-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.bicep
97 lines (83 loc) · 2.46 KB
/
main.bicep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
import { raiPolicyInfo } from './ai_ml/ai-services.bicep'
targetScope = 'subscription'
@minLength(1)
@maxLength(64)
@description('Name of the workload which is used to generate a short unique hash used in all resources.')
param workloadName string
@minLength(1)
@description('Primary location for all resources.')
param location string
@description('Name of the resource group. If empty, a unique name will be generated.')
param resourceGroupName string = ''
@description('Tags for all resources.')
param tags object = {
WorkloadName: workloadName
Environment: 'Dev'
}
@description('Principal ID of the user that will be granted permission to access services.')
param userPrincipalId string
var resourceToken = toLower(uniqueString(subscription().id, workloadName, location))
resource resourceGroup 'Microsoft.Resources/resourceGroups@2024-03-01' = {
name: !empty(resourceGroupName) ? resourceGroupName : 'rg-${workloadName}'
location: location
tags: union(tags, {})
}
resource cognitiveServicesOpenAIContributorRole 'Microsoft.Authorization/roleDefinitions@2022-05-01-preview' existing = {
scope: resourceGroup
name: 'a001fd3d-188f-4b5d-821b-7da978bf7442'
}
var gpt4oModelDeploymentName = 'gpt-4o'
var aiServicesName = 'aisa-${resourceToken}'
module aiServices './ai_ml/ai-services.bicep' = {
name: aiServicesName
scope: resourceGroup
params: {
name: aiServicesName
location: location
tags: union(tags, {})
raiPolicies: [
{
name: workloadName
mode: 'Blocking'
prompt: {}
completion: {}
}
]
deployments: [
{
name: gpt4oModelDeploymentName
model: {
format: 'OpenAI'
name: 'gpt-4o'
version: '2024-08-06'
}
sku: {
name: 'GlobalStandard'
capacity: 10
}
raiPolicyName: workloadName
versionUpgradeOption: 'OnceCurrentVersionExpired'
}
]
roleAssignments: [
{
principalId: userPrincipalId
roleDefinitionId: cognitiveServicesOpenAIContributorRole.id
principalType: 'User'
}
]
}
}
output subscriptionInfo object = {
id: subscription().subscriptionId
tenantId: subscription().tenantId
}
output resourceGroupInfo object = {
name: resourceGroup.name
location: resourceGroup.location
workloadName: workloadName
}
output aiModelsInfo object = {
openAIEndpoint: aiServices.outputs.openAIEndpoint
gpt4oModelDeploymentName: gpt4oModelDeploymentName
}