) · 2.87 KB
/
main.bicep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
// ------------------
// PARAMETERS
// ------------------
// Typically, parameters would be decorated with appropriate metadata and attributes, but as they are very repetetive in these labs we omit them for brevity.
param openAIConfig array = []
param openAIModelName string
param openAIModelVersion string
param openAIDeploymentName string
param openAIAPIVersion string = '2024-02-01'
// ------------------
// VARIABLES
// ------------------
var updatedPolicyXml = loadTextContent('policy-updated.xml')
var azureRoles = loadJsonContent('../../modules/azure-roles.json')
var cognitiveServicesOpenAIUserRoleDefinitionID = resourceId('Microsoft.Authorization/roleDefinitions', azureRoles.CognitiveServicesOpenAIUser)
// ------------------
// RESOURCES
// ------------------
// 1. Log Analytics Workspace
module lawModule '../../modules/operational-insights/v1/workspaces.bicep' = {
name: 'lawModule'
}
var lawId = lawModule.outputs.id
// 2. Application Insights
module appInsightsModule '../../modules/monitor/v1/appinsights.bicep' = {
name: 'appInsightsModule'
params: {
workbookJson: loadTextContent('openai-usage-analysis-workbook.json')
lawId: lawId
}
}
var appInsightsId = appInsightsModule.outputs.id
var appInsightsInstrumentationKey = appInsightsModule.outputs.instrumentationKey
// 3. Cognitive Services
module openAIModule '../../modules/cognitive-services/v1/openai.bicep' = {
name: 'openAIModule'
params: {
openAIConfig: openAIConfig
openAIDeploymentName: openAIDeploymentName
openAIModelName: openAIModelName
openAIModelVersion: openAIModelVersion
lawId: lawId
}
}
var extendedOpenAIConfig = openAIModule.outputs.extendedOpenAIConfig
// 4. API Management
module apimModule '../../modules/apim/v1/apim.bicep' = {
name: 'apimModule'
params: {
policyXml: updatedPolicyXml
openAIConfig: extendedOpenAIConfig
appInsightsInstrumentationKey: appInsightsInstrumentationKey
appInsightsId: appInsightsId
openAIAPIVersion: openAIAPIVersion
}
}
var apimPrincipalId = apimModule.outputs.principalId
// 5. RBAC Assignment
resource roleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = if(length(openAIConfig) > 0) {
scope: resourceGroup()
name: guid(subscription().id, resourceGroup().id, openAIConfig[0].name, cognitiveServicesOpenAIUserRoleDefinitionID)
properties: {
roleDefinitionId: cognitiveServicesOpenAIUserRoleDefinitionID
principalId: apimPrincipalId
principalType: 'ServicePrincipal'
}
}
// ------------------
// OUTPUTS
// ------------------
output applicationInsightsAppId string = appInsightsModule.outputs.appId
output logAnalyticsWorkspaceId string = lawModule.outputs.customerId
output apimServiceId string = apimModule.outputs.id
output apimResourceGatewayURL string = apimModule.outputs.gatewayUrl
output apimSubscriptionKey string = apimModule.outputs.subscriptionPrimaryKey