diff --git a/backend/tests/integration/test_api_index_configuration.py b/backend/tests/integration/test_api_index_configuration.py new file mode 100644 index 00000000..384858c8 --- /dev/null +++ b/backend/tests/integration/test_api_index_configuration.py @@ -0,0 +1,33 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. +""" +Integration tests for the /index/config API endpoints. +""" + +from unittest.mock import AsyncMock, patch + +import pytest_asyncio + + +@pytest_asyncio.fixture +def mock_generate_indexing_prompts(): + with patch( + "graphrag.api.generate_indexing_prompts", new_callable=AsyncMock + ) as mock: + mock.return_value = ( + "synthetic-prompt1", + "synthetic-prompt2", + "synthetic-prompt3", + ) + yield mock + + +def test_generate_prompts( + blob_with_data_container_name, mock_generate_indexing_prompts, client +): + """Test generating prompts.""" + response = client.get( + "/index/config/prompts", + params={"storage_name": blob_with_data_container_name}, + ) + assert response.status_code == 200 diff --git a/infra/README.md b/infra/README.md new file mode 100644 index 00000000..6753c701 --- /dev/null +++ b/infra/README.md @@ -0,0 +1,53 @@ +# Managed App Instructions + +This guide is a temporary document that walks through the process to convert the graphrag solution accelerator to a managed app. + + ### Prerequisites + ### 1. create a ACR and push the code to a docker image. + ### 2. This managed app uses storage account to deploy, so please copy the storage account name and the SAS key. + ### 3. When publishing the managed app , please turn on anon access to the Blob where the package can be accessed. + + ### Steps to build Managed App + +### 1. Auto format the bicep code + +As a precaution, start by auto-formating and linting the bicep code to detect any mistakes early-on. + +```bash +cd /infra +find . -type f -name "*.bicep" -exec az bicep format --file {} \; +find . -type f -name "*.bicep" -exec az bicep lint --file {} \; +``` + +### 2. Convert bicep -> ARM +```bash +az bicep build --file main.bicep --outfile managed-app/mainTemplate.json +``` + +### 3. Create & test the Azure portal interface + +Use the [Azure Portal Sandbox](https://portal.azure.com/#blade/Microsoft_Azure_CreateUIDef/SandboxBlade) to test and make any UI changes that are defined in [createUiDefinition.json](createUiDefinition.json). To make additional changes to the Azure portal experience, start by reading some [documentation](https://learn.microsoft.com/en-us/azure/azure-resource-manager/managed-applications/create-uidefinition-overview) and copying the contents of `createUiDefinition.json` into the sandbox environment. + +### 4. Package up the managed app code + +The name of the final two files (`mainTemplate.json` and `createUiDefinition.json`) cannot be changed. The file names are also case-sensitive and cannot be changed at this time. Managed apps require these files to be packaged up into a zip file (where the json files must be at the root directory). + +```bash +cd /infra/managed-app + tar -a -c -f managed-app.zip createUiDefinition.json mainTemplate.json openapi.json artifacts + ``` + +This zip file can then be uploaded to an Azure Storage location when setting up a [Service Catalog Managed Application Definition](https://ms.portal.azure.com/#view/Microsoft_Azure_Marketplace/GalleryItemDetailsBladeNopdl/id/Microsoft.ApplianceDefinition/selectionMode~/false/resourceGroupId//resourceGroupLocation//dontDiscardJourney~/false/selectedMenuId/home/launchingContext~/%7B%22galleryItemId%22%3A%22Microsoft.ApplianceDefinition%22%2C%22source%22%3A%5B%22GalleryFeaturedMenuItemPart%22%2C%22VirtualizedTileDetails%22%5D%2C%22menuItemId%22%3A%22home%22%2C%22subMenuItemId%22%3A%22Search%20results%22%2C%22telemetryId%22%3A%2220409084-39a1-4800-bbce-d0b26a6f46a4%22%7D/searchTelemetryId/d7d20e05-ca16-47f7-bed5-9c7b8d2fa641). + +### 5. Create the Service Catalog Managed App Definition + +In the Azure Portal, go to Marketplace and create a `Service Catalog Managed App Definition`. You must provide a uri link to the uploaded `managed-app.zip` file as part of the creation process. + +### 6. Deploy the managed app + + +You can deploy from the portal using the following steps In the Azure Portal, find and click on the managed app definition resource that was created in the previous step. A button option to `Deploy from definition` will be available. Click on it and proceed through the setup steps (defined by the `createUiDefinitions.json` file) that a consumer would experience when installing the managed app. + + +or you can deploy to azure [![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure-Samples%2Fgraphrag-accelerator%2Frefs%2Fheads%2Fharjit-managed-app%2Finfra%2FmainTemplate.json) + diff --git a/infra/core/aks/aks.bicep b/infra/core/aks/aks.bicep index 8d349b73..a990745f 100644 --- a/infra/core/aks/aks.bicep +++ b/infra/core/aks/aks.bicep @@ -65,7 +65,7 @@ resource aks 'Microsoft.ContainerService/managedClusters@2024-09-02-preview' = { } properties: { enableRBAC: true - disableLocalAccounts: true + disableLocalAccounts: false dnsPrefix: !empty(dnsPrefix) ? dnsPrefix : toLower(clusterName) aadProfile: { managed: true diff --git a/infra/core/aoai/aoai.bicep b/infra/core/aoai/aoai.bicep new file mode 100644 index 00000000..4b775eb4 --- /dev/null +++ b/infra/core/aoai/aoai.bicep @@ -0,0 +1,80 @@ +@description('Name of the Azure OpenAI instance') +param openAiName string = 'openai${uniqueString(resourceGroup().id)}' + +@description('Location for the Azure OpenAI instance') +param location string = resourceGroup().location + +@description('LLM model name') +param llmModelName string = 'gpt-4o' + +@description('LLM Model API version') +param llmModelVersion string + +@description('Embedding model name') +param embeddingModelName string = 'text-embedding-ada-002' + +@description('Embedding Model API version') +param embeddingModelVersion string + +@description('TPM quota for llm model deployment (x1000)') +param llmTpmQuota int = 1 + +@description('TPM quota for embedding model deployment (x1000)') +param embeddingTpmQuota int = 1 + +resource aoai 'Microsoft.CognitiveServices/accounts@2024-10-01' = { + name: openAiName + location: location + sku: { + name: 'S0' + } + kind: 'OpenAI' + properties: { + publicNetworkAccess: 'Enabled' + disableLocalAuth: true + } +} + +resource llmDeployment 'Microsoft.CognitiveServices/accounts/deployments@2024-10-01' = { + parent: aoai + name: llmModelName + sku: { + name: 'GlobalStandard' + capacity: llmTpmQuota + } + properties: { + model: { + format: 'OpenAI' + name: llmModelName + version: llmModelVersion + } + currentCapacity: llmTpmQuota + } +} + +resource embeddingDeployment 'Microsoft.CognitiveServices/accounts/deployments@2024-10-01' = { + parent: aoai + name: embeddingModelName + // NOTE: simultaneous model deployments are not supported at this time. As a workaround, use dependsOn to force the models to be deployed in a sequential manner. + dependsOn: [llmDeployment] + sku: { + name: 'Standard' + capacity: embeddingTpmQuota + } + properties: { + model: { + format: 'OpenAI' + name: embeddingModelName + version: embeddingModelVersion + } + currentCapacity: embeddingTpmQuota + } +} + +output openAiEndpoint string = aoai.properties.endpoint +output llmModel string = llmDeployment.properties.model.name +output llmModelDeploymentName string = llmDeployment.name +output llmModelApiVersion string = llmDeployment.apiVersion +output textEmbeddingModel string = embeddingDeployment.properties.model.name +output textEmbeddingModelDeploymentName string = embeddingDeployment.name +output textEmbeddingModelApiVersion string = embeddingDeployment.apiVersion diff --git a/infra/core/apim/apim.graphrag-servicedef.bicep b/infra/core/apim/apim.graphrag-servicedef.bicep index 34e8e02e..4762510e 100644 --- a/infra/core/apim/apim.graphrag-servicedef.bicep +++ b/infra/core/apim/apim.graphrag-servicedef.bicep @@ -5,6 +5,9 @@ param backendUrl string param name string param apimname string + + + resource api 'Microsoft.ApiManagement/service/apis@2023-09-01-preview' = { name: '${apimname}/${name}' properties: { @@ -24,7 +27,7 @@ resource api 'Microsoft.ApiManagement/service/apis@2023-09-01-preview' = { } isCurrent: true format: 'openapi+json' - value: string(loadJsonContent('graphrag-openapi.json')) // local file will be dynamically created by deployment script + value: string(loadJsonContent('../../managed-app/openapi.json')) // local file will be dynamically created by deployment script } resource apiPolicy 'policies@2022-08-01' = { name: 'policy' diff --git a/infra/core/scripts/deployment-script.bicep b/infra/core/scripts/deployment-script.bicep new file mode 100644 index 00000000..a30ed9ca --- /dev/null +++ b/infra/core/scripts/deployment-script.bicep @@ -0,0 +1,251 @@ +param name string +param utcValue string +param location string +param subscriptionId string +param tenantid string +param acrserver string +param azure_location string +param azure_acr_login_server string +param azure_acr_name string +param azure_aks_name string +param azure_aks_controlplanefqdn string +param azure_aks_managed_rg string +param azure_aks_service_account_name string +param azure_apim_gateway_url string +param azure_apim_name string +param managed_identity_aks string +param ai_search_name string + +param imagename string +param imageversion string +param script_file string + + +param azure_aoai_endpoint string +param azure_aoai_llm_model string +param azure_aoai_llm_model_deployment_name string +param azure_aoai_llm_model_api_version string +param azure_aoai_embedding_model string +param azure_aoai_embedding_model_deployment_name string +param azure_aoai_embedding_model_api_version string + +param azure_app_hostname string +param azure_app_url string +param azure_app_insights_connection_string string + +param azure_cosmosdb_endpoint string +param azure_cosmosdb_name string +param azure_cosmosdb_id string +param azure_dns_zone_name string + + +param azure_storage_account string +param azure_storage_account_blob_url string + +param azure_workload_identity_client_id string +param azure_workload_identity_principal_id string +param azure_workload_identity_name string +param cognitive_services_audience string = 'https://cognitiveservices.azure.com/default' +param public_storage_account_name string +param public_storage_account_key string + +var clusterAdminRoleDefinitionId = resourceId('Microsoft.Authorization/roleDefinitions', '0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8') + +// Resources +resource aksCluster 'Microsoft.ContainerService/managedClusters@2022-11-02-preview' existing = { + name: azure_aks_name +} + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { + name: uniqueString(resourceGroup().id) + location: location +} + + +resource clusterAdminContributorRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: guid(managed_identity_aks, aksCluster.id, clusterAdminRoleDefinitionId) + scope: aksCluster + properties: { + roleDefinitionId: clusterAdminRoleDefinitionId + principalId: managedIdentity.properties.principalId + principalType: 'ServicePrincipal' + } +} + +resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01'= { + name: name + location: location + kind: 'AzureCLI' + identity: { + type: 'UserAssigned' + userAssignedIdentities: { + '${managedIdentity.id}': {} + } + } + properties: { + storageAccountSettings: { + storageAccountName: public_storage_account_name + storageAccountKey: public_storage_account_key + } + forceUpdateTag: utcValue + azCliVersion: '2.7.0' + timeout: 'PT1H' + environmentVariables: [ + { + name: 'AZURE_SUBSCRIPTION_ID' + value: subscriptionId + } + { + name: 'AZURE_TENANT_ID' + value: tenantid + } + { + name: 'ACR_SERVER' + value: acrserver + } + { + name: 'AZURE_LOCATION' + value: azure_location + } + { + name: 'AZURE_ACR_LOGIN_SERVER' + value: azure_acr_login_server + } + { + name: 'AZURE_ACR_NAME' + value: azure_acr_name + } + { + name: 'AZURE_AKS_NAME' + value: azure_aks_name + } + { + name: 'AZURE_AKS_CONTROLPLANEFQDN' + value: azure_aks_controlplanefqdn + } + { + name: 'AZURE_AKS_MANAGED_RG' + value: azure_aks_managed_rg + } + { + name: 'AZURE_AKS_SERVICE_ACCOUNT_NAME' + value: azure_aks_service_account_name + } + { + name: 'AZURE_APIM_GATEWAY_URL' + value: azure_apim_gateway_url + } + { + name: 'AZURE_APIM_NAME' + value: azure_apim_name + } + { + name: 'MANAGED_IDENTITY_AKS' + value: managed_identity_aks + + } + { + name: 'IMAGE_NAME' + value: imagename + } + { + name: 'IMAGE_VERSION' + value: imageversion + } + { + name: 'AI_SEARCH_NAME' + value: ai_search_name + } + + + { + name: 'AZURE_AOAI_LLM_MODEL' + value: azure_aoai_llm_model + } + { + name: 'AZURE_AOAI_LLM_MODEL_DEPLOYMENT_NAME' + value: azure_aoai_llm_model_deployment_name + } + { + name: 'AZURE_AOAI_LLM_MODEL_API_VERSION' + value: azure_aoai_llm_model_api_version + } + { + name: 'AZURE_AOAI_EMBEDDING_MODEL' + value: azure_aoai_embedding_model + } + { + name: 'AZURE_AOAI_EMBEDDING_MODEL_DEPLOYMENT_NAME' + value: azure_aoai_embedding_model_deployment_name +} + { name: 'AZURE_AOAI_EMBEDDING_MODEL_API_VERSION' + value: azure_aoai_embedding_model_api_version +} + { name: 'AZURE_APP_HOSTNAME' + value: azure_app_hostname +} + { name: 'AZURE_APP_URL' + value: azure_app_url +} + { name: 'AZURE_APP_INSIGHTS_CONNECTION_STRING' + value: azure_app_insights_connection_string +} + { name: 'AZURE_COSMOSDB_ENDPOINT' + + value: azure_cosmosdb_endpoint } + { name: 'AZURE_COSMOSDB_NAME' + value: azure_cosmosdb_name + } + { name: 'AZURE_COSMOSDB_ID' + value: azure_cosmosdb_id +} + { name: 'AZURE_DNS_ZONE_NAME' + value: azure_dns_zone_name +} + { name: 'AZURE_STORAGE_ACCOUNT' + value: azure_storage_account +} + { name: 'AZURE_STORAGE_ACCOUNT_BLOB_URL' + value: azure_storage_account_blob_url +} + { + name: 'AZURE_WORKLOAD_IDENTITY_CLIENT_ID' + value: azure_workload_identity_client_id +} + { + name: 'AZURE_WORKLOAD_IDENTITY_PRINCIPAL_ID' + value: azure_workload_identity_principal_id +} + { + name: 'AZURE_WORKLOAD_IDENTITY_NAME' + value: azure_workload_identity_name +} + { + name: 'COGNITIVE_SERVICES_AUDIENCE' + value: cognitive_services_audience +} + { + name: 'AZURE_OPENAI_ENDPOINT' + + value: azure_aoai_endpoint + } + + { + name: 'AZURE_RESOURCE_GROUP' + + value: resourceGroup().name + } + + + ] + cleanupPreference: 'OnSuccess' + retentionInterval: 'P1D' + //primaryScriptUri: primaryScriptUri + scriptContent:script_file + } + dependsOn: [ + aksCluster + ] + +} + diff --git a/infra/deploy.parameters.json b/infra/deploy.parameters.json index f2409b87..8a3d629f 100644 --- a/infra/deploy.parameters.json +++ b/infra/deploy.parameters.json @@ -7,4 +7,4 @@ "GRAPHRAG_LLM_MODEL": "__GRAPHRAG_LLM_MODEL__", "LOCATION": "__LOCATION__", "RESOURCE_GROUP": "__RESOURCE_GROUP__" -} \ No newline at end of file +} diff --git a/infra/deploy.sh b/infra/deploy.sh index a749d8f7..518935fd 100755 --- a/infra/deploy.sh +++ b/infra/deploy.sh @@ -21,12 +21,6 @@ CONTAINER_REGISTRY_NAME="" requiredParams=( LOCATION - GRAPHRAG_API_BASE - GRAPHRAG_API_VERSION - GRAPHRAG_LLM_MODEL - GRAPHRAG_LLM_DEPLOYMENT_NAME - GRAPHRAG_EMBEDDING_MODEL - GRAPHRAG_EMBEDDING_DEPLOYMENT_NAME RESOURCE_GROUP ) @@ -152,6 +146,9 @@ checkRequiredTools () { which kubectl > /dev/null exitIfCommandFailed $? "kubectl is required, exiting..." + which kubelogin > /dev/null + exitIfCommandFailed $? "kubelogin is required, exiting..." + which helm > /dev/null exitIfCommandFailed $? "helm is required, exiting..." @@ -259,11 +256,11 @@ createResourceGroupIfNotExists () { local location=$1 local rg=$2 printf "Checking if resource group $rg exists... " - az group show -n $rg -o json > /dev/null 2>&1 + az group show -n $rg -o json > /dev/null 2>&1 if [ $? -ne 0 ]; then printf "No.\n" printf "Creating resource group... " - az group create -l $location -n $rg > /dev/null 2>&1 + az group create -l $location -n $rg > /dev/null 2>&1 printf "Done.\n" else printf "Yes.\n" @@ -274,7 +271,7 @@ getAksCredentials () { local rg=$1 local aks=$2 printf "Getting AKS credentials... " - az aks get-credentials -g $rg -n $aks --overwrite-existing > /dev/null 2>&1 + az aks get-credentials -g $rg -n $aks --overwrite-existing > /dev/null > /dev/null 2>&1 exitIfCommandFailed $? "Error getting AKS credentials, exiting..." kubelogin convert-kubeconfig -l azurecli exitIfCommandFailed $? "Error logging into AKS, exiting..." @@ -323,15 +320,13 @@ deployAzureResources () { --no-prompt \ --resource-group $RESOURCE_GROUP \ --template-file ./main.bicep \ - --parameters "resourceBaseName=$RESOURCE_BASE_NAME" \ --parameters "resourceGroup=$RESOURCE_GROUP" \ + --parameters "resourceBaseName=$RESOURCE_BASE_NAME" \ --parameters "apimName=$APIM_NAME" \ --parameters "apimTier=$APIM_TIER" \ - --parameters "apiPublisherName=$PUBLISHER_NAME" \ --parameters "apiPublisherEmail=$PUBLISHER_EMAIL" \ + --parameters "apiPublisherName=$PUBLISHER_NAME" \ --parameters "enablePrivateEndpoints=$ENABLE_PRIVATE_ENDPOINTS" \ - --parameters "acrName=$CONTAINER_REGISTRY_NAME" \ - --parameters "deployerPrincipalId=$deployerPrincipalId" \ --output json) # errors in deployment may not be caught by exitIfCommandFailed function so we also check the output for errors exitIfCommandFailed $? "Error deploying Azure resources..." @@ -339,7 +334,6 @@ deployAzureResources () { AZURE_OUTPUTS=$(jq -r .properties.outputs <<< $AZURE_DEPLOY_RESULTS) exitIfCommandFailed $? "Error parsing outputs from Azure deployment..." exitIfValueEmpty "$AZURE_OUTPUTS" "Error parsing outputs from Azure deployment..." - assignAOAIRoleToManagedIdentity } validateSKUs() { @@ -391,19 +385,6 @@ checkSKUQuotas() { printf "Done.\n" } -assignAOAIRoleToManagedIdentity() { - printf "Assigning 'Cognitive Services OpenAI Contributor' role to managed identity... " - local servicePrincipalId=$(jq -r .azure_workload_identity_principal_id.value <<< $AZURE_OUTPUTS) - exitIfValueEmpty "$servicePrincipalId" "Unable to parse service principal id from azure outputs, exiting..." - local scope=$(az cognitiveservices account list --query "[?contains(properties.endpoint, '$GRAPHRAG_API_BASE')] | [0].id" -o tsv) - az role assignment create --only-show-errors \ - --role "Cognitive Services OpenAI Contributor" \ - --assignee "$servicePrincipalId" \ - --scope "$scope" > /dev/null 2>&1 - exitIfCommandFailed $? "Error assigning role to service principal, exiting..." - printf "Done.\n" -} - installGraphRAGHelmChart () { echo "Deploying graphrag helm chart... " local workloadId=$(jq -r .azure_workload_identity_client_id.value <<< $AZURE_OUTPUTS) @@ -421,6 +402,7 @@ installGraphRAGHelmChart () { local cosmosEndpoint=$(jq -r .azure_cosmosdb_endpoint.value <<< $AZURE_OUTPUTS) exitIfValueEmpty "$cosmosEndpoint" "Unable to parse CosmosDB endpoint from Azure outputs, exiting..." + local graphragHostname=$(jq -r .azure_app_hostname.value <<< $AZURE_OUTPUTS) local graphragHostname=$(jq -r .azure_app_hostname.value <<< $AZURE_OUTPUTS) exitIfValueEmpty "$graphragHostname" "Unable to parse graphrag hostname from deployment outputs, exiting..." @@ -432,8 +414,21 @@ installGraphRAGHelmChart () { local graphragImageName=$(sed -rn "s/([^:]+).*/\1/p" <<< "$GRAPHRAG_IMAGE") local graphragImageVersion=$(sed -rn "s/[^:]+:(.*)/\1/p" <<< "$GRAPHRAG_IMAGE") - exitIfValueEmpty "$graphragImageName" "Unable to parse graphrag image name, exiting..." - exitIfValueEmpty "$graphragImageVersion" "Unable to parse graphrag image version, exiting..." + exitIfValueEmpty "$graphragImageName" "Unable to parse graphrag docker image name, exiting..." + exitIfValueEmpty "$graphragImageVersion" "Unable to parse graphrag docker image version, exiting..." + + local graphragApiBase=$(jq -r .azure_aoai_endpoint.value <<< $AZURE_OUTPUTS) + exitIfValueEmpty "$graphragApiBase" "Unable to parse AOAI endpoint from deployment outputs, exiting..." + local graphragApiVersion=$(jq -r .azure_aoai_llm_model_api_version.value <<< $AZURE_OUTPUTS) + exitIfValueEmpty "$graphragApiVersion" "Unable to parse AOAI model api version from deployment outputs, exiting..." + local graphragLlmModel=$(jq -r .azure_aoai_llm_model.value <<< $AZURE_OUTPUTS) + exitIfValueEmpty "$graphragLlmModel" "Unable to parse LLM model name from deployment outputs, exiting..." + local graphragLlmModelDeployment=$(jq -r .azure_aoai_llm_model_deployment_name.value <<< $AZURE_OUTPUTS) + exitIfValueEmpty "$graphragLlmModelDeployment" "Unable to parse LLM model deployment name from deployment outputs, exiting..." + local graphragEmbeddingModel=$(jq -r .azure_aoai_embedding_model.value <<< $AZURE_OUTPUTS) + exitIfValueEmpty "$graphragEmbeddingModel" "Unable to parse embedding model name from deployment outputs, exiting..." + local graphragEmbeddingModelDeployment=$(jq -r .azure_aoai_embedding_model_deployment_name.value <<< $AZURE_OUTPUTS) + exitIfValueEmpty "$graphragEmbeddingModelDeployment" "Unable to parse embedding model deployment name from deployment outputs, exiting..." reset_x=true if ! [ -o xtrace ]; then @@ -449,17 +444,16 @@ installGraphRAGHelmChart () { --set "master.image.repository=$containerRegistryName/$graphragImageName" \ --set "master.image.tag=$graphragImageVersion" \ --set "ingress.host=$graphragHostname" \ - --set "graphragConfig.APPLICATIONINSIGHTS_CONNECTION_STRING=$appInsightsConnectionString" \ --set "graphragConfig.AI_SEARCH_URL=https://$aiSearchName.$AISEARCH_ENDPOINT_SUFFIX" \ - --set "graphragConfig.AI_SEARCH_AUDIENCE=$AISEARCH_AUDIENCE" \ + --set "graphragConfig.APPLICATIONINSIGHTS_CONNECTION_STRING=$appInsightsConnectionString" \ --set "graphragConfig.COSMOS_URI_ENDPOINT=$cosmosEndpoint" \ - --set "graphragConfig.GRAPHRAG_API_BASE=$GRAPHRAG_API_BASE" \ - --set "graphragConfig.GRAPHRAG_API_VERSION=$GRAPHRAG_API_VERSION" \ + --set "graphragConfig.GRAPHRAG_API_BASE=$graphragApiBase" \ + --set "graphragConfig.GRAPHRAG_API_VERSION=$graphragApiVersion" \ + --set "graphragConfig.GRAPHRAG_LLM_MODEL=$graphragLlmModel" \ + --set "graphragConfig.GRAPHRAG_LLM_DEPLOYMENT_NAME=$graphragLlmModelDeployment" \ + --set "graphragConfig.GRAPHRAG_EMBEDDING_MODEL=$graphragEmbeddingModel" \ + --set "graphragConfig.GRAPHRAG_EMBEDDING_DEPLOYMENT_NAME=$graphragEmbeddingModelDeployment" \ --set "graphragConfig.COGNITIVE_SERVICES_AUDIENCE=$COGNITIVE_SERVICES_AUDIENCE" \ - --set "graphragConfig.GRAPHRAG_LLM_MODEL=$GRAPHRAG_LLM_MODEL" \ - --set "graphragConfig.GRAPHRAG_LLM_DEPLOYMENT_NAME=$GRAPHRAG_LLM_DEPLOYMENT_NAME" \ - --set "graphragConfig.GRAPHRAG_EMBEDDING_MODEL=$GRAPHRAG_EMBEDDING_MODEL" \ - --set "graphragConfig.GRAPHRAG_EMBEDDING_DEPLOYMENT_NAME=$GRAPHRAG_EMBEDDING_DEPLOYMENT_NAME" \ --set "graphragConfig.STORAGE_ACCOUNT_BLOB_URL=$storageAccountBlobUrl" local helmResult=$? @@ -534,6 +528,7 @@ deployGraphragAPI () { exitIfValueEmpty "$apimName" "Error parsing apim name from azure outputs, exiting..." local backendSwaggerUrl="$apimGatewayUrl/manpage/openapi.json" local graphragUrl=$(jq -r .azure_app_url.value <<< $AZURE_OUTPUTS) + local graphragUrl=$(jq -r .azure_app_url.value <<< $AZURE_OUTPUTS) exitIfValueEmpty "$graphragUrl" "Error parsing GraphRAG URL from azure outputs, exiting..." waitForGraphragBackend $backendSwaggerUrl diff --git a/infra/helm/graphrag/values.yaml b/infra/helm/graphrag/values.yaml index f93d4816..9b8cce48 100644 --- a/infra/helm/graphrag/values.yaml +++ b/infra/helm/graphrag/values.yaml @@ -30,7 +30,7 @@ ingress: service.beta.kubernetes.io/azure-load-balancer-internal: "true" graphragConfig: - AI_SEARCH_AUDIENCE: "" + AI_SEARCH_AUDIENCE: "https://search.azure.com" AI_SEARCH_URL: "" APPLICATIONINSIGHTS_CONNECTION_STRING: "" # Must set hidden env variable to true to disable statsbeat. For more information: https://github.com/Azure/azure-sdk-for-python/issues/34804 diff --git a/infra/main.bicep b/infra/main.bicep index 8a1b019c..e076b8fe 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -31,9 +31,6 @@ var resourceBaseNameFinal = !empty(resourceBaseName) @description('Cloud region for all resources') param location string = az.resourceGroup().location -@description('Principal/Object ID of the deployer. Will be used to assign admin roles to the AKS cluster.') -param deployerPrincipalId string - @minLength(1) @description('Name of the publisher of the API Management instance.') param apiPublisherName string = 'Microsoft' @@ -58,6 +55,31 @@ param acrName string = '' param storageAccountName string = '' param cosmosDbName string = '' param aiSearchName string = '' +param utcString string = utcNow() +param graphragimage string = 'graphragbackend' +param graphragimageversion string = 'latest' + +// AOAI parameters +@description('Name of the AOAI LLM model to use. Must match official model id. For more information: https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models') +@allowed(['gpt-4o', 'gpt-4o-mini']) +param llmModelName string = 'gpt-4o' +@description('Version of the AOAI LLM model to use.') +param llmModelVersion string = '2024-08-06' +@description('Quota of the AOAI LLM model to use.') +@minValue(1) +param llmModelQuota int = 1 + +@description('Name of the AOAI embedding model to use. Must match official model id. For more information: https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models') +@allowed(['text-embedding-ada-002', 'text-embedding-3-large']) +param embeddingModelName string = 'text-embedding-ada-002' +param embeddingModelVersion string = '2' +@description('Quota of the AOAI embedding model to use.') +@minValue(1) +param embeddingModelQuota int = 1 + + +param publicStorageAccountName string ='' +param publicStorageAccountKey string ='' var abbrs = loadJsonContent('abbreviations.json') var tags = { 'azd-env-name': resourceGroup } @@ -70,19 +92,19 @@ var dnsDomain = 'graphrag.io' var appHostname = 'graphrag.${dnsDomain}' var appUrl = 'http://${appHostname}' -@description('Role definitions for various RBAC roles that will be assigned at deployment time. Learn more: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles') +@description('Role definitions for various roles that will be assigned at deployment time. Learn more: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles') var roles = { - privateDnsZoneContributor: resourceId( + acrPull: resourceId( 'Microsoft.Authorization/roleDefinitions', - 'b12aa53e-6015-4669-85d0-8515ebb3ae7f' // Private DNS Zone Contributor Role + '7f951dda-4ed3-4680-a7ca-43fe172d538d' // ACR Pull Role ) networkContributor: resourceId( 'Microsoft.Authorization/roleDefinitions', '4d97b98b-1d4f-4787-a291-c67834d212e7' // Network Contributor Role ) - acrPull: resourceId( + privateDnsZoneContributor: resourceId( 'Microsoft.Authorization/roleDefinitions', - '7f951dda-4ed3-4680-a7ca-43fe172d538d' // ACR Pull Role + 'b12aa53e-6015-4669-85d0-8515ebb3ae7f' // Private DNS Zone Contributor Role ) } @@ -148,6 +170,20 @@ module vnet 'core/vnet/vnet.bicep' = { } } +module aoai 'core/aoai/aoai.bicep' = { + name: 'aoai-deployment' + params: { + openAiName: '${abbrs.cognitiveServicesAccounts}${resourceBaseNameFinal}' + location: location + llmModelName: llmModelName + llmModelVersion: llmModelVersion + llmTpmQuota: llmModelQuota + embeddingModelName: embeddingModelName + embeddingModelVersion: embeddingModelVersion + embeddingTpmQuota: embeddingModelQuota + } +} + module acr 'core/acr/acr.bicep' = { name: 'acr-deployment' params: { @@ -163,7 +199,7 @@ module aks 'core/aks/aks.bicep' = { location: location graphragVMSize: 'standard_d8s_v5' // 8 vcpu, 32 GB memory graphragIndexingVMSize: 'standard_e8s_v5' // 8 vcpus, 64 GB memory - clusterAdmins: !empty(deployerPrincipalId) ? ['${deployerPrincipalId}'] : null + clusterAdmins: null logAnalyticsWorkspaceId: log.outputs.id subnetId: vnet.outputs.aksSubnetId privateDnsZoneName: privateDnsZone.outputs.name @@ -334,29 +370,105 @@ module privateLinkScopePrivateEndpoint 'core/vnet/private-endpoint.bicep' = if ( } } +module deploymentScript 'core/scripts/deployment-script.bicep' ={ + name: utcString + params: { + utcValue: utcString + name:'graphragscript' + location:location + subscriptionId:subscription().id + tenantid:tenant().tenantId + acrserver:'graphrag.azure.acr.io' + azure_location:location + azure_acr_login_server:acr.outputs.loginServer + azure_acr_name:acr.outputs.name + azure_aks_name: aks.outputs.name + azure_aks_controlplanefqdn:aks.outputs.controlPlaneFqdn + azure_aks_managed_rg :aks.outputs.managedResourceGroup + azure_aks_service_account_name:aksServiceAccountName + imagename:graphragimage + imageversion:graphragimageversion + azure_apim_gateway_url:apim.outputs.apimGatewayUrl + azure_apim_name :apim.outputs.name + managed_identity_aks:aks.outputs.systemIdentity + script_file:loadTextContent('managed-app/artifacts/scripts/updategraphrag.sh') + ai_search_name:aiSearch.name + azure_aoai_endpoint:aoai.outputs.openAiEndpoint + azure_aoai_llm_model : aoai.outputs.llmModel + azure_aoai_llm_model_deployment_name:aoai.outputs.llmModelDeploymentName + azure_aoai_llm_model_api_version :aoai.outputs.llmModelApiVersion + azure_aoai_embedding_model:aoai.outputs.textEmbeddingModel + azure_aoai_embedding_model_deployment_name:aoai.outputs.textEmbeddingModelDeploymentName + azure_aoai_embedding_model_api_version:aoai.outputs.textEmbeddingModelApiVersion + azure_app_hostname:appHostname + azure_app_url:appUrl + azure_app_insights_connection_string:appInsights.outputs.connectionString + azure_cosmosdb_endpoint :cosmosdb.outputs.endpoint + azure_cosmosdb_name:cosmosdb.outputs.name + azure_cosmosdb_id:cosmosdb.outputs.id + azure_dns_zone_name:privateDnsZone.outputs.name + azure_storage_account:storage.outputs.name + azure_storage_account_blob_url:storage.outputs.primaryEndpoints.blob + azure_workload_identity_client_id:workloadIdentity.outputs.clientId + azure_workload_identity_principal_id:workloadIdentity.outputs.principalId + azure_workload_identity_name:workloadIdentity.outputs.name + public_storage_account_name: publicStorageAccountName + public_storage_account_key: publicStorageAccountKey + + } +} + +module apimgraphragservicedef 'core/apim/apim.graphrag-servicedef.bicep'={ + name: 'graphragservicedef-deployment' + params:{ + name:'GraphRag' + apimname:apim.outputs.name + backendUrl:appUrl + } +} + output azure_location string = location + output azure_tenant_id string = tenant().tenantId + output azure_ai_search_name string = aiSearch.outputs.name + output azure_acr_login_server string = acr.outputs.loginServer output azure_acr_name string = acr.outputs.name + output azure_aks_name string = aks.outputs.name output azure_aks_controlplanefqdn string = aks.outputs.controlPlaneFqdn output azure_aks_managed_rg string = aks.outputs.managedResourceGroup output azure_aks_service_account_name string = aksServiceAccountName -output azure_storage_account string = storage.outputs.name -output azure_storage_account_blob_url string = storage.outputs.primaryEndpoints.blob + +output azure_aoai_endpoint string = aoai.outputs.openAiEndpoint +output azure_aoai_llm_model string = aoai.outputs.llmModel +output azure_aoai_llm_model_deployment_name string = aoai.outputs.llmModelDeploymentName +output azure_aoai_llm_model_api_version string = aoai.outputs.llmModelApiVersion +output azure_aoai_embedding_model string = aoai.outputs.textEmbeddingModel +output azure_aoai_embedding_model_deployment_name string = aoai.outputs.textEmbeddingModelDeploymentName +output azure_aoai_embedding_model_api_version string = aoai.outputs.textEmbeddingModelApiVersion + +output azure_apim_gateway_url string = apim.outputs.apimGatewayUrl +output azure_apim_name string = apim.outputs.name + +output azure_app_hostname string = appHostname +output azure_app_url string = appUrl + +output azure_app_insights_connection_string string = appInsights.outputs.connectionString + output azure_cosmosdb_endpoint string = cosmosdb.outputs.endpoint output azure_cosmosdb_name string = cosmosdb.outputs.name output azure_cosmosdb_id string = cosmosdb.outputs.id -output azure_app_insights_connection_string string = appInsights.outputs.connectionString -output azure_apim_name string = apim.outputs.name -output azure_apim_gateway_url string = apim.outputs.apimGatewayUrl + output azure_dns_zone_name string = privateDnsZone.outputs.name -output azure_app_hostname string = appHostname -output azure_app_url string = appUrl -output azure_workload_identity_client_id string = workloadIdentity.outputs.clientId -output azure_workload_identity_principal_id string = workloadIdentity.outputs.principalId -output azure_workload_identity_name string = workloadIdentity.outputs.name output azure_private_dns_zones array = enablePrivateEndpoints ? union(privatelinkPrivateDns.outputs.privateDnsZones, [privateDnsZone.outputs.name]) : [] + +output azure_storage_account string = storage.outputs.name +output azure_storage_account_blob_url string = storage.outputs.primaryEndpoints.blob + +output azure_workload_identity_client_id string = workloadIdentity.outputs.clientId +output azure_workload_identity_principal_id string = workloadIdentity.outputs.principalId +output azure_workload_identity_name string = workloadIdentity.outputs.name diff --git a/infra/mainTemplate.json b/infra/mainTemplate.json new file mode 100644 index 00000000..e8f96874 --- /dev/null +++ b/infra/mainTemplate.json @@ -0,0 +1,5469 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "9942415607713496570" + } + }, + "parameters": { + "resourceGroup": { + "type": "string", + "minLength": 1, + "maxLength": 64, + "metadata": { + "description": "Name of the resource group that GraphRAG will be deployed in." + } + }, + "resourceBaseName": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Unique name to append to each resource" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Cloud region for all resources" + } + }, + "apiPublisherName": { + "type": "string", + "defaultValue": "Microsoft", + "minLength": 1, + "metadata": { + "description": "Name of the publisher of the API Management instance." + } + }, + "apiPublisherEmail": { + "type": "string", + "defaultValue": "publisher@microsoft.com", + "minLength": 1, + "metadata": { + "description": "Email address of the publisher of the API Management instance." + } + }, + "aksNamespace": { + "type": "string", + "defaultValue": "graphrag", + "metadata": { + "description": "The AKS namespace to install GraphRAG in." + } + }, + "enablePrivateEndpoints": { + "type": "bool", + "defaultValue": true, + "metadata": { + "description": "Whether to enable private endpoints." + } + }, + "restoreAPIM": { + "type": "bool", + "defaultValue": false, + "metadata": { + "description": "Whether to restore the API Management instance." + } + }, + "apimTier": { + "type": "string", + "defaultValue": "Developer" + }, + "apimName": { + "type": "string", + "defaultValue": "" + }, + "acrName": { + "type": "string", + "defaultValue": "" + }, + "storageAccountName": { + "type": "string", + "defaultValue": "" + }, + "cosmosDbName": { + "type": "string", + "defaultValue": "" + }, + "aiSearchName": { + "type": "string", + "defaultValue": "" + }, + "utcString": { + "type": "string", + "defaultValue": "[utcNow()]" + }, + "graphragimage": { + "type": "string", + "defaultValue": "graphragbackend" + }, + "graphragimageversion": { + "type": "string", + "defaultValue": "latest" + }, + "llmModelName": { + "type": "string", + "defaultValue": "gpt-4o", + "allowedValues": [ + "gpt-4o", + "gpt-4o-mini" + ], + "metadata": { + "description": "Name of the AOAI LLM model to use. Must match official model id. For more information: https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models" + } + }, + "llmModelVersion": { + "type": "string", + "defaultValue": "2024-08-06", + "metadata": { + "description": "Version of the AOAI LLM model to use." + } + }, + "llmModelQuota": { + "type": "int", + "defaultValue": 1, + "minValue": 1, + "metadata": { + "description": "Quota of the AOAI LLM model to use." + } + }, + "embeddingModelName": { + "type": "string", + "defaultValue": "text-embedding-ada-002", + "allowedValues": [ + "text-embedding-ada-002", + "text-embedding-3-large" + ], + "metadata": { + "description": "Name of the AOAI embedding model to use. Must match official model id. For more information: https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models" + } + }, + "embeddingModelVersion": { + "type": "string", + "defaultValue": "2" + }, + "embeddingModelQuota": { + "type": "int", + "defaultValue": 1, + "minValue": 1, + "metadata": { + "description": "Quota of the AOAI embedding model to use." + } + }, + "publicStorageAccountName": { + "type": "string", + "defaultValue": "" + }, + "publicStorageAccountKey": { + "type": "securestring", + "defaultValue": "" + } + }, + "variables": { + "$fxv#0": { + "analysisServicesServers": "as", + "apiManagementService": "apim-", + "appConfigurationConfigurationStores": "appcs-", + "appContainerApps": "ca-", + "appManagedEnvironments": "cae-", + "authorizationPolicyDefinitions": "policy-", + "automationAutomationAccounts": "aa-", + "azureOpenAI": "aoai-", + "blueprintBlueprints": "bp-", + "blueprintBlueprintsArtifacts": "bpa-", + "cacheRedis": "redis-", + "cdnProfiles": "cdnp-", + "cdnProfilesEndpoints": "cdne-", + "cognitiveServicesAccounts": "cog-", + "cognitiveServicesFormRecognizer": "cog-fr-", + "cognitiveServicesTextAnalytics": "cog-ta-", + "computeAvailabilitySets": "avail-", + "computeCloudServices": "cld-", + "computeDiskEncryptionSets": "des", + "computeDisks": "disk", + "computeDisksOs": "osdisk", + "computeGalleries": "gal", + "computeSnapshots": "snap-", + "computeVirtualMachineScaleSets": "vmss-", + "computeVirtualMachines": "vm", + "containerInstanceContainerGroups": "ci", + "containerRegistryRegistries": "cr", + "containerServiceManagedClusters": "aks-", + "dBforMySQLServers": "mysql-", + "dBforPostgreSQLServers": "psql-", + "dataFactoryFactories": "adf-", + "dataLakeAnalyticsAccounts": "dla", + "dataLakeStoreAccounts": "dls", + "dataMigrationServices": "dms-", + "databricksWorkspaces": "dbw-", + "devicesIotHubs": "iot-", + "devicesProvisioningServices": "provs-", + "devicesProvisioningServicesCertificates": "pcert-", + "documentDBDatabaseAccounts": "cosmos-", + "eventGridDomains": "evgd-", + "eventGridDomainsTopics": "evgt-", + "eventGridEventSubscriptions": "evgs-", + "eventHubNamespaces": "evhns-", + "eventHubNamespacesEventHubs": "evh-", + "hdInsightClustersHadoop": "hadoop-", + "hdInsightClustersHbase": "hbase-", + "hdInsightClustersKafka": "kafka-", + "hdInsightClustersMl": "mls-", + "hdInsightClustersSpark": "spark-", + "hdInsightClustersStorm": "storm-", + "hybridComputeMachines": "arcs-", + "insightsActionGroups": "ag-", + "insightsComponents": "appi-", + "keyVaultVaults": "kv-", + "kubernetesConnectedClusters": "arck", + "kustoClusters": "dec", + "kustoClustersDatabases": "dedb", + "logicIntegrationAccounts": "ia-", + "logicWorkflows": "logic-", + "machineLearningServicesWorkspaces": "mlw-", + "managedIdentityUserAssignedIdentities": "id-", + "managementManagementGroups": "mg-", + "migrateAssessmentProjects": "migr-", + "networkApplicationGateways": "agw-", + "networkApplicationSecurityGroups": "asg-", + "networkAzureFirewalls": "afw-", + "networkBastionHosts": "bas-", + "networkConnections": "con-", + "networkDnsZones": "dnsz-", + "networkExpressRouteCircuits": "erc-", + "networkFirewallPolicies": "afwp-", + "networkFirewallPoliciesRuleGroups": "wafrg", + "networkFirewallPoliciesWebApplication": "waf", + "networkFrontDoors": "fd-", + "networkFrontdoorWebApplicationFirewallPolicies": "fdfp-", + "networkLoadBalancersExternal": "lbe-", + "networkLoadBalancersInboundNatRules": "rule-", + "networkLoadBalancersInternal": "lbi-", + "networkLocalNetworkGateways": "lgw-", + "networkNatGateways": "ng-", + "networkNetworkInterfaces": "nic-", + "networkNetworkSecurityGroups": "nsg-", + "networkNetworkSecurityGroupsSecurityRules": "nsgsr-", + "networkNetworkWatchers": "nw-", + "networkPrivateDnsZones": "pdnsz-", + "networkPrivateLinkServices": "pl-", + "networkPublicIPAddresses": "pip-", + "networkPublicIPPrefixes": "ippre-", + "networkRouteFilters": "rf-", + "networkRouteTables": "rt-", + "networkRouteTablesRoutes": "udr-", + "networkTrafficManagerProfiles": "traf-", + "networkVirtualNetworkGateways": "vgw-", + "networkVirtualNetworks": "vnet-", + "networkVirtualNetworksSubnets": "snet-", + "networkVirtualNetworksVirtualNetworkPeerings": "peer-", + "networkVirtualWans": "vwan-", + "networkVpnGateways": "vpng-", + "networkVpnGatewaysVpnConnections": "vcn-", + "networkVpnGatewaysVpnSites": "vst-", + "notificationHubsNamespaces": "ntfns-", + "notificationHubsNamespacesNotificationHubs": "ntf-", + "operationalInsightsWorkspaces": "log-", + "portalDashboards": "dash-", + "powerBIDedicatedCapacities": "pbi-", + "privateEndpoint": "pep-", + "purviewAccounts": "pview-", + "recoveryServicesVaults": "rsv-", + "resourcesResourceGroups": "rg-", + "searchSearchServices": "srch-", + "serviceBusNamespaces": "sb-", + "serviceBusNamespacesQueues": "sbq-", + "serviceBusNamespacesTopics": "sbt-", + "serviceEndPointPolicies": "se-", + "serviceFabricClusters": "sf-", + "signalRServiceSignalR": "sigr", + "sqlManagedInstances": "sqlmi-", + "sqlServers": "sql-", + "sqlServersDataWarehouse": "sqldw-", + "sqlServersDatabases": "sqldb-", + "sqlServersDatabasesStretch": "sqlstrdb-", + "storSimpleManagers": "ssimp", + "storageStorageAccounts": "st", + "storageStorageAccountsVm": "stvm", + "streamAnalyticsCluster": "asa-", + "synapseWorkspaces": "syn", + "synapseWorkspacesAnalyticsWorkspaces": "synw", + "synapseWorkspacesSqlPoolsDedicated": "syndp", + "synapseWorkspacesSqlPoolsSpark": "synsp", + "timeSeriesInsightsEnvironments": "tsi-", + "webServerFarms": "plan-", + "webSitesAppService": "app-", + "webSitesAppServiceEnvironment": "ase-", + "webSitesFunctions": "func-", + "webStaticSites": "stapp-" + }, + "$fxv#1": "#!/bin/bash\n# Install kubectl\nset -e\naz aks install-cli --only-show-errors\n \n\n# Get AKS credentials\naz aks get-credentials \\\n --admin \\\n --name $AZURE_AKS_NAME \\\n --resource-group $AZURE_RESOURCE_GROUP --only-show-errors\n\n# Check if the cluster is private or not\n\n# Assign a value to aksNamespace\naksNamespace=\"graphrag\"\n\n# Install Helm\ncurl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 -o get_helm.sh -s\nchmod 700 get_helm.sh\n./get_helm.sh &>/dev/null\n\n# Add Helm repos\nhelm repo add prometheus-community https://prometheus-community.github.io/helm-charts\nhelm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx\n\n# Update Helm repos\nhelm repo update\n\nhelm pull oci://graphrag.azurecr.io/graphrag --untar\n\n \nhelm upgrade -i graphrag ./graphrag -f ./graphrag/values.yaml \\\n --namespace $aksNamespace --create-namespace \\\n --set \"serviceAccount.name=$AZURE_AKS_SERVICE_ACCOUNT_NAME\" \\\n --set \"serviceAccount.annotations.azure\\.workload\\.identity/client-id=$AZURE_WORKLOAD_IDENTITY_CLIENT_ID\" \\\n --set \"master.image.repository=graphrag.azurecr.io/$IMAGE_NAME\" \\\n --set \"master.image.tag=$IMAGE_VERSION\" \\\n --set \"ingress.host=$AZURE_APP_HOSTNAME\" \\\n --set \"graphragConfig.APPLICATIONINSIGHTS_CONNECTION_STRING=$APP_INSIGHTS_CONNECTION_STRING\" \\\n --set \"graphragConfig.AI_SEARCH_URL=https://$AI_SEARCH_NAME.search.windows.net\" \\\n --set \"graphragConfig.COSMOS_URI_ENDPOINT=$AZURE_COSMOSDB_ENDPOINT\" \\\n --set \"graphragConfig.GRAPHRAG_API_BASE=$AZURE_OPENAI_ENDPOINT\" \\\n --set \"graphragConfig.GRAPHRAG_API_VERSION=$AZURE_AOAI_LLM_MODEL_API_VERSION\" \\\n --set \"graphragConfig.GRAPHRAG_LLM_MODEL=$AZURE_AOAI_LLM_MODEL\"\\\n --set \"graphragConfig.GRAPHRAG_LLM_DEPLOYMENT_NAME=$AZURE_AOAI_LLM_MODEL_DEPLOYMENT_NAME\" \\\n --set \"graphragConfig.GRAPHRAG_EMBEDDING_MODEL=$AZURE_AOAI_EMBEDDING_MODEL\" \\\n --set \"graphragConfig.GRAPHRAG_EMBEDDING_DEPLOYMENT_NAME=$AZURE_AOAI_EMBEDDING_MODEL_DEPLOYMENT_NAME\" \\\n --set \"graphragConfig.COGNITIVE_SERVICES_AUDIENCE=$COGNITIVE_SERVICES_AUDIENCE\" \\\n --set \"graphragConfig.STORAGE_ACCOUNT_BLOB_URL=$AZURE_STORAGE_ACCOUNT_BLOB_URL\"\n\n \n\n\n\n", + "resourceBaseNameFinal": "[if(not(empty(parameters('resourceBaseName'))), parameters('resourceBaseName'), toLower(uniqueString(format('{0}/resourceGroups/{1}', subscription().id, parameters('resourceGroup')))))]", + "abbrs": "[variables('$fxv#0')]", + "tags": { + "azd-env-name": "[parameters('resourceGroup')]" + }, + "workloadIdentityName": "[format('{0}{1}', variables('abbrs').managedIdentityUserAssignedIdentities, variables('resourceBaseNameFinal'))]", + "aksServiceAccountName": "[format('{0}-workload-sa', parameters('aksNamespace'))]", + "workloadIdentitySubject": "[format('system:serviceaccount:{0}:{1}', parameters('aksNamespace'), variables('aksServiceAccountName'))]", + "dnsDomain": "graphrag.io", + "appHostname": "[format('graphrag.{0}', variables('dnsDomain'))]", + "appUrl": "[format('http://{0}', variables('appHostname'))]", + "roles": { + "acrPull": "[resourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d')]", + "networkContributor": "[resourceId('Microsoft.Authorization/roleDefinitions', '4d97b98b-1d4f-4787-a291-c67834d212e7')]", + "privateDnsZoneContributor": "[resourceId('Microsoft.Authorization/roleDefinitions', 'b12aa53e-6015-4669-85d0-8515ebb3ae7f')]" + } + }, + "resources": [ + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "aks-workload-identity-rbac-assignments", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "principalId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.principalId.value]" + }, + "principalType": { + "value": "ServicePrincipal" + }, + "cosmosDbName": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.name.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "15674161325892705676" + } + }, + "parameters": { + "principalId": { + "type": "string", + "metadata": { + "description": "ID of the service principal to assign the RBAC roles to." + } + }, + "principalType": { + "type": "string", + "allowedValues": [ + "ServicePrincipal", + "User", + "Group", + "Device", + "ForeignGroup" + ], + "metadata": { + "description": "Type of principal to assign the RBAC roles to." + } + }, + "cosmosDbName": { + "type": "string", + "metadata": { + "description": "Name of an existing CosmosDB resource." + } + } + }, + "variables": { + "roleDefinitions": [ + { + "id": "ba92f5b4-2d11-453d-a403-e96b0029c9fe" + }, + { + "id": "b24988ac-6180-42a0-ab88-20f7382dd24c" + }, + { + "id": "8ebe5a00-799e-43f5-93ac-243d3dce84a7" + }, + { + "id": "1407120a-92aa-4202-b7e9-c0e197c71c8f" + }, + { + "id": "a001fd3d-188f-4b5d-821b-7da978bf7442" + }, + { + "id": "3913510d-42f4-4e42-8a64-420c390055eb" + } + ], + "customRoleName": "Custom cosmosDB role for graphrag - adds read/write permissions at the database and container level" + }, + "resources": [ + { + "copy": { + "name": "roleAssignment", + "count": "[length(variables('roleDefinitions'))]" + }, + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(subscription().subscriptionId, resourceGroup().name, parameters('principalId'), parameters('principalType'), variables('roleDefinitions')[copyIndex()].id)]", + "properties": { + "principalId": "[parameters('principalId')]", + "principalType": "[parameters('principalType')]", + "roleDefinitionId": "[resourceId('Microsoft.Authorization/roleDefinitions', variables('roleDefinitions')[copyIndex()].id)]" + } + }, + { + "type": "Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions", + "apiVersion": "2024-12-01-preview", + "name": "[format('{0}/{1}', parameters('cosmosDbName'), guid(subscription().subscriptionId, resourceGroup().name, resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName')), variables('customRoleName')))]", + "properties": { + "roleName": "[variables('customRoleName')]", + "type": "CustomRole", + "assignableScopes": [ + "[resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName'))]" + ], + "permissions": [ + { + "dataActions": [ + "Microsoft.DocumentDB/databaseAccounts/readMetadata", + "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/*", + "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/*", + "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/write" + ] + } + ] + } + }, + { + "type": "Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments", + "apiVersion": "2024-12-01-preview", + "name": "[format('{0}/{1}', parameters('cosmosDbName'), guid(subscription().subscriptionId, resourceGroup().name, resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName')), resourceId('Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions', parameters('cosmosDbName'), guid(subscription().subscriptionId, resourceGroup().name, resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName')), variables('customRoleName'))), parameters('principalId')))]", + "properties": { + "principalId": "[parameters('principalId')]", + "roleDefinitionId": "[resourceId('Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions', parameters('cosmosDbName'), guid(subscription().subscriptionId, resourceGroup().name, resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName')), variables('customRoleName')))]", + "scope": "[resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName'))]" + }, + "dependsOn": [ + "[resourceId('Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions', parameters('cosmosDbName'), guid(subscription().subscriptionId, resourceGroup().name, resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName')), variables('customRoleName')))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "aks-rbac-assignments", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "roleAssignments": { + "value": [ + { + "principalId": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.kubeletPrincipalId.value]", + "principalType": "ServicePrincipal", + "roleDefinitionId": "[variables('roles').acrPull]" + }, + { + "principalId": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.ingressWebAppIdentity.value]", + "principalType": "ServicePrincipal", + "roleDefinitionId": "[variables('roles').privateDnsZoneContributor]" + }, + { + "principalId": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.systemIdentity.value]", + "principalType": "ServicePrincipal", + "roleDefinitionId": "[variables('roles').networkContributor]" + } + ] + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13254511464568135903" + } + }, + "parameters": { + "roleAssignments": { + "type": "array", + "defaultValue": [], + "metadata": { + "description": "Array of objects with fields principalId, principalType, roleDefinitionId" + } + } + }, + "resources": [ + { + "copy": { + "name": "roleAssignment", + "count": "[length(parameters('roleAssignments'))]" + }, + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(subscription().subscriptionId, resourceGroup().name, parameters('roleAssignments')[copyIndex()].principalId, parameters('roleAssignments')[copyIndex()].principalType, parameters('roleAssignments')[copyIndex()].roleDefinitionId)]", + "properties": "[parameters('roleAssignments')[copyIndex()]]" + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'aks-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "log-analytics-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "name": { + "value": "[format('{0}{1}', variables('abbrs').operationalInsightsWorkspaces, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "publicNetworkAccessForIngestion": "[if(parameters('enablePrivateEndpoints'), createObject('value', 'Disabled'), createObject('value', 'Enabled'))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "11258206015777241921" + } + }, + "parameters": { + "name": { + "type": "string", + "metadata": { + "description": "The name of the Log Analytics resource." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the Log Analytics resource." + } + }, + "publicNetworkAccessForIngestion": { + "type": "string", + "defaultValue": "Disabled", + "metadata": { + "description": "The public network access for ingestion." + } + } + }, + "resources": [ + { + "type": "Microsoft.OperationalInsights/workspaces", + "apiVersion": "2022-10-01", + "name": "[parameters('name')]", + "location": "[parameters('location')]", + "properties": { + "retentionInDays": 30, + "publicNetworkAccessForIngestion": "[parameters('publicNetworkAccessForIngestion')]", + "publicNetworkAccessForQuery": "Enabled", + "features": { + "immediatePurgeDataOn30Days": true + } + } + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('name')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.OperationalInsights/workspaces', parameters('name'))]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "nsg-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "nsgName": { + "value": "[format('{0}{1}', variables('abbrs').networkNetworkSecurityGroups, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "16619124547797522615" + } + }, + "parameters": { + "nsgName": { + "type": "string", + "defaultValue": "[format('apim-nsg-{0}', uniqueString(resourceGroup().id))]", + "metadata": { + "description": "Name of the NSG for the API Management service." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region where the resources will be deployed" + } + } + }, + "resources": [ + { + "type": "Microsoft.Network/networkSecurityGroups", + "apiVersion": "2024-01-01", + "name": "[parameters('nsgName')]", + "location": "[parameters('location')]", + "properties": { + "securityRules": [ + { + "name": "Client_communication_to_API_Management", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "80", + "sourceAddressPrefix": "Internet", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 100, + "direction": "Inbound" + } + }, + { + "name": "Secure_Client_communication_to_API_Management", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "Internet", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 110, + "direction": "Inbound" + } + }, + { + "name": "Management_endpoint_for_Azure_portal_and_Powershell", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "3443", + "sourceAddressPrefix": "ApiManagement", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 120, + "direction": "Inbound" + } + }, + { + "name": "Dependency_on_Redis_Cache", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "6381-6383", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 130, + "direction": "Inbound" + } + }, + { + "name": "Dependency_to_sync_Rate_Limit_Inbound", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "4290", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 135, + "direction": "Inbound" + } + }, + { + "name": "Dependency_on_Azure_SQL", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "1433", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "Sql", + "access": "Allow", + "priority": 140, + "direction": "Outbound" + } + }, + { + "name": "Dependency_for_Log_to_event_Hub_policy", + "properties": { + "protocol": "*", + "sourcePortRange": "*", + "destinationPortRange": "5671", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "EventHub", + "access": "Allow", + "priority": 150, + "direction": "Outbound" + } + }, + { + "name": "Dependency_on_Redis_Cache_outbound", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "6381-6383", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 160, + "direction": "Outbound" + } + }, + { + "name": "Depenedency_To_sync_RateLimit_Outbound", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "4290", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 165, + "direction": "Outbound" + } + }, + { + "name": "Dependency_on_Azure_File_Share_for_GIT", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "445", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "Storage", + "access": "Allow", + "priority": 170, + "direction": "Outbound" + } + }, + { + "name": "Azure_Infrastructure_Load_Balancer", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "6390", + "sourceAddressPrefix": "AzureLoadBalancer", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 180, + "direction": "Inbound" + } + }, + { + "name": "Publish_DiagnosticLogs_And_Metrics", + "properties": { + "description": "API Management logs and metrics for consumption by admins and your IT team are all part of the management plane", + "protocol": "Tcp", + "sourcePortRange": "*", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "AzureMonitor", + "access": "Allow", + "priority": 185, + "direction": "Outbound", + "destinationPortRanges": [ + "443", + "12000", + "1886" + ] + } + }, + { + "name": "Connect_To_SMTP_Relay_For_SendingEmails", + "properties": { + "description": "APIM features the ability to generate email traffic as part of the data plane and the management plane", + "protocol": "Tcp", + "sourcePortRange": "*", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "Internet", + "access": "Allow", + "priority": 190, + "direction": "Outbound", + "destinationPortRanges": [ + "25", + "587", + "25028" + ] + } + }, + { + "name": "Authenticate_To_Azure_Active_Directory", + "properties": { + "description": "Connect to Azure Active Directory for developer Portal authentication or for OAuth 2 flow during any proxy authentication", + "protocol": "Tcp", + "sourcePortRange": "*", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "AzureActiveDirectory", + "access": "Allow", + "priority": 200, + "direction": "Outbound", + "destinationPortRanges": [ + "80", + "443" + ] + } + }, + { + "name": "Dependency_on_Azure_Storage", + "properties": { + "description": "API Management service dependency on Azure blob and Azure table storage", + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "Storage", + "access": "Allow", + "priority": 100, + "direction": "Outbound" + } + }, + { + "name": "Publish_Monitoring_Logs", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "AzureCloud", + "access": "Allow", + "priority": 300, + "direction": "Outbound" + } + }, + { + "name": "Deny_All_Internet_Outbound", + "properties": { + "protocol": "*", + "sourcePortRange": "*", + "destinationPortRange": "*", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "Internet", + "access": "Deny", + "priority": 999, + "direction": "Outbound" + } + } + ] + } + } + ], + "outputs": { + "id": { + "type": "string", + "value": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('nsgName'))]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "vnet-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "vnetName": { + "value": "[format('{0}{1}', variables('abbrs').networkVirtualNetworks, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "subnetPrefix": { + "value": "[variables('abbrs').networkVirtualNetworksSubnets]" + }, + "apimTier": { + "value": "[parameters('apimTier')]" + }, + "nsgID": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'nsg-deployment'), '2022-09-01').outputs.id.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "9158217012658604749" + } + }, + "parameters": { + "vnetName": { + "type": "string", + "metadata": { + "description": "Name of the vnet resource." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region where the resource will be deployed." + } + }, + "subnetPrefix": { + "type": "string", + "defaultValue": "snet-", + "metadata": { + "description": "Optional prefix to prepend to subnet names." + } + }, + "apimTier": { + "type": "string", + "allowedValues": [ + "Developer", + "StandardV2" + ], + "metadata": { + "description": "APIM tier - used to determine if subnet delegations are required." + } + }, + "nsgID": { + "type": "string", + "metadata": { + "description": "NSG resource ID." + } + } + }, + "resources": [ + { + "type": "Microsoft.Network/virtualNetworks", + "apiVersion": "2024-01-01", + "name": "[parameters('vnetName')]", + "location": "[parameters('location')]", + "properties": { + "addressSpace": { + "addressPrefixes": [ + "10.1.0.0/16" + ] + }, + "subnets": [ + { + "name": "[format('{0}apim', parameters('subnetPrefix'))]", + "properties": { + "addressPrefix": "10.1.0.0/24", + "networkSecurityGroup": { + "id": "[parameters('nsgID')]" + }, + "delegations": "[if(equals(parameters('apimTier'), 'Developer'), createArray(), createArray(createObject('name', 'Microsoft.Web/serverFarms', 'properties', createObject('serviceName', 'Microsoft.Web/serverFarms'))))]" + } + }, + { + "name": "[format('{0}aks', parameters('subnetPrefix'))]", + "properties": { + "addressPrefix": "10.1.1.0/24", + "serviceEndpoints": [ + { + "service": "Microsoft.Storage" + }, + { + "service": "Microsoft.Sql" + }, + { + "service": "Microsoft.EventHub" + } + ] + } + } + ] + } + } + ], + "outputs": { + "vnetId": { + "type": "string", + "value": "[resourceId('Microsoft.Network/virtualNetworks', parameters('vnetName'))]" + }, + "vnetName": { + "type": "string", + "value": "[parameters('vnetName')]" + }, + "apimSubnetId": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('vnetName')), '2024-01-01').subnets[0].id]" + }, + "aksSubnetId": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('vnetName')), '2024-01-01').subnets[1].id]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'nsg-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "aoai-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "openAiName": { + "value": "[format('{0}{1}', variables('abbrs').cognitiveServicesAccounts, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "llmModelName": { + "value": "[parameters('llmModelName')]" + }, + "llmModelVersion": { + "value": "[parameters('llmModelVersion')]" + }, + "llmTpmQuota": { + "value": "[parameters('llmModelQuota')]" + }, + "embeddingModelName": { + "value": "[parameters('embeddingModelName')]" + }, + "embeddingModelVersion": { + "value": "[parameters('embeddingModelVersion')]" + }, + "embeddingTpmQuota": { + "value": "[parameters('embeddingModelQuota')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "15475380690582621771" + } + }, + "parameters": { + "openAiName": { + "type": "string", + "defaultValue": "[format('openai{0}', uniqueString(resourceGroup().id))]", + "metadata": { + "description": "Name of the Azure OpenAI instance" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Location for the Azure OpenAI instance" + } + }, + "llmModelName": { + "type": "string", + "defaultValue": "gpt-4o", + "metadata": { + "description": "LLM model name" + } + }, + "llmModelVersion": { + "type": "string", + "metadata": { + "description": "LLM Model API version" + } + }, + "embeddingModelName": { + "type": "string", + "defaultValue": "text-embedding-ada-002", + "metadata": { + "description": "Embedding model name" + } + }, + "embeddingModelVersion": { + "type": "string", + "metadata": { + "description": "Embedding Model API version" + } + }, + "llmTpmQuota": { + "type": "int", + "defaultValue": 1, + "metadata": { + "description": "TPM quota for llm model deployment (x1000)" + } + }, + "embeddingTpmQuota": { + "type": "int", + "defaultValue": 1, + "metadata": { + "description": "TPM quota for embedding model deployment (x1000)" + } + } + }, + "resources": [ + { + "type": "Microsoft.CognitiveServices/accounts", + "apiVersion": "2024-10-01", + "name": "[parameters('openAiName')]", + "location": "[parameters('location')]", + "sku": { + "name": "S0" + }, + "kind": "OpenAI", + "properties": { + "publicNetworkAccess": "Enabled", + "disableLocalAuth": true + } + }, + { + "type": "Microsoft.CognitiveServices/accounts/deployments", + "apiVersion": "2024-10-01", + "name": "[format('{0}/{1}', parameters('openAiName'), parameters('llmModelName'))]", + "sku": { + "name": "GlobalStandard", + "capacity": "[parameters('llmTpmQuota')]" + }, + "properties": { + "model": { + "format": "OpenAI", + "name": "[parameters('llmModelName')]", + "version": "[parameters('llmModelVersion')]" + }, + "currentCapacity": "[parameters('llmTpmQuota')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.CognitiveServices/accounts', parameters('openAiName'))]" + ] + }, + { + "type": "Microsoft.CognitiveServices/accounts/deployments", + "apiVersion": "2024-10-01", + "name": "[format('{0}/{1}', parameters('openAiName'), parameters('embeddingModelName'))]", + "sku": { + "name": "Standard", + "capacity": "[parameters('embeddingTpmQuota')]" + }, + "properties": { + "model": { + "format": "OpenAI", + "name": "[parameters('embeddingModelName')]", + "version": "[parameters('embeddingModelVersion')]" + }, + "currentCapacity": "[parameters('embeddingTpmQuota')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.CognitiveServices/accounts', parameters('openAiName'))]", + "[resourceId('Microsoft.CognitiveServices/accounts/deployments', parameters('openAiName'), parameters('llmModelName'))]" + ] + } + ], + "outputs": { + "openAiEndpoint": { + "type": "string", + "value": "[reference(resourceId('Microsoft.CognitiveServices/accounts', parameters('openAiName')), '2024-10-01').endpoint]" + }, + "llmModel": { + "type": "string", + "value": "[reference(resourceId('Microsoft.CognitiveServices/accounts/deployments', parameters('openAiName'), parameters('llmModelName')), '2024-10-01').model.name]" + }, + "llmModelDeploymentName": { + "type": "string", + "value": "[parameters('llmModelName')]" + }, + "llmModelApiVersion": { + "type": "string", + "value": "2024-10-01" + }, + "textEmbeddingModel": { + "type": "string", + "value": "[reference(resourceId('Microsoft.CognitiveServices/accounts/deployments', parameters('openAiName'), parameters('embeddingModelName')), '2024-10-01').model.name]" + }, + "textEmbeddingModelDeploymentName": { + "type": "string", + "value": "[parameters('embeddingModelName')]" + }, + "textEmbeddingModelApiVersion": { + "type": "string", + "value": "2024-10-01" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "acr-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "registryName": "[if(not(empty(parameters('acrName'))), createObject('value', parameters('acrName')), createObject('value', format('{0}{1}', variables('abbrs').containerRegistryRegistries, variables('resourceBaseNameFinal'))))]", + "location": { + "value": "[parameters('location')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "3579514199569414551" + } + }, + "parameters": { + "registryName": { + "type": "string", + "metadata": { + "description": "The name of the Container Registry resource. Will be automatically generated if not provided." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the Container Registry resource." + } + } + }, + "resources": [ + { + "type": "Microsoft.ContainerRegistry/registries", + "apiVersion": "2023-11-01-preview", + "name": "[parameters('registryName')]", + "location": "[parameters('location')]", + "sku": { + "name": "Standard" + }, + "properties": { + "adminUserEnabled": false, + "encryption": { + "status": "disabled" + }, + "dataEndpointEnabled": false, + "publicNetworkAccess": "Enabled", + "networkRuleBypassOptions": "AzureServices", + "zoneRedundancy": "Disabled", + "anonymousPullEnabled": false, + "metadataSearch": "Disabled" + } + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('registryName')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registryName'))]" + }, + "loginServer": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerRegistry/registries', parameters('registryName')), '2023-11-01-preview').loginServer]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "aks-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "clusterName": { + "value": "[format('{0}{1}', variables('abbrs').containerServiceManagedClusters, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "graphragVMSize": { + "value": "standard_d8s_v5" + }, + "graphragIndexingVMSize": { + "value": "standard_e8s_v5" + }, + "clusterAdmins": { + "value": null + }, + "logAnalyticsWorkspaceId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'log-analytics-deployment'), '2022-09-01').outputs.id.value]" + }, + "subnetId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.aksSubnetId.value]" + }, + "privateDnsZoneName": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'private-dns-zone-deployment'), '2022-09-01').outputs.name.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "4262586997141187053" + } + }, + "parameters": { + "clusterName": { + "type": "string", + "metadata": { + "description": "The name of the Managed Cluster resource." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the Managed Cluster resource." + } + }, + "logAnalyticsWorkspaceId": { + "type": "string", + "metadata": { + "description": "The workspace id of the Log Analytics resource." + } + }, + "autoUpgradeProfile": { + "type": "object", + "defaultValue": { + "nodeOsUpgradeChannel": "NodeImage", + "upgradeChannel": "stable" + }, + "metadata": { + "description": "The auto-upgrade profile." + } + }, + "dnsPrefix": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Optional DNS prefix to use with hosted Kubernetes API server FQDN." + } + }, + "systemOsDiskSizeGB": { + "type": "int", + "defaultValue": 128, + "minValue": 0, + "maxValue": 1023, + "metadata": { + "description": "Disk size (in GB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Specifying 0 will apply the default disk size for that agentVMSize." + } + }, + "systemNodeCount": { + "type": "int", + "defaultValue": 1, + "minValue": 1, + "maxValue": 20, + "metadata": { + "description": "The number of nodes for the system node pool." + } + }, + "systemVMSize": { + "type": "string", + "defaultValue": "standard_d4s_v5", + "metadata": { + "description": "The size of the system Virtual Machine." + } + }, + "graphragNodeCount": { + "type": "int", + "defaultValue": 1, + "minValue": 1, + "maxValue": 50, + "metadata": { + "description": "The number of nodes for the graphrag node pool." + } + }, + "graphragVMSize": { + "type": "string", + "defaultValue": "standard_d8s_v5", + "metadata": { + "description": "The VM size of nodes running the GraphRAG API." + } + }, + "graphragIndexingVMSize": { + "type": "string", + "defaultValue": "standard_e8s_v5", + "metadata": { + "description": "The VM size of nodes running GraphRAG indexing jobs." + } + }, + "enableEncryptionAtHost": { + "type": "bool", + "defaultValue": false, + "metadata": { + "description": "Enable encryption at host" + } + }, + "subnetId": { + "type": "string" + }, + "privateDnsZoneName": { + "type": "string" + }, + "clusterAdmins": { + "type": "array", + "defaultValue": [], + "metadata": { + "description": "Array of object ids that will have admin role of the cluster" + } + } + }, + "resources": [ + { + "type": "Microsoft.ContainerService/managedClusters/agentPools", + "apiVersion": "2024-02-01", + "name": "[format('{0}/{1}', parameters('clusterName'), 'graphrag')]", + "properties": { + "enableAutoScaling": true, + "upgradeSettings": { + "maxSurge": "50%" + }, + "minCount": 1, + "maxCount": 10, + "osDiskSizeGB": "[parameters('systemOsDiskSizeGB')]", + "count": "[parameters('graphragNodeCount')]", + "vmSize": "[parameters('graphragVMSize')]", + "osType": "Linux", + "mode": "User", + "enableEncryptionAtHost": "[parameters('enableEncryptionAtHost')]", + "vnetSubnetID": "[parameters('subnetId')]", + "nodeLabels": { + "workload": "graphrag" + }, + "tags": { + "workload": "graphrag" + }, + "type": "VirtualMachineScaleSets" + }, + "dependsOn": [ + "[resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName'))]" + ] + }, + { + "type": "Microsoft.ContainerService/managedClusters/agentPools", + "apiVersion": "2024-02-01", + "name": "[format('{0}/{1}', parameters('clusterName'), 'indexing')]", + "properties": { + "enableAutoScaling": true, + "upgradeSettings": { + "maxSurge": "50%" + }, + "minCount": 0, + "maxCount": 10, + "osDiskSizeGB": "[parameters('systemOsDiskSizeGB')]", + "count": 0, + "vmSize": "[parameters('graphragIndexingVMSize')]", + "osType": "Linux", + "mode": "User", + "enableEncryptionAtHost": "[parameters('enableEncryptionAtHost')]", + "vnetSubnetID": "[parameters('subnetId')]", + "nodeLabels": { + "workload": "graphrag-indexing" + }, + "tags": { + "workload": "graphrag" + }, + "type": "VirtualMachineScaleSets" + }, + "dependsOn": [ + "[resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName'))]" + ] + }, + { + "type": "Microsoft.ContainerService/managedClusters", + "apiVersion": "2024-09-02-preview", + "name": "[parameters('clusterName')]", + "location": "[parameters('location')]", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "enableRBAC": true, + "disableLocalAccounts": false, + "dnsPrefix": "[if(not(empty(parameters('dnsPrefix'))), parameters('dnsPrefix'), toLower(parameters('clusterName')))]", + "aadProfile": { + "managed": true, + "enableAzureRBAC": true, + "adminGroupObjectIDs": "[parameters('clusterAdmins')]" + }, + "addonProfiles": { + "omsagent": { + "enabled": true, + "config": { + "logAnalyticsWorkspaceResourceID": "[parameters('logAnalyticsWorkspaceId')]" + } + } + }, + "agentPoolProfiles": [ + { + "name": "agentpool", + "enableAutoScaling": true, + "upgradeSettings": { + "maxSurge": "50%" + }, + "minCount": 1, + "maxCount": 10, + "osDiskSizeGB": "[parameters('systemOsDiskSizeGB')]", + "count": "[parameters('systemNodeCount')]", + "vmSize": "[parameters('systemVMSize')]", + "osType": "Linux", + "mode": "System", + "enableEncryptionAtHost": "[parameters('enableEncryptionAtHost')]", + "vnetSubnetID": "[parameters('subnetId')]", + "type": "VirtualMachineScaleSets" + } + ], + "autoScalerProfile": { + "expander": "least-waste" + }, + "ingressProfile": { + "webAppRouting": { + "enabled": true, + "dnsZoneResourceIds": [ + "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZoneName'))]" + ] + } + }, + "networkProfile": { + "serviceCidr": "10.3.0.0/16", + "dnsServiceIP": "10.3.0.10", + "podCidr": "10.244.0.0/16" + }, + "autoUpgradeProfile": "[parameters('autoUpgradeProfile')]", + "oidcIssuerProfile": { + "enabled": true + }, + "securityProfile": { + "workloadIdentity": { + "enabled": true + } + } + } + }, + { + "type": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", + "apiVersion": "2024-09-02-preview", + "name": "[format('{0}/{1}', parameters('clusterName'), 'aksManagedAutoUpgradeSchedule')]", + "properties": { + "maintenanceWindow": { + "schedule": { + "weekly": { + "intervalWeeks": 1, + "dayOfWeek": "Monday" + } + }, + "durationHours": 4, + "startDate": "2024-06-11", + "startTime": "12:00" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName'))]" + ] + }, + { + "type": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", + "apiVersion": "2024-09-02-preview", + "name": "[format('{0}/{1}', parameters('clusterName'), 'aksManagedNodeOSUpgradeSchedule')]", + "properties": { + "maintenanceWindow": { + "schedule": { + "weekly": { + "intervalWeeks": 1, + "dayOfWeek": "Saturday" + } + }, + "durationHours": 4, + "startDate": "2024-06-11", + "startTime": "12:00" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName'))]" + ] + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('clusterName')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName'))]" + }, + "managedResourceGroup": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName')), '2024-09-02-preview').nodeResourceGroup]" + }, + "controlPlaneFqdn": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName')), '2024-09-02-preview').fqdn]" + }, + "kubeletPrincipalId": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName')), '2024-09-02-preview').identityProfile.kubeletidentity.objectId]" + }, + "ingressWebAppIdentity": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName')), '2024-09-02-preview').ingressProfile.webAppRouting.identity.objectId]" + }, + "systemIdentity": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName')), '2024-09-02-preview', 'full').identity.principalId]" + }, + "issuer": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName')), '2024-09-02-preview').oidcIssuerProfile.issuerURL]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'log-analytics-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'private-dns-zone-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "cosmosdb-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "cosmosDbName": "[if(not(empty(parameters('cosmosDbName'))), createObject('value', parameters('cosmosDbName')), createObject('value', format('{0}{1}', variables('abbrs').documentDBDatabaseAccounts, variables('resourceBaseNameFinal'))))]", + "location": { + "value": "[parameters('location')]" + }, + "publicNetworkAccess": "[if(parameters('enablePrivateEndpoints'), createObject('value', 'Disabled'), createObject('value', 'Enabled'))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "4114639481216656536" + } + }, + "parameters": { + "cosmosDbName": { + "type": "string", + "metadata": { + "description": "The name of the CosmosDB resource." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the CosmosDB resource." + } + }, + "publicNetworkAccess": { + "type": "string", + "defaultValue": "Disabled", + "allowedValues": [ + "Enabled", + "Disabled" + ] + } + }, + "resources": [ + { + "type": "Microsoft.DocumentDB/databaseAccounts", + "apiVersion": "2024-11-15", + "name": "[parameters('cosmosDbName')]", + "location": "[parameters('location')]", + "tags": { + "defaultExperience": "Core (SQL)", + "hidden-cosmos-mmspecial": "" + }, + "kind": "GlobalDocumentDB", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "publicNetworkAccess": "[parameters('publicNetworkAccess')]", + "enableAutomaticFailover": false, + "enableMultipleWriteLocations": false, + "isVirtualNetworkFilterEnabled": false, + "virtualNetworkRules": [], + "disableKeyBasedMetadataWriteAccess": false, + "enableFreeTier": false, + "enableAnalyticalStorage": false, + "analyticalStorageConfiguration": { + "schemaType": "WellDefined" + }, + "databaseAccountOfferType": "Standard", + "defaultIdentity": "FirstPartyIdentity", + "networkAclBypass": "None", + "disableLocalAuth": true, + "enablePartitionMerge": false, + "minimalTlsVersion": "Tls12", + "consistencyPolicy": { + "defaultConsistencyLevel": "Session", + "maxIntervalInSeconds": 5, + "maxStalenessPrefix": 100 + }, + "locations": [ + { + "locationName": "[parameters('location')]", + "failoverPriority": 0, + "isZoneRedundant": false + } + ], + "cors": [], + "capabilities": [], + "ipRules": [], + "backupPolicy": { + "type": "Periodic", + "periodicModeProperties": { + "backupIntervalInMinutes": 240, + "backupRetentionIntervalInHours": 8, + "backupStorageRedundancy": "Geo" + } + }, + "networkAclBypassResourceIds": [], + "capacity": { + "totalThroughputLimit": 4000 + } + } + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('cosmosDbName')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName'))]" + }, + "endpoint": { + "type": "string", + "value": "[reference(resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName')), '2024-11-15').documentEndpoint]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "aisearch-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "name": "[if(not(empty(parameters('aiSearchName'))), createObject('value', parameters('aiSearchName')), createObject('value', format('{0}{1}', variables('abbrs').searchSearchServices, variables('resourceBaseNameFinal'))))]", + "location": { + "value": "[parameters('location')]" + }, + "publicNetworkAccess": "[if(parameters('enablePrivateEndpoints'), createObject('value', 'disabled'), createObject('value', 'enabled'))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "4148789917591925909" + } + }, + "parameters": { + "name": { + "type": "string", + "metadata": { + "description": "The name of the AI Search instance." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the Managed Cluster resource." + } + }, + "publicNetworkAccess": { + "type": "string", + "defaultValue": "enabled", + "allowedValues": [ + "enabled", + "disabled" + ] + } + }, + "resources": [ + { + "type": "Microsoft.Search/searchServices", + "apiVersion": "2024-03-01-preview", + "name": "[parameters('name')]", + "location": "[parameters('location')]", + "sku": { + "name": "standard" + }, + "properties": { + "disableLocalAuth": true, + "replicaCount": 1, + "partitionCount": 1, + "publicNetworkAccess": "[parameters('publicNetworkAccess')]", + "semanticSearch": "disabled" + } + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('name')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.Search/searchServices', parameters('name'))]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "storage-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "name": "[if(not(empty(parameters('storageAccountName'))), createObject('value', parameters('storageAccountName')), createObject('value', format('{0}{1}', variables('abbrs').storageStorageAccounts, replace(variables('resourceBaseNameFinal'), '-', ''))))]", + "location": { + "value": "[parameters('location')]" + }, + "publicNetworkAccess": "[if(parameters('enablePrivateEndpoints'), createObject('value', 'Disabled'), createObject('value', 'Enabled'))]", + "tags": { + "value": "[variables('tags')]" + }, + "deleteRetentionPolicy": { + "value": { + "enabled": true, + "days": 5 + } + }, + "defaultToOAuthAuthentication": { + "value": true + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "5352518107419090409" + } + }, + "parameters": { + "name": { + "type": "string", + "metadata": { + "description": "The name of the Storage Account resource." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the Storage Account resource." + } + }, + "accessTier": { + "type": "string", + "defaultValue": "Hot", + "allowedValues": [ + "Hot", + "Cool", + "Premium" + ] + }, + "dnsEndpointType": { + "type": "string", + "defaultValue": "Standard", + "allowedValues": [ + "AzureDnsZone", + "Standard" + ] + }, + "publicNetworkAccess": { + "type": "string", + "defaultValue": "Disabled", + "allowedValues": [ + "Enabled", + "Disabled" + ] + }, + "tags": { + "type": "object", + "defaultValue": {} + }, + "allowBlobPublicAccess": { + "type": "bool", + "defaultValue": false + }, + "allowCrossTenantReplication": { + "type": "bool", + "defaultValue": true + }, + "allowSharedKeyAccess": { + "type": "bool", + "defaultValue": false + }, + "defaultToOAuthAuthentication": { + "type": "bool", + "defaultValue": false + }, + "deleteRetentionPolicy": { + "type": "object", + "defaultValue": {} + }, + "kind": { + "type": "string", + "defaultValue": "StorageV2" + }, + "minimumTlsVersion": { + "type": "string", + "defaultValue": "TLS1_2" + }, + "containers": { + "type": "array", + "defaultValue": [] + } + }, + "resources": [ + { + "copy": { + "name": "storage::blobServices::container", + "count": "[length(parameters('containers'))]" + }, + "condition": "[not(empty(parameters('containers')))]", + "type": "Microsoft.Storage/storageAccounts/blobServices/containers", + "apiVersion": "2023-01-01", + "name": "[format('{0}/{1}/{2}', parameters('name'), 'default', parameters('containers')[copyIndex()].name)]", + "properties": { + "publicAccess": "[coalesce(tryGet(parameters('containers')[copyIndex()], 'publicAccess'), 'None')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts/blobServices', parameters('name'), 'default')]" + ] + }, + { + "condition": "[not(empty(parameters('containers')))]", + "type": "Microsoft.Storage/storageAccounts/blobServices", + "apiVersion": "2023-01-01", + "name": "[format('{0}/{1}', parameters('name'), 'default')]", + "properties": { + "deleteRetentionPolicy": "[parameters('deleteRetentionPolicy')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', parameters('name'))]" + ] + }, + { + "type": "Microsoft.Storage/storageAccounts", + "apiVersion": "2023-01-01", + "name": "[parameters('name')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "kind": "[parameters('kind')]", + "sku": { + "name": "Standard_LRS" + }, + "properties": { + "accessTier": "[parameters('accessTier')]", + "allowBlobPublicAccess": "[parameters('allowBlobPublicAccess')]", + "allowCrossTenantReplication": "[parameters('allowCrossTenantReplication')]", + "allowSharedKeyAccess": "[parameters('allowSharedKeyAccess')]", + "defaultToOAuthAuthentication": "[parameters('defaultToOAuthAuthentication')]", + "dnsEndpointType": "[parameters('dnsEndpointType')]", + "isHnsEnabled": true, + "minimumTlsVersion": "[parameters('minimumTlsVersion')]", + "networkAcls": { + "bypass": "AzureServices", + "defaultAction": "Allow" + }, + "publicNetworkAccess": "[parameters('publicNetworkAccess')]" + } + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('name')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.Storage/storageAccounts', parameters('name'))]" + }, + "primaryEndpoints": { + "type": "object", + "value": "[reference(resourceId('Microsoft.Storage/storageAccounts', parameters('name')), '2023-01-01').primaryEndpoints]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "app-insights-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "appInsightsName": { + "value": "[format('{0}{1}', variables('abbrs').insightsComponents, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "appInsightsPublicNetworkAccessForIngestion": "[if(parameters('enablePrivateEndpoints'), createObject('value', 'Disabled'), createObject('value', 'Enabled'))]", + "logAnalyticsWorkspaceId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'log-analytics-deployment'), '2022-09-01').outputs.id.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "11002141915701219380" + } + }, + "parameters": { + "appInsightsName": { + "type": "string", + "defaultValue": "appi", + "metadata": { + "description": "Application Insights resource name" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region where the resources will be deployed" + } + }, + "appInsightsPublicNetworkAccessForIngestion": { + "type": "string", + "defaultValue": "Disabled", + "metadata": { + "description": "Application Insights public network access for ingestion" + } + }, + "logAnalyticsWorkspaceId": { + "type": "string", + "metadata": { + "description": "Workspace id of a Log Analytics resource." + } + } + }, + "resources": [ + { + "type": "Microsoft.Insights/components", + "apiVersion": "2020-02-02", + "name": "[parameters('appInsightsName')]", + "location": "[parameters('location')]", + "kind": "web", + "properties": { + "Application_Type": "web", + "WorkspaceResourceId": "[parameters('logAnalyticsWorkspaceId')]", + "publicNetworkAccessForIngestion": "[parameters('appInsightsPublicNetworkAccessForIngestion')]", + "publicNetworkAccessForQuery": "Enabled" + } + } + ], + "outputs": { + "id": { + "type": "string", + "value": "[resourceId('Microsoft.Insights/components', parameters('appInsightsName'))]" + }, + "connectionString": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Insights/components', parameters('appInsightsName')), '2020-02-02').ConnectionString]" + }, + "instrumentationKey": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Insights/components', parameters('appInsightsName')), '2020-02-02').InstrumentationKey]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'log-analytics-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "apim-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "apiManagementName": "[if(not(empty(parameters('apimName'))), createObject('value', parameters('apimName')), createObject('value', format('{0}{1}', variables('abbrs').apiManagementService, variables('resourceBaseNameFinal'))))]", + "restoreAPIM": { + "value": "[parameters('restoreAPIM')]" + }, + "appInsightsId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'app-insights-deployment'), '2022-09-01').outputs.id.value]" + }, + "appInsightsInstrumentationKey": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'app-insights-deployment'), '2022-09-01').outputs.instrumentationKey.value]" + }, + "publicIpName": { + "value": "[format('{0}{1}', variables('abbrs').networkPublicIPAddresses, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "sku": { + "value": "[parameters('apimTier')]" + }, + "skuCount": { + "value": 1 + }, + "availabilityZones": { + "value": [] + }, + "publisherEmail": { + "value": "[parameters('apiPublisherEmail')]" + }, + "publisherName": { + "value": "[parameters('apiPublisherName')]" + }, + "subnetId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.apimSubnetId.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "14843923724157327855" + } + }, + "parameters": { + "apiManagementName": { + "type": "string", + "defaultValue": "[format('apiservice{0}', uniqueString(resourceGroup().id))]", + "metadata": { + "description": "The name of the API Management service instance" + } + }, + "publisherEmail": { + "type": "string", + "minLength": 1, + "metadata": { + "description": "The email address of the owner of the service" + } + }, + "publisherName": { + "type": "string", + "minLength": 1, + "metadata": { + "description": "The name of the owner of the service" + } + }, + "sku": { + "type": "string", + "defaultValue": "Developer", + "allowedValues": [ + "Developer", + "StandardV2" + ], + "metadata": { + "description": "The pricing tier of this API Management service" + } + }, + "skuCount": { + "type": "int", + "defaultValue": 1, + "metadata": { + "description": "The instance size of this API Management service. This should be a multiple of the number of availability zones getting deployed." + } + }, + "appInsightsId": { + "type": "string", + "metadata": { + "description": "Application Insights resource ID" + } + }, + "appInsightsInstrumentationKey": { + "type": "string", + "metadata": { + "description": "Application Insights instrumentation key" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region where the resources will be deployed" + } + }, + "availabilityZones": { + "type": "array", + "defaultValue": [ + "1", + "2" + ], + "metadata": { + "description": "Numbers for availability zones, for example, 1,2,3." + } + }, + "publicIpName": { + "type": "string", + "defaultValue": "apimPublicIP", + "metadata": { + "description": "Name for the public IP address used to access the API Management service." + } + }, + "publicIpSku": { + "type": "string", + "defaultValue": "Standard", + "allowedValues": [ + "Standard" + ], + "metadata": { + "description": "SKU for the public IP address used to access the API Management service." + } + }, + "publicIPAllocationMethod": { + "type": "string", + "defaultValue": "Static", + "allowedValues": [ + "Static" + ], + "metadata": { + "description": "Allocation method for the public IP address used to access the API Management service. Standard SKU public IP requires `Static` allocation." + } + }, + "dnsLabelPrefix": { + "type": "string", + "defaultValue": "[toLower(format('{0}-{1}', parameters('publicIpName'), uniqueString(resourceGroup().id)))]", + "metadata": { + "description": "Unique DNS name for the public IP address used to access the API management service." + } + }, + "restoreAPIM": { + "type": "bool", + "defaultValue": false + }, + "subnetId": { + "type": "string" + } + }, + "resources": [ + { + "type": "Microsoft.Network/publicIPAddresses", + "apiVersion": "2024-01-01", + "name": "[parameters('publicIpName')]", + "location": "[parameters('location')]", + "sku": { + "name": "[parameters('publicIpSku')]" + }, + "properties": { + "publicIPAllocationMethod": "[parameters('publicIPAllocationMethod')]", + "publicIPAddressVersion": "IPv4", + "dnsSettings": { + "domainNameLabel": "[parameters('dnsLabelPrefix')]" + } + } + }, + { + "type": "Microsoft.ApiManagement/service", + "apiVersion": "2023-09-01-preview", + "name": "[parameters('apiManagementName')]", + "location": "[parameters('location')]", + "sku": { + "name": "[parameters('sku')]", + "capacity": "[parameters('skuCount')]" + }, + "zones": "[if(equals(length(parameters('availabilityZones')), 0), null(), parameters('availabilityZones'))]", + "properties": { + "restore": "[parameters('restoreAPIM')]", + "publisherEmail": "[parameters('publisherEmail')]", + "publisherName": "[parameters('publisherName')]", + "virtualNetworkType": "External", + "publicIpAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))]", + "virtualNetworkConfiguration": { + "subnetResourceId": "[parameters('subnetId')]" + }, + "customProperties": { + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Protocols.Server.Http2": "false" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))]" + ] + }, + { + "type": "Microsoft.ApiManagement/service/loggers", + "apiVersion": "2024-06-01-preview", + "name": "[format('{0}/{1}', parameters('apiManagementName'), 'apimLogger')]", + "properties": { + "credentials": { + "instrumentationKey": "[parameters('appInsightsInstrumentationKey')]" + }, + "description": "Application Insights for APIM", + "loggerType": "applicationInsights", + "resourceId": "[parameters('appInsightsId')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.ApiManagement/service', parameters('apiManagementName'))]" + ] + }, + { + "type": "Microsoft.ApiManagement/service/diagnostics", + "apiVersion": "2023-09-01-preview", + "name": "[format('{0}/{1}', parameters('apiManagementName'), 'applicationinsights')]", + "properties": { + "loggerId": "[resourceId('Microsoft.ApiManagement/service/loggers', parameters('apiManagementName'), 'apimLogger')]", + "alwaysLog": "allErrors", + "verbosity": "information", + "sampling": { + "percentage": 100, + "samplingType": "fixed" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.ApiManagement/service', parameters('apiManagementName'))]", + "[resourceId('Microsoft.ApiManagement/service/loggers', parameters('apiManagementName'), 'apimLogger')]" + ] + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('apiManagementName')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.ApiManagement/service', parameters('apiManagementName'))]" + }, + "apimGatewayUrl": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ApiManagement/service', parameters('apiManagementName')), '2023-09-01-preview').gatewayUrl]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'app-insights-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "graphrag-api-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "apimname": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'apim-deployment'), '2022-09-01').outputs.name.value]" + }, + "backendUrl": { + "value": "[variables('appUrl')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "2670804874768629752" + } + }, + "parameters": { + "apimname": { + "type": "string" + }, + "backendUrl": { + "type": "string" + } + }, + "resources": [ + { + "type": "Microsoft.ApiManagement/service/apis/operations", + "apiVersion": "2023-09-01-preview", + "name": "[format('{0}/{1}/{2}', split(format('{0}/documentation', parameters('apimname')), '/')[0], split(format('{0}/documentation', parameters('apimname')), '/')[1], 'docs')]", + "properties": { + "displayName": "docs", + "method": "GET", + "urlTemplate": "/docs", + "templateParameters": [], + "responses": [] + }, + "dependsOn": [ + "[resourceId('Microsoft.ApiManagement/service/apis', split(format('{0}/documentation', parameters('apimname')), '/')[0], split(format('{0}/documentation', parameters('apimname')), '/')[1])]" + ] + }, + { + "type": "Microsoft.ApiManagement/service/apis/operations", + "apiVersion": "2023-09-01-preview", + "name": "[format('{0}/{1}/{2}', split(format('{0}/documentation', parameters('apimname')), '/')[0], split(format('{0}/documentation', parameters('apimname')), '/')[1], 'openapi')]", + "properties": { + "displayName": "openapi", + "method": "GET", + "urlTemplate": "/openapi.json", + "templateParameters": [], + "responses": [] + }, + "dependsOn": [ + "[resourceId('Microsoft.ApiManagement/service/apis', split(format('{0}/documentation', parameters('apimname')), '/')[0], split(format('{0}/documentation', parameters('apimname')), '/')[1])]" + ] + }, + { + "type": "Microsoft.ApiManagement/service/apis", + "apiVersion": "2023-09-01-preview", + "name": "[format('{0}/documentation', parameters('apimname'))]", + "properties": { + "displayName": "documentation", + "apiRevision": "1", + "subscriptionRequired": false, + "serviceUrl": "[format('{0}/manpage', parameters('backendUrl'))]", + "path": "manpage", + "protocols": [ + "https" + ], + "authenticationSettings": { + "oAuth2AuthenticationSettings": [], + "openidAuthenticationSettings": [] + }, + "subscriptionKeyParameterNames": { + "header": "Ocp-Apim-Subscription-Key", + "query": "subscription-key" + }, + "isCurrent": true + } + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'apim-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "workload-identity-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "name": { + "value": "[variables('workloadIdentityName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "federatedCredentials": { + "value": { + "aks-workload-identity": { + "issuer": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.issuer.value]", + "audiences": [ + "api://AzureADTokenExchange" + ], + "subject": "[variables('workloadIdentitySubject')]" + } + } + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "17962046310475786003" + } + }, + "parameters": { + "name": { + "type": "string", + "metadata": { + "description": "The name of the identity" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the identity" + } + }, + "federatedCredentials": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "federated name: FederatedIdentityCredentialProperties. See https://learn.microsoft.com/en-us/azure/templates/microsoft.managedidentity/userassignedidentities/federatedidentitycredentials?pivots=deployment-language-bicep#federatedidentitycredentialproperties" + } + } + }, + "resources": [ + { + "type": "Microsoft.ManagedIdentity/userAssignedIdentities", + "apiVersion": "2023-01-31", + "name": "[parameters('name')]", + "location": "[parameters('location')]" + }, + { + "copy": { + "name": "federatedCredentialResources", + "count": "[length(items(parameters('federatedCredentials')))]" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials", + "apiVersion": "2023-01-31", + "name": "[format('{0}/{1}', parameters('name'), items(parameters('federatedCredentials'))[copyIndex()].key)]", + "properties": "[items(parameters('federatedCredentials'))[copyIndex()].value]", + "dependsOn": [ + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('name'))]" + ] + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('name')]" + }, + "clientId": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('name')), '2023-01-31').clientId]" + }, + "principalId": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('name')), '2023-01-31').principalId]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'aks-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "private-dns-zone-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "name": { + "value": "[variables('dnsDomain')]" + }, + "vnetNames": { + "value": [ + "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.vnetName.value]" + ] + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "languageVersion": "2.0", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13258802455944913421" + } + }, + "parameters": { + "name": { + "type": "string", + "metadata": { + "description": "The name of the private DNS zone." + } + }, + "vnetNames": { + "type": "array", + "items": { + "type": "string" + }, + "metadata": { + "description": "The name of the virtual networks the DNS zone should be associated with." + } + } + }, + "resources": { + "dnsZone": { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[parameters('name')]", + "location": "global", + "properties": {} + }, + "vnets": { + "copy": { + "name": "vnets", + "count": "[length(parameters('vnetNames'))]" + }, + "existing": true, + "type": "Microsoft.Network/virtualNetworks", + "apiVersion": "2024-01-01", + "name": "[parameters('vnetNames')[copyIndex()]]" + }, + "dnsZoneLinks": { + "copy": { + "name": "dnsZoneLinks", + "count": "[length(parameters('vnetNames'))]" + }, + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', parameters('name'), parameters('vnetNames')[copyIndex()])]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[resourceId('Microsoft.Network/virtualNetworks', parameters('vnetNames')[copyIndex()])]" + } + }, + "dependsOn": [ + "dnsZone" + ] + } + }, + "outputs": { + "name": { + "type": "string", + "value": "[parameters('name')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.Network/privateDnsZones', parameters('name'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "condition": "[parameters('enablePrivateEndpoints')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "privatelink-private-dns-zones-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "linkedVnetIds": { + "value": [ + "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.vnetId.value]" + ] + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "1905656724149562282" + } + }, + "parameters": { + "linkedVnetIds": { + "type": "array", + "metadata": { + "description": "Virtual Network IDs to link to" + } + } + }, + "variables": { + "$fxv#0": { + "azureCloud": { + "azureMonitor": [ + "privatelink.monitor.azure.com", + "privatelink.oms.opinsights.azure.com", + "privatelink.agentsvc.azure-automation.net", + "privatelink.ods.opinsights.azure.com" + ] + }, + "azureusgovernment": { + "azureMonitor": [ + "privatelink.monitor.azure.us", + "privatelink.oms.opinsights.azure.us", + "privatelink.agentsvc.azure-automation.us", + "privatelink.ods.opinsights.azure.us" + ] + } + }, + "aiSearchPrivateDnsZoneName": "privatelink.search.windows.net", + "blobStoragePrivateDnsZoneName": "[format('privatelink.blob.{0}', environment().suffixes.storage)]", + "cosmosDbPrivateDnsZoneName": "privatelink.documents.azure.com", + "storagePrivateDnsZoneNames": [ + "[variables('blobStoragePrivateDnsZoneName')]" + ], + "privateDnsZoneData": "[variables('$fxv#0')]", + "cloudName": "[toLower(environment().name)]", + "azureMonitorPrivateDnsZones": "[variables('privateDnsZoneData')[variables('cloudName')].azureMonitor]", + "privateDnsZones": "[union(variables('azureMonitorPrivateDnsZones'), variables('storagePrivateDnsZoneNames'), createArray(variables('cosmosDbPrivateDnsZoneName')), createArray(variables('aiSearchPrivateDnsZoneName')))]" + }, + "resources": [ + { + "copy": { + "name": "privateDnsZoneResources", + "count": "[length(variables('privateDnsZones'))]" + }, + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('privateDnsZones')[copyIndex()]]", + "location": "global" + }, + { + "copy": { + "name": "dnsVnetLinks", + "count": "[length(variables('privateDnsZones'))]" + }, + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[replace(variables('privateDnsZones')[copyIndex()], '.', '-')]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "privateDnsZoneName": { + "value": "[variables('privateDnsZones')[copyIndex()]]" + }, + "vnetIds": { + "value": "[parameters('linkedVnetIds')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "9115361788050213720" + } + }, + "parameters": { + "privateDnsZoneName": { + "type": "string" + }, + "vnetIds": { + "type": "array" + } + }, + "resources": [ + { + "copy": { + "name": "dnsVnetLinks", + "count": "[length(parameters('vnetIds'))]" + }, + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', parameters('privateDnsZoneName'), format('{0}-{1}', replace(parameters('privateDnsZoneName'), '.', '-'), uniqueString(parameters('vnetIds')[copyIndex()])))]", + "location": "global", + "properties": { + "virtualNetwork": { + "id": "[parameters('vnetIds')[copyIndex()]]" + }, + "registrationEnabled": false + } + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZones')[copyIndex()])]" + ] + } + ], + "outputs": { + "azureMonitorPrivateDnsZoneConfigs": { + "type": "array", + "copy": { + "count": "[length(union(variables('azureMonitorPrivateDnsZones'), createArray(variables('blobStoragePrivateDnsZoneName'))))]", + "input": { + "name": "[variables('privateDnsZones')[indexOf(variables('privateDnsZones'), union(variables('azureMonitorPrivateDnsZones'), createArray(variables('blobStoragePrivateDnsZoneName')))[copyIndex()])]]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZones')[indexOf(variables('privateDnsZones'), union(variables('azureMonitorPrivateDnsZones'), createArray(variables('blobStoragePrivateDnsZoneName')))[copyIndex()])])]" + } + } + } + }, + "blobStoragePrivateDnsZoneConfigs": { + "type": "array", + "value": [ + { + "name": "[variables('blobStoragePrivateDnsZoneName')]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZones')[indexOf(variables('privateDnsZones'), variables('blobStoragePrivateDnsZoneName'))])]" + } + } + ] + }, + "cosmosDbPrivateDnsZoneConfigs": { + "type": "array", + "value": [ + { + "name": "[variables('privateDnsZones')[indexOf(variables('privateDnsZones'), variables('cosmosDbPrivateDnsZoneName'))]]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZones')[indexOf(variables('privateDnsZones'), variables('cosmosDbPrivateDnsZoneName'))])]" + } + } + ] + }, + "aiSearchPrivateDnsZoneConfigs": { + "type": "array", + "value": [ + { + "name": "[variables('privateDnsZones')[indexOf(variables('privateDnsZones'), variables('aiSearchPrivateDnsZoneName'))]]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZones')[indexOf(variables('privateDnsZones'), variables('aiSearchPrivateDnsZoneName'))])]" + } + } + ] + }, + "privateDnsZones": { + "type": "array", + "value": "[variables('privateDnsZones')]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "condition": "[parameters('enablePrivateEndpoints')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "azure-monitor-privatelink-scope-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "privateLinkScopeName": { + "value": "[format('pls-{0}', variables('resourceBaseNameFinal'))]" + }, + "privateLinkScopedResources": { + "value": [ + "[reference(resourceId('Microsoft.Resources/deployments', 'log-analytics-deployment'), '2022-09-01').outputs.id.value]", + "[reference(resourceId('Microsoft.Resources/deployments', 'app-insights-deployment'), '2022-09-01').outputs.id.value]" + ] + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "6906230456894515846" + } + }, + "parameters": { + "privateLinkScopeName": { + "type": "string" + }, + "privateLinkScopedResources": { + "type": "array", + "defaultValue": [] + }, + "queryAccessMode": { + "type": "string", + "defaultValue": "Open" + }, + "ingestionAccessMode": { + "type": "string", + "defaultValue": "PrivateOnly" + } + }, + "resources": [ + { + "type": "microsoft.insights/privateLinkScopes", + "apiVersion": "2021-07-01-preview", + "name": "[parameters('privateLinkScopeName')]", + "location": "global", + "properties": { + "accessModeSettings": { + "queryAccessMode": "[parameters('queryAccessMode')]", + "ingestionAccessMode": "[parameters('ingestionAccessMode')]" + } + } + }, + { + "copy": { + "name": "scopedResources", + "count": "[length(parameters('privateLinkScopedResources'))]" + }, + "type": "Microsoft.Insights/privateLinkScopes/scopedResources", + "apiVersion": "2021-07-01-preview", + "name": "[format('{0}/{1}', parameters('privateLinkScopeName'), uniqueString(parameters('privateLinkScopedResources')[copyIndex()]))]", + "properties": { + "linkedResourceId": "[parameters('privateLinkScopedResources')[copyIndex()]]" + }, + "dependsOn": [ + "[resourceId('microsoft.insights/privateLinkScopes', parameters('privateLinkScopeName'))]" + ] + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('privateLinkScopeName')]" + }, + "id": { + "type": "string", + "value": "[resourceId('microsoft.insights/privateLinkScopes', parameters('privateLinkScopeName'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'app-insights-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'log-analytics-deployment')]" + ] + }, + { + "condition": "[parameters('enablePrivateEndpoints')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "cosmosDb-private-endpoint-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "privateEndpointName": { + "value": "[format('{0}cosmos-{1}', variables('abbrs').privateEndpoint, reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.name.value)]" + }, + "location": { + "value": "[parameters('location')]" + }, + "privateLinkServiceId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.id.value]" + }, + "subnetId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.aksSubnetId.value]" + }, + "groupId": { + "value": "Sql" + }, + "privateDnsZoneConfigs": "[if(parameters('enablePrivateEndpoints'), createObject('value', reference(resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment'), '2022-09-01').outputs.cosmosDbPrivateDnsZoneConfigs.value), createObject('value', createArray()))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13335949838347044523" + } + }, + "parameters": { + "privateLinkServiceId": { + "type": "string", + "metadata": { + "description": "Resource ID of service the private endpoint is for" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "The resource ID of the subnet to deploy the private endpoint to" + } + }, + "privateDnsZoneConfigs": { + "type": "array", + "metadata": { + "description": "Map of group id to array of private dns zone configs to associate with the private endpoint" + } + }, + "privateEndpointName": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]" + } + }, + "resources": [ + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2021-05-01", + "name": "[parameters('privateEndpointName')]", + "location": "[parameters('location')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('privateEndpointName')]", + "properties": { + "privateLinkServiceId": "[parameters('privateLinkServiceId')]", + "groupIds": [ + "[parameters('groupId')]" + ] + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + } + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2021-05-01", + "name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('groupId'))]", + "properties": { + "privateDnsZoneConfigs": "[parameters('privateDnsZoneConfigs')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpointName'))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "condition": "[parameters('enablePrivateEndpoints')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "blob-storage-private-endpoint-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "privateEndpointName": { + "value": "[format('{0}blob-{1}', variables('abbrs').privateEndpoint, reference(resourceId('Microsoft.Resources/deployments', 'storage-deployment'), '2022-09-01').outputs.name.value)]" + }, + "location": { + "value": "[parameters('location')]" + }, + "privateLinkServiceId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'storage-deployment'), '2022-09-01').outputs.id.value]" + }, + "subnetId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.aksSubnetId.value]" + }, + "groupId": { + "value": "blob" + }, + "privateDnsZoneConfigs": "[if(parameters('enablePrivateEndpoints'), createObject('value', reference(resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment'), '2022-09-01').outputs.blobStoragePrivateDnsZoneConfigs.value), createObject('value', createArray()))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13335949838347044523" + } + }, + "parameters": { + "privateLinkServiceId": { + "type": "string", + "metadata": { + "description": "Resource ID of service the private endpoint is for" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "The resource ID of the subnet to deploy the private endpoint to" + } + }, + "privateDnsZoneConfigs": { + "type": "array", + "metadata": { + "description": "Map of group id to array of private dns zone configs to associate with the private endpoint" + } + }, + "privateEndpointName": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]" + } + }, + "resources": [ + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2021-05-01", + "name": "[parameters('privateEndpointName')]", + "location": "[parameters('location')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('privateEndpointName')]", + "properties": { + "privateLinkServiceId": "[parameters('privateLinkServiceId')]", + "groupIds": [ + "[parameters('groupId')]" + ] + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + } + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2021-05-01", + "name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('groupId'))]", + "properties": { + "privateDnsZoneConfigs": "[parameters('privateDnsZoneConfigs')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpointName'))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'storage-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "condition": "[parameters('enablePrivateEndpoints')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "ai-search-private-endpoint-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "privateEndpointName": { + "value": "[format('{0}search-{1}', variables('abbrs').privateEndpoint, reference(resourceId('Microsoft.Resources/deployments', 'aisearch-deployment'), '2022-09-01').outputs.name.value)]" + }, + "location": { + "value": "[parameters('location')]" + }, + "privateLinkServiceId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aisearch-deployment'), '2022-09-01').outputs.id.value]" + }, + "subnetId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.aksSubnetId.value]" + }, + "groupId": { + "value": "searchService" + }, + "privateDnsZoneConfigs": "[if(parameters('enablePrivateEndpoints'), createObject('value', reference(resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment'), '2022-09-01').outputs.aiSearchPrivateDnsZoneConfigs.value), createObject('value', createArray()))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13335949838347044523" + } + }, + "parameters": { + "privateLinkServiceId": { + "type": "string", + "metadata": { + "description": "Resource ID of service the private endpoint is for" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "The resource ID of the subnet to deploy the private endpoint to" + } + }, + "privateDnsZoneConfigs": { + "type": "array", + "metadata": { + "description": "Map of group id to array of private dns zone configs to associate with the private endpoint" + } + }, + "privateEndpointName": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]" + } + }, + "resources": [ + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2021-05-01", + "name": "[parameters('privateEndpointName')]", + "location": "[parameters('location')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('privateEndpointName')]", + "properties": { + "privateLinkServiceId": "[parameters('privateLinkServiceId')]", + "groupIds": [ + "[parameters('groupId')]" + ] + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + } + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2021-05-01", + "name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('groupId'))]", + "properties": { + "privateDnsZoneConfigs": "[parameters('privateDnsZoneConfigs')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpointName'))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'aisearch-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "condition": "[parameters('enablePrivateEndpoints')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "privatelink-scope-private-endpoint-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "privateEndpointName": { + "value": "[format('{0}pls-{1}', variables('abbrs').privateEndpoint, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "privateLinkServiceId": "[if(parameters('enablePrivateEndpoints'), createObject('value', reference(resourceId('Microsoft.Resources/deployments', 'azure-monitor-privatelink-scope-deployment'), '2022-09-01').outputs.id.value), createObject('value', ''))]", + "subnetId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.aksSubnetId.value]" + }, + "groupId": { + "value": "azuremonitor" + }, + "privateDnsZoneConfigs": "[if(parameters('enablePrivateEndpoints'), createObject('value', reference(resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment'), '2022-09-01').outputs.azureMonitorPrivateDnsZoneConfigs.value), createObject('value', createArray()))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13335949838347044523" + } + }, + "parameters": { + "privateLinkServiceId": { + "type": "string", + "metadata": { + "description": "Resource ID of service the private endpoint is for" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "The resource ID of the subnet to deploy the private endpoint to" + } + }, + "privateDnsZoneConfigs": { + "type": "array", + "metadata": { + "description": "Map of group id to array of private dns zone configs to associate with the private endpoint" + } + }, + "privateEndpointName": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]" + } + }, + "resources": [ + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2021-05-01", + "name": "[parameters('privateEndpointName')]", + "location": "[parameters('location')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('privateEndpointName')]", + "properties": { + "privateLinkServiceId": "[parameters('privateLinkServiceId')]", + "groupIds": [ + "[parameters('groupId')]" + ] + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + } + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2021-05-01", + "name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('groupId'))]", + "properties": { + "privateDnsZoneConfigs": "[parameters('privateDnsZoneConfigs')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpointName'))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'azure-monitor-privatelink-scope-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[parameters('utcString')]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "utcValue": { + "value": "[parameters('utcString')]" + }, + "name": { + "value": "graphragscript" + }, + "location": { + "value": "[parameters('location')]" + }, + "subscriptionId": { + "value": "[subscription().id]" + }, + "tenantid": { + "value": "[tenant().tenantId]" + }, + "acrserver": { + "value": "graphrag.azure.acr.io" + }, + "azure_location": { + "value": "[parameters('location')]" + }, + "azure_acr_login_server": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'acr-deployment'), '2022-09-01').outputs.loginServer.value]" + }, + "azure_acr_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'acr-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_aks_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_aks_controlplanefqdn": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.controlPlaneFqdn.value]" + }, + "azure_aks_managed_rg": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.managedResourceGroup.value]" + }, + "azure_aks_service_account_name": { + "value": "[variables('aksServiceAccountName')]" + }, + "imagename": { + "value": "[parameters('graphragimage')]" + }, + "imageversion": { + "value": "[parameters('graphragimageversion')]" + }, + "azure_apim_gateway_url": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'apim-deployment'), '2022-09-01').outputs.apimGatewayUrl.value]" + }, + "azure_apim_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'apim-deployment'), '2022-09-01').outputs.name.value]" + }, + "managed_identity_aks": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.systemIdentity.value]" + }, + "script_file": { + "value": "[variables('$fxv#1')]" + }, + "ai_search_name": { + "value": "aisearch-deployment" + }, + "azure_aoai_endpoint": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.openAiEndpoint.value]" + }, + "azure_aoai_llm_model": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.llmModel.value]" + }, + "azure_aoai_llm_model_deployment_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.llmModelDeploymentName.value]" + }, + "azure_aoai_llm_model_api_version": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.llmModelApiVersion.value]" + }, + "azure_aoai_embedding_model": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.textEmbeddingModel.value]" + }, + "azure_aoai_embedding_model_deployment_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.textEmbeddingModelDeploymentName.value]" + }, + "azure_aoai_embedding_model_api_version": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.textEmbeddingModelApiVersion.value]" + }, + "azure_app_hostname": { + "value": "[variables('appHostname')]" + }, + "azure_app_url": { + "value": "[variables('appUrl')]" + }, + "azure_app_insights_connection_string": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'app-insights-deployment'), '2022-09-01').outputs.connectionString.value]" + }, + "azure_cosmosdb_endpoint": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.endpoint.value]" + }, + "azure_cosmosdb_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_cosmosdb_id": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.id.value]" + }, + "azure_dns_zone_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'private-dns-zone-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_storage_account": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'storage-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_storage_account_blob_url": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'storage-deployment'), '2022-09-01').outputs.primaryEndpoints.value.blob]" + }, + "azure_workload_identity_client_id": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.clientId.value]" + }, + "azure_workload_identity_principal_id": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.principalId.value]" + }, + "azure_workload_identity_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.name.value]" + }, + "public_storage_account_name": { + "value": "[parameters('publicStorageAccountName')]" + }, + "public_storage_account_key": { + "value": "[parameters('publicStorageAccountKey')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "17195102145442235485" + } + }, + "parameters": { + "name": { + "type": "string" + }, + "utcValue": { + "type": "string" + }, + "location": { + "type": "string" + }, + "subscriptionId": { + "type": "string" + }, + "tenantid": { + "type": "string" + }, + "acrserver": { + "type": "string" + }, + "azure_location": { + "type": "string" + }, + "azure_acr_login_server": { + "type": "string" + }, + "azure_acr_name": { + "type": "string" + }, + "azure_aks_name": { + "type": "string" + }, + "azure_aks_controlplanefqdn": { + "type": "string" + }, + "azure_aks_managed_rg": { + "type": "string" + }, + "azure_aks_service_account_name": { + "type": "string" + }, + "azure_apim_gateway_url": { + "type": "string" + }, + "azure_apim_name": { + "type": "string" + }, + "managed_identity_aks": { + "type": "string" + }, + "ai_search_name": { + "type": "string" + }, + "imagename": { + "type": "string" + }, + "imageversion": { + "type": "string" + }, + "script_file": { + "type": "string" + }, + "azure_aoai_endpoint": { + "type": "string" + }, + "azure_aoai_llm_model": { + "type": "string" + }, + "azure_aoai_llm_model_deployment_name": { + "type": "string" + }, + "azure_aoai_llm_model_api_version": { + "type": "string" + }, + "azure_aoai_embedding_model": { + "type": "string" + }, + "azure_aoai_embedding_model_deployment_name": { + "type": "string" + }, + "azure_aoai_embedding_model_api_version": { + "type": "string" + }, + "azure_app_hostname": { + "type": "string" + }, + "azure_app_url": { + "type": "string" + }, + "azure_app_insights_connection_string": { + "type": "string" + }, + "azure_cosmosdb_endpoint": { + "type": "string" + }, + "azure_cosmosdb_name": { + "type": "string" + }, + "azure_cosmosdb_id": { + "type": "string" + }, + "azure_dns_zone_name": { + "type": "string" + }, + "azure_storage_account": { + "type": "string" + }, + "azure_storage_account_blob_url": { + "type": "string" + }, + "azure_workload_identity_client_id": { + "type": "string" + }, + "azure_workload_identity_principal_id": { + "type": "string" + }, + "azure_workload_identity_name": { + "type": "string" + }, + "cognitive_services_audience": { + "type": "string", + "defaultValue": "https://cognitiveservices.azure.com/default" + }, + "public_storage_account_name": { + "type": "string" + }, + "public_storage_account_key": { + "type": "string" + } + }, + "variables": { + "clusterAdminRoleDefinitionId": "[resourceId('Microsoft.Authorization/roleDefinitions', '0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8')]" + }, + "resources": [ + { + "type": "Microsoft.ManagedIdentity/userAssignedIdentities", + "apiVersion": "2023-01-31", + "name": "[uniqueString(resourceGroup().id)]", + "location": "[parameters('location')]" + }, + { + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "scope": "[format('Microsoft.ContainerService/managedClusters/{0}', parameters('azure_aks_name'))]", + "name": "[guid(parameters('managed_identity_aks'), resourceId('Microsoft.ContainerService/managedClusters', parameters('azure_aks_name')), variables('clusterAdminRoleDefinitionId'))]", + "properties": { + "roleDefinitionId": "[variables('clusterAdminRoleDefinitionId')]", + "principalId": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', uniqueString(resourceGroup().id)), '2023-01-31').principalId]", + "principalType": "ServicePrincipal" + }, + "dependsOn": [ + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', uniqueString(resourceGroup().id))]" + ] + }, + { + "type": "Microsoft.Resources/deploymentScripts", + "apiVersion": "2020-10-01", + "name": "[parameters('name')]", + "location": "[parameters('location')]", + "kind": "AzureCLI", + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "[format('{0}', resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', uniqueString(resourceGroup().id)))]": {} + } + }, + "properties": { + "storageAccountSettings": { + "storageAccountName": "[parameters('public_storage_account_name')]", + "storageAccountKey": "[parameters('public_storage_account_key')]" + }, + "forceUpdateTag": "[parameters('utcValue')]", + "azCliVersion": "2.7.0", + "timeout": "PT1H", + "environmentVariables": [ + { + "name": "AZURE_SUBSCRIPTION_ID", + "value": "[parameters('subscriptionId')]" + }, + { + "name": "AZURE_TENANT_ID", + "value": "[parameters('tenantid')]" + }, + { + "name": "ACR_SERVER", + "value": "[parameters('acrserver')]" + }, + { + "name": "AZURE_LOCATION", + "value": "[parameters('azure_location')]" + }, + { + "name": "AZURE_ACR_LOGIN_SERVER", + "value": "[parameters('azure_acr_login_server')]" + }, + { + "name": "AZURE_ACR_NAME", + "value": "[parameters('azure_acr_name')]" + }, + { + "name": "AZURE_AKS_NAME", + "value": "[parameters('azure_aks_name')]" + }, + { + "name": "AZURE_AKS_CONTROLPLANEFQDN", + "value": "[parameters('azure_aks_controlplanefqdn')]" + }, + { + "name": "AZURE_AKS_MANAGED_RG", + "value": "[parameters('azure_aks_managed_rg')]" + }, + { + "name": "AZURE_AKS_SERVICE_ACCOUNT_NAME", + "value": "[parameters('azure_aks_service_account_name')]" + }, + { + "name": "AZURE_APIM_GATEWAY_URL", + "value": "[parameters('azure_apim_gateway_url')]" + }, + { + "name": "AZURE_APIM_NAME", + "value": "[parameters('azure_apim_name')]" + }, + { + "name": "MANAGED_IDENTITY_AKS", + "value": "[parameters('managed_identity_aks')]" + }, + { + "name": "IMAGE_NAME", + "value": "[parameters('imagename')]" + }, + { + "name": "IMAGE_VERSION", + "value": "[parameters('imageversion')]" + }, + { + "name": "AI_SEARCH_NAME", + "value": "[parameters('ai_search_name')]" + }, + { + "name": "AZURE_AOAI_LLM_MODEL", + "value": "[parameters('azure_aoai_llm_model')]" + }, + { + "name": "AZURE_AOAI_LLM_MODEL_DEPLOYMENT_NAME", + "value": "[parameters('azure_aoai_llm_model_deployment_name')]" + }, + { + "name": "AZURE_AOAI_LLM_MODEL_API_VERSION", + "value": "[parameters('azure_aoai_llm_model_api_version')]" + }, + { + "name": "AZURE_AOAI_EMBEDDING_MODEL", + "value": "[parameters('azure_aoai_embedding_model')]" + }, + { + "name": "AZURE_AOAI_EMBEDDING_MODEL_DEPLOYMENT_NAME", + "value": "[parameters('azure_aoai_embedding_model_deployment_name')]" + }, + { + "name": "AZURE_AOAI_EMBEDDING_MODEL_API_VERSION", + "value": "[parameters('azure_aoai_embedding_model_api_version')]" + }, + { + "name": "AZURE_APP_HOSTNAME", + "value": "[parameters('azure_app_hostname')]" + }, + { + "name": "AZURE_APP_URL", + "value": "[parameters('azure_app_url')]" + }, + { + "name": "AZURE_APP_INSIGHTS_CONNECTION_STRING", + "value": "[parameters('azure_app_insights_connection_string')]" + }, + { + "name": "AZURE_COSMOSDB_ENDPOINT", + "value": "[parameters('azure_cosmosdb_endpoint')]" + }, + { + "name": "AZURE_COSMOSDB_NAME", + "value": "[parameters('azure_cosmosdb_name')]" + }, + { + "name": "AZURE_COSMOSDB_ID", + "value": "[parameters('azure_cosmosdb_id')]" + }, + { + "name": "AZURE_DNS_ZONE_NAME", + "value": "[parameters('azure_dns_zone_name')]" + }, + { + "name": "AZURE_STORAGE_ACCOUNT", + "value": "[parameters('azure_storage_account')]" + }, + { + "name": "AZURE_STORAGE_ACCOUNT_BLOB_URL", + "value": "[parameters('azure_storage_account_blob_url')]" + }, + { + "name": "AZURE_WORKLOAD_IDENTITY_CLIENT_ID", + "value": "[parameters('azure_workload_identity_client_id')]" + }, + { + "name": "AZURE_WORKLOAD_IDENTITY_PRINCIPAL_ID", + "value": "[parameters('azure_workload_identity_principal_id')]" + }, + { + "name": "AZURE_WORKLOAD_IDENTITY_NAME", + "value": "[parameters('azure_workload_identity_name')]" + }, + { + "name": "COGNITIVE_SERVICES_AUDIENCE", + "value": "[parameters('cognitive_services_audience')]" + }, + { + "name": "AZURE_OPENAI_ENDPOINT", + "value": "[parameters('azure_aoai_endpoint')]" + }, + { + "name": "AZURE_RESOURCE_GROUP", + "value": "[resourceGroup().name]" + } + ], + "cleanupPreference": "OnSuccess", + "retentionInterval": "P1D", + "scriptContent": "[parameters('script_file')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', uniqueString(resourceGroup().id))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'acr-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'aisearch-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'aks-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'aoai-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'apim-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'app-insights-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'private-dns-zone-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'storage-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "graphragservicedef-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "name": { + "value": "GraphRag" + }, + "apimname": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'apim-deployment'), '2022-09-01').outputs.name.value]" + }, + "backendUrl": { + "value": "[variables('appUrl')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13338625497669096861" + } + }, + "parameters": { + "backendUrl": { + "type": "string" + }, + "name": { + "type": "string" + }, + "apimname": { + "type": "string" + } + }, + "variables": { + "$fxv#0": { + "openapi": "3.1.0", + "info": { + "title": "GraphRAG", + "version": "v0.0.0" + }, + "paths": { + "/data": { + "get": { + "tags": [ + "Data Management" + ], + "summary": "Get all data storage containers.", + "description": "Retrieve a list of all data storage containers.", + "operationId": "get_all_data_storage_containers_data_get", + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/StorageNameList" + } + } + } + } + } + }, + "post": { + "tags": [ + "Data Management" + ], + "summary": "Upload data to a data storage container", + "description": "Create a data storage container in Azure and upload files to it.\n\nArgs:\n files (List[UploadFile]): A list of files to be uploaded.\n storage_name (str): The name of the Azure Blob Storage container to which files will be uploaded.\n overwrite (bool): Whether to overwrite existing files with the same name. Defaults to True. If False, files that already exist will be skipped.\n\nReturns:\n BaseResponse: An instance of the BaseResponse model with a status message indicating the result of the upload.\n\nRaises:\n HTTPException: If the container name is invalid or if any error occurs during the upload process.", + "operationId": "upload_files_data_post", + "parameters": [ + { + "name": "storage_name", + "in": "query", + "required": true, + "schema": { + "type": "string", + "title": "Storage Name" + } + }, + { + "name": "overwrite", + "in": "query", + "required": false, + "schema": { + "type": "boolean", + "default": true, + "title": "Overwrite" + } + } + ], + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "$ref": "#/components/schemas/Body_upload_files_data_post" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/BaseResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/data/{storage_name}": { + "delete": { + "tags": [ + "Data Management" + ], + "summary": "Delete a data storage container", + "description": "Delete a specified data storage container.", + "operationId": "delete_files_data__storage_name__delete", + "parameters": [ + { + "name": "storage_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Storage Name" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/BaseResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/index": { + "post": { + "tags": [ + "Index Operations" + ], + "summary": "Build an index", + "operationId": "setup_indexing_pipeline_index_post", + "parameters": [ + { + "name": "storage_name", + "in": "query", + "required": true, + "schema": { + "type": "string", + "title": "Storage Name" + } + }, + { + "name": "index_name", + "in": "query", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + } + ], + "requestBody": { + "content": { + "multipart/form-data": { + "schema": { + "$ref": "#/components/schemas/Body_setup_indexing_pipeline_index_post" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/BaseResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + }, + "get": { + "tags": [ + "Index Operations" + ], + "summary": "Get all indexes", + "description": "Retrieve a list of all index names.", + "operationId": "get_all_indexes_index_get", + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/IndexNameList" + } + } + } + } + } + } + }, + "/index/{index_name}": { + "delete": { + "tags": [ + "Index Operations" + ], + "summary": "Delete a specified index", + "description": "Delete a specified index.", + "operationId": "delete_index_index__index_name__delete", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/BaseResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/index/status/{index_name}": { + "get": { + "tags": [ + "Index Operations" + ], + "summary": "Track the status of an indexing job", + "operationId": "get_index_job_status_index_status__index_name__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/IndexStatusResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/query/global": { + "post": { + "tags": [ + "Query Operations" + ], + "summary": "Perform a global search across the knowledge graph index", + "description": "The global query method generates answers by searching over all AI-generated community reports in a map-reduce fashion. This is a resource-intensive method, but often gives good responses for questions that require an understanding of the dataset as a whole.", + "operationId": "global_query_query_global_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/query/local": { + "post": { + "tags": [ + "Query Operations" + ], + "summary": "Perform a local search across the knowledge graph index.", + "description": "The local query method generates answers by combining relevant data from the AI-extracted knowledge-graph with text chunks of the raw documents. This method is suitable for questions that require an understanding of specific entities mentioned in the documents (e.g. What are the healing properties of chamomile?).", + "operationId": "local_query_query_local_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/query/streaming/global": { + "post": { + "tags": [ + "Query Streaming Operations" + ], + "summary": "Stream a response back after performing a global search", + "description": "The global query method generates answers by searching over all AI-generated community reports in a map-reduce fashion. This is a resource-intensive method, but often gives good responses for questions that require an understanding of the dataset as a whole.", + "operationId": "global_search_streaming_query_streaming_global_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/query/streaming/local": { + "post": { + "tags": [ + "Query Streaming Operations" + ], + "summary": "Stream a response back after performing a local search", + "description": "The local query method generates answers by combining relevant data from the AI-extracted knowledge-graph with text chunks of the raw documents. This method is suitable for questions that require an understanding of specific entities mentioned in the documents (e.g. What are the healing properties of chamomile?).", + "operationId": "local_search_streaming_query_streaming_local_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/index/config/prompts": { + "get": { + "tags": [ + "Index Configuration" + ], + "summary": "Generate graphrag prompts from user-provided data.", + "description": "Generating custom prompts from user-provided data may take several minutes to run based on the amount of data used.", + "operationId": "generate_prompts_index_config_prompts_get", + "parameters": [ + { + "name": "storage_name", + "in": "query", + "required": true, + "schema": { + "type": "string", + "title": "Storage Name" + } + }, + { + "name": "limit", + "in": "query", + "required": false, + "schema": { + "type": "integer", + "default": 5, + "title": "Limit" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/source/report/{index_name}/{report_id}": { + "get": { + "tags": [ + "Sources" + ], + "summary": "Return a single community report.", + "operationId": "get_report_info_source_report__index_name___report_id__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + }, + { + "name": "report_id", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Report Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ReportResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/source/text/{index_name}/{text_unit_id}": { + "get": { + "tags": [ + "Sources" + ], + "summary": "Return a single base text unit.", + "operationId": "get_chunk_info_source_text__index_name___text_unit_id__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + }, + { + "name": "text_unit_id", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Text Unit Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/TextUnitResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/source/entity/{index_name}/{entity_id}": { + "get": { + "tags": [ + "Sources" + ], + "summary": "Return a single entity.", + "operationId": "get_entity_info_source_entity__index_name___entity_id__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + }, + { + "name": "entity_id", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "Entity Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/EntityResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/source/claim/{index_name}/{claim_id}": { + "get": { + "tags": [ + "Sources" + ], + "summary": "Return a single claim.", + "operationId": "get_claim_info_source_claim__index_name___claim_id__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + }, + { + "name": "claim_id", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "Claim Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ClaimResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/source/relationship/{index_name}/{relationship_id}": { + "get": { + "tags": [ + "Sources" + ], + "summary": "Return a single relationship.", + "operationId": "get_relationship_info_source_relationship__index_name___relationship_id__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + }, + { + "name": "relationship_id", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "Relationship Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/RelationshipResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/graph/graphml/{index_name}": { + "get": { + "tags": [ + "Graph Operations" + ], + "summary": "Retrieve a GraphML file of the knowledge graph", + "operationId": "retrieve_graphml_file_graph_graphml__index_name__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + } + ], + "responses": { + "200": { + "description": "GraphML file successfully downloaded", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/graph/stats/{index_name}": { + "get": { + "tags": [ + "Graph Operations" + ], + "summary": "Retrieve basic graph statistics, number of nodes and edges", + "operationId": "retrieve_graph_stats_graph_stats__index_name__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphDataResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/health": { + "get": { + "summary": "API health check", + "description": "Returns a 200 response to indicate the API is healthy.", + "operationId": "health_check_health_get", + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + } + } + } + } + }, + "components": { + "schemas": { + "BaseResponse": { + "properties": { + "status": { + "type": "string", + "title": "Status" + } + }, + "type": "object", + "required": [ + "status" + ], + "title": "BaseResponse" + }, + "Body_setup_indexing_pipeline_index_post": { + "properties": { + "entity_extraction_prompt": { + "anyOf": [ + { + "type": "string", + "format": "binary" + }, + { + "type": "null" + } + ], + "title": "Entity Extraction Prompt" + }, + "community_report_prompt": { + "anyOf": [ + { + "type": "string", + "format": "binary" + }, + { + "type": "null" + } + ], + "title": "Community Report Prompt" + }, + "summarize_descriptions_prompt": { + "anyOf": [ + { + "type": "string", + "format": "binary" + }, + { + "type": "null" + } + ], + "title": "Summarize Descriptions Prompt" + } + }, + "type": "object", + "title": "Body_setup_indexing_pipeline_index_post" + }, + "Body_upload_files_data_post": { + "properties": { + "files": { + "items": { + "type": "string", + "format": "binary" + }, + "type": "array", + "title": "Files" + } + }, + "type": "object", + "required": [ + "files" + ], + "title": "Body_upload_files_data_post" + }, + "ClaimResponse": { + "properties": { + "covariate_type": { + "type": "string", + "title": "Covariate Type" + }, + "type": { + "type": "string", + "title": "Type" + }, + "description": { + "type": "string", + "title": "Description" + }, + "subject_id": { + "type": "string", + "title": "Subject Id" + }, + "object_id": { + "type": "string", + "title": "Object Id" + }, + "source_text": { + "type": "string", + "title": "Source Text" + }, + "text_unit_id": { + "type": "string", + "title": "Text Unit Id" + }, + "document_ids": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Document Ids" + } + }, + "type": "object", + "required": [ + "covariate_type", + "type", + "description", + "subject_id", + "object_id", + "source_text", + "text_unit_id", + "document_ids" + ], + "title": "ClaimResponse" + }, + "EntityResponse": { + "properties": { + "name": { + "type": "string", + "title": "Name" + }, + "description": { + "type": "string", + "title": "Description" + }, + "text_units": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Text Units" + } + }, + "type": "object", + "required": [ + "name", + "description", + "text_units" + ], + "title": "EntityResponse" + }, + "GraphDataResponse": { + "properties": { + "nodes": { + "type": "integer", + "title": "Nodes" + }, + "edges": { + "type": "integer", + "title": "Edges" + } + }, + "type": "object", + "required": [ + "nodes", + "edges" + ], + "title": "GraphDataResponse" + }, + "GraphRequest": { + "properties": { + "index_name": { + "anyOf": [ + { + "type": "string" + }, + { + "items": { + "type": "string" + }, + "type": "array" + } + ], + "title": "Index Name" + }, + "query": { + "type": "string", + "title": "Query" + } + }, + "type": "object", + "required": [ + "index_name", + "query" + ], + "title": "GraphRequest" + }, + "GraphResponse": { + "properties": { + "result": { + "title": "Result" + }, + "context_data": { + "title": "Context Data" + } + }, + "type": "object", + "required": [ + "result", + "context_data" + ], + "title": "GraphResponse" + }, + "HTTPValidationError": { + "properties": { + "detail": { + "items": { + "$ref": "#/components/schemas/ValidationError" + }, + "type": "array", + "title": "Detail" + } + }, + "type": "object", + "title": "HTTPValidationError" + }, + "IndexNameList": { + "properties": { + "index_name": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Index Name" + } + }, + "type": "object", + "required": [ + "index_name" + ], + "title": "IndexNameList" + }, + "IndexStatusResponse": { + "properties": { + "status_code": { + "type": "integer", + "title": "Status Code" + }, + "index_name": { + "type": "string", + "title": "Index Name" + }, + "storage_name": { + "type": "string", + "title": "Storage Name" + }, + "status": { + "type": "string", + "title": "Status" + }, + "percent_complete": { + "type": "number", + "title": "Percent Complete" + }, + "progress": { + "type": "string", + "title": "Progress" + } + }, + "type": "object", + "required": [ + "status_code", + "index_name", + "storage_name", + "status", + "percent_complete", + "progress" + ], + "title": "IndexStatusResponse" + }, + "RelationshipResponse": { + "properties": { + "source": { + "type": "string", + "title": "Source" + }, + "source_id": { + "type": "integer", + "title": "Source Id" + }, + "target": { + "type": "string", + "title": "Target" + }, + "target_id": { + "type": "integer", + "title": "Target Id" + }, + "description": { + "type": "string", + "title": "Description" + }, + "text_units": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Text Units" + } + }, + "type": "object", + "required": [ + "source", + "source_id", + "target", + "target_id", + "description", + "text_units" + ], + "title": "RelationshipResponse" + }, + "ReportResponse": { + "properties": { + "text": { + "type": "string", + "title": "Text" + } + }, + "type": "object", + "required": [ + "text" + ], + "title": "ReportResponse" + }, + "StorageNameList": { + "properties": { + "storage_name": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Storage Name" + } + }, + "type": "object", + "required": [ + "storage_name" + ], + "title": "StorageNameList" + }, + "TextUnitResponse": { + "properties": { + "text": { + "type": "string", + "title": "Text" + }, + "source_document": { + "type": "string", + "title": "Source Document" + } + }, + "type": "object", + "required": [ + "text", + "source_document" + ], + "title": "TextUnitResponse" + }, + "ValidationError": { + "properties": { + "loc": { + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ] + }, + "type": "array", + "title": "Location" + }, + "msg": { + "type": "string", + "title": "Message" + }, + "type": { + "type": "string", + "title": "Error Type" + } + }, + "type": "object", + "required": [ + "loc", + "msg", + "type" + ], + "title": "ValidationError" + } + } + } + }, + "$fxv#1": "\n\t\n\t\t\n\t\t\n\t\t\t\n\t\t\t\t*\n\t\t\t\n\t\t\t\n\t\t\t\t*\n\t\t\t\n\t\t\t\n\t\t\t\t
*
\n\t\t\t\n\t\t\t\n\t\t\t\t
*
\n\t\t\t\n\t\t\n\t\n\t\n\t\t\n\t\n\t\n\t\t\n\t\n\t\n\t\t\n\t\n" + }, + "resources": [ + { + "type": "Microsoft.ApiManagement/service/apis/policies", + "apiVersion": "2022-08-01", + "name": "[format('{0}/{1}/{2}', split(format('{0}/{1}', parameters('apimname'), parameters('name')), '/')[0], split(format('{0}/{1}', parameters('apimname'), parameters('name')), '/')[1], 'policy')]", + "properties": { + "format": "rawxml", + "value": "[variables('$fxv#1')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.ApiManagement/service/apis', split(format('{0}/{1}', parameters('apimname'), parameters('name')), '/')[0], split(format('{0}/{1}', parameters('apimname'), parameters('name')), '/')[1])]" + ] + }, + { + "type": "Microsoft.ApiManagement/service/apis", + "apiVersion": "2023-09-01-preview", + "name": "[format('{0}/{1}', parameters('apimname'), parameters('name'))]", + "properties": { + "displayName": "GraphRAG", + "apiRevision": "1", + "subscriptionRequired": true, + "serviceUrl": "[parameters('backendUrl')]", + "path": "", + "protocols": [ + "https" + ], + "authenticationSettings": { + "oAuth2AuthenticationSettings": [], + "openidAuthenticationSettings": [] + }, + "subscriptionKeyParameterNames": { + "header": "Ocp-Apim-Subscription-Key", + "query": "subscription-key" + }, + "isCurrent": true, + "format": "openapi+json", + "value": "[string(variables('$fxv#0'))]" + } + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'apim-deployment')]" + ] + } + ], + "outputs": { + "azure_location": { + "type": "string", + "value": "[parameters('location')]" + }, + "azure_tenant_id": { + "type": "string", + "value": "[tenant().tenantId]" + }, + "azure_ai_search_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aisearch-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_acr_login_server": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'acr-deployment'), '2022-09-01').outputs.loginServer.value]" + }, + "azure_acr_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'acr-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_aks_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_aks_controlplanefqdn": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.controlPlaneFqdn.value]" + }, + "azure_aks_managed_rg": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.managedResourceGroup.value]" + }, + "azure_aks_service_account_name": { + "type": "string", + "value": "[variables('aksServiceAccountName')]" + }, + "azure_aoai_endpoint": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.openAiEndpoint.value]" + }, + "azure_aoai_llm_model": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.llmModel.value]" + }, + "azure_aoai_llm_model_deployment_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.llmModelDeploymentName.value]" + }, + "azure_aoai_llm_model_api_version": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.llmModelApiVersion.value]" + }, + "azure_aoai_embedding_model": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.textEmbeddingModel.value]" + }, + "azure_aoai_embedding_model_deployment_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.textEmbeddingModelDeploymentName.value]" + }, + "azure_aoai_embedding_model_api_version": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.textEmbeddingModelApiVersion.value]" + }, + "azure_apim_gateway_url": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'apim-deployment'), '2022-09-01').outputs.apimGatewayUrl.value]" + }, + "azure_apim_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'apim-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_app_hostname": { + "type": "string", + "value": "[variables('appHostname')]" + }, + "azure_app_url": { + "type": "string", + "value": "[variables('appUrl')]" + }, + "azure_app_insights_connection_string": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'app-insights-deployment'), '2022-09-01').outputs.connectionString.value]" + }, + "azure_cosmosdb_endpoint": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.endpoint.value]" + }, + "azure_cosmosdb_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_cosmosdb_id": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.id.value]" + }, + "azure_dns_zone_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'private-dns-zone-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_private_dns_zones": { + "type": "array", + "value": "[if(parameters('enablePrivateEndpoints'), union(reference(resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment'), '2022-09-01').outputs.privateDnsZones.value, createArray(reference(resourceId('Microsoft.Resources/deployments', 'private-dns-zone-deployment'), '2022-09-01').outputs.name.value)), createArray())]" + }, + "azure_storage_account": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'storage-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_storage_account_blob_url": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'storage-deployment'), '2022-09-01').outputs.primaryEndpoints.value.blob]" + }, + "azure_workload_identity_client_id": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.clientId.value]" + }, + "azure_workload_identity_principal_id": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.principalId.value]" + }, + "azure_workload_identity_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.name.value]" + } + } +} \ No newline at end of file diff --git a/infra/managed-app/artifacts/graphrag/.helmignore b/infra/managed-app/artifacts/graphrag/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/infra/managed-app/artifacts/graphrag/Chart.yaml b/infra/managed-app/artifacts/graphrag/Chart.yaml new file mode 100644 index 00000000..6e003a45 --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/Chart.yaml @@ -0,0 +1,14 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. + +apiVersion: v2 +name: graphrag +description: GraphRAG - a graph-based RAG search engine +type: application +version: 0.3.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "2.1.0" diff --git a/infra/managed-app/artifacts/graphrag/LICENSE b/infra/managed-app/artifacts/graphrag/LICENSE new file mode 100644 index 00000000..63447fd8 --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/LICENSE @@ -0,0 +1,21 @@ +Copyright (c) Microsoft Corporation. + +MIT License + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. \ No newline at end of file diff --git a/infra/managed-app/artifacts/graphrag/templates/NOTES.txt b/infra/managed-app/artifacts/graphrag/templates/NOTES.txt new file mode 100644 index 00000000..c32a7790 --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/templates/NOTES.txt @@ -0,0 +1,8 @@ +Thank you for installing {{ .Chart.Name }}. + +Your release is named {{ .Release.Name }}. + +To learn more about the release, try: + + $ helm status {{ .Release.Name }} + $ helm get all {{ .Release.Name }} \ No newline at end of file diff --git a/infra/managed-app/artifacts/graphrag/templates/_helpers.tpl b/infra/managed-app/artifacts/graphrag/templates/_helpers.tpl new file mode 100644 index 00000000..5d5ea14a --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/templates/_helpers.tpl @@ -0,0 +1,95 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "graphrag.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "graphrag.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create a graphrag-master fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "graphrag.master.fullname" -}} +{{- if .Values.master.fullnameOverride }} +{{- .Values.master.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- printf "%s-%s" .Release.Name .Values.master.name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s-%s" .Release.Name $name .Values.master.name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "graphrag.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "graphrag.common.labels" -}} +azure.workload.identity/use: "true" +helm.sh/chart: {{ include "graphrag.chart" . }} +{{ include "graphrag.common.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{- define "graphrag.labels" -}} +{{ include "graphrag.common.labels" . }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "graphrag.common.selectorLabels" -}} +app.kubernetes.io/name: {{ include "graphrag.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{- define "graphrag.master.labels" -}} +{{ include "graphrag.common.labels" . }} +{{ include "graphrag.master.selectorLabels" . }} +{{- end -}} + +{{- define "graphrag.master.selectorLabels" -}} +{{ include "graphrag.common.selectorLabels" . }} +component: {{ .Values.master.name | quote }} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "graphrag.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "graphrag.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/infra/managed-app/artifacts/graphrag/templates/graphrag-clusterrole.yaml b/infra/managed-app/artifacts/graphrag/templates/graphrag-clusterrole.yaml new file mode 100644 index 00000000..800ae5fb --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/templates/graphrag-clusterrole.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "graphrag.fullname" . }} + labels: + {{- include "graphrag.labels" . | nindent 4 }} +rules: +- apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +- apiGroups: ["batch", "extensions"] + resources: ["*"] + verbs: ["*"] diff --git a/infra/managed-app/artifacts/graphrag/templates/graphrag-configmap.yaml b/infra/managed-app/artifacts/graphrag/templates/graphrag-configmap.yaml new file mode 100644 index 00000000..a3fbcf2a --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/templates/graphrag-configmap.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "graphrag.labels" . | nindent 4 }} + name: {{ include "graphrag.fullname" . }} +data: + {{- toYaml .Values.graphragConfig | nindent 2 }} + AKS_NAMESPACE: {{ .Release.Namespace }} diff --git a/infra/managed-app/artifacts/graphrag/templates/graphrag-ingress.yaml b/infra/managed-app/artifacts/graphrag/templates/graphrag-ingress.yaml new file mode 100644 index 00000000..cb29de94 --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/templates/graphrag-ingress.yaml @@ -0,0 +1,52 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "graphrag.fullname" . -}} +{{- $masterFullName := include "graphrag.master.fullname" . -}} +{{- $masterSvcPort := .Values.master.service.port -}} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "graphrag.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + - host: {{ .Values.ingress.host | quote }} + http: + paths: + - path: "/" + pathType: "Prefix" + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $masterFullName }} + port: + number: {{ $masterSvcPort }} + {{- else }} + serviceName: {{ $masterFullName }} + servicePort: {{ $masterSvcPort }} + {{- end }} +{{- end }} diff --git a/infra/managed-app/artifacts/graphrag/templates/graphrag-master-deployment.yaml b/infra/managed-app/artifacts/graphrag/templates/graphrag-master-deployment.yaml new file mode 100644 index 00000000..c0fa4f00 --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/templates/graphrag-master-deployment.yaml @@ -0,0 +1,67 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "graphrag.master.fullname" . }} + labels: + {{- include "graphrag.master.labels" . | nindent 4 }} +spec: + {{- if not .Values.master.autoscaling.enabled }} + replicas: {{ .Values.master.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "graphrag.master.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.master.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + date: "{{ now | unixEpoch }}" + {{- include "graphrag.master.labels" . | nindent 8 }} + {{- with .Values.master.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ include "graphrag.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.master.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Values.master.name }} + securityContext: + {{- toYaml .Values.master.securityContext | nindent 12 }} + image: "{{ .Values.master.image.repository }}:{{ .Values.master.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.master.image.pullPolicy }} + envFrom: + - configMapRef: + name: {{ include "graphrag.fullname" . }} + ports: + - name: http + containerPort: {{ .Values.master.service.port }} + protocol: TCP + livenessProbe: + {{- toYaml .Values.master.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.master.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.master.resources | nindent 12 }} + volumeMounts: + {{- with .Values.master.volumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.master.volumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.master.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.master.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.master.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/infra/managed-app/artifacts/graphrag/templates/graphrag-master-hpa.yaml b/infra/managed-app/artifacts/graphrag/templates/graphrag-master-hpa.yaml new file mode 100644 index 00000000..7407846d --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/templates/graphrag-master-hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.master.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "graphrag.master.fullname" . }} + labels: + {{- include "graphrag.master.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "graphrag.master.fullname" . }} + minReplicas: {{ .Values.master.autoscaling.minReplicas }} + maxReplicas: {{ .Values.master.autoscaling.maxReplicas }} + metrics: + {{- if .Values.master.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.master.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.master.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.master.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/infra/managed-app/artifacts/graphrag/templates/graphrag-master-service.yaml b/infra/managed-app/artifacts/graphrag/templates/graphrag-master-service.yaml new file mode 100644 index 00000000..b68f3f64 --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/templates/graphrag-master-service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "graphrag.master.fullname" . }} +{{- if .Values.master.service.annotations }} + annotations: + {{- range $key, $value := .Values.master.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + {{- include "graphrag.master.labels" . | nindent 4 }} +spec: + type: {{ .Values.master.service.type }} + ports: + - port: {{ .Values.master.service.port }} + selector: + {{- include "graphrag.master.selectorLabels" . | nindent 4 }} diff --git a/infra/managed-app/artifacts/graphrag/templates/graphrag-nginx-internal-controller.yaml b/infra/managed-app/artifacts/graphrag/templates/graphrag-nginx-internal-controller.yaml new file mode 100644 index 00000000..dc66448f --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/templates/graphrag-nginx-internal-controller.yaml @@ -0,0 +1,13 @@ +{{- if .Values.ingress.createIngressClass -}} +apiVersion: approuting.kubernetes.azure.com/v1alpha1 +kind: NginxIngressController +metadata: + name: {{ .Values.ingress.className }} +spec: + ingressClassName: {{ .Values.ingress.className }} + controllerNamePrefix: {{ .Values.ingress.className }} + {{- with .Values.ingress.loadBalancerAnnotations }} + loadBalancerAnnotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/infra/managed-app/artifacts/graphrag/templates/graphrag-rolebinding.yaml b/infra/managed-app/artifacts/graphrag/templates/graphrag-rolebinding.yaml new file mode 100644 index 00000000..3ebc3eb0 --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/templates/graphrag-rolebinding.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "graphrag.fullname" . }} + labels: + {{- include "graphrag.labels" . | nindent 4 }} +subjects: +- kind: ServiceAccount + name: {{ include "graphrag.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ include "graphrag.fullname" . }} + apiGroup: rbac.authorization.k8s.io diff --git a/infra/managed-app/artifacts/graphrag/templates/graphrag-serviceaccount.yaml b/infra/managed-app/artifacts/graphrag/templates/graphrag-serviceaccount.yaml new file mode 100644 index 00000000..b3bdbce9 --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/templates/graphrag-serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "graphrag.serviceAccountName" . }} + labels: + {{- include "graphrag.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/infra/managed-app/artifacts/graphrag/templates/tests/test-connection.yaml b/infra/managed-app/artifacts/graphrag/templates/tests/test-connection.yaml new file mode 100644 index 00000000..59ea7df1 --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "graphrag.master.fullname" . }}-test-connection" + labels: + {{- include "graphrag.master.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "graphrag.master.fullname" . }}:{{ .Values.master.service.port }}'] + restartPolicy: Never diff --git a/infra/managed-app/artifacts/graphrag/values.yaml b/infra/managed-app/artifacts/graphrag/values.yaml new file mode 100644 index 00000000..9b8cce48 --- /dev/null +++ b/infra/managed-app/artifacts/graphrag/values.yaml @@ -0,0 +1,135 @@ +# Default values for the graphrag helm chart. + +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: + azure.workload.identity/client-id: "" + # Name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +ingress: + enabled: true + className: nginx-internal + createIngressClass: true + host: graphrag.graphrag.io + tls: [] + annotations: + nginx.ingress.kubernetes.io/proxy-connect-timeout: "900" + nginx.ingress.kubernetes.io/proxy-send-timeout: "900" + nginx.ingress.kubernetes.io/proxy-read-timeout: "900" + nginx.ingress.kubernetes.io/proxy-body-size: 500m + loadBalancerAnnotations: + service.beta.kubernetes.io/azure-load-balancer-internal: "true" + +graphragConfig: + AI_SEARCH_AUDIENCE: "https://search.azure.com" + AI_SEARCH_URL: "" + APPLICATIONINSIGHTS_CONNECTION_STRING: "" + # Must set hidden env variable to true to disable statsbeat. For more information: https://github.com/Azure/azure-sdk-for-python/issues/34804 + APPLICATIONINSIGHTS_STATSBEAT_DISABLED_ALL: "True" + COSMOS_URI_ENDPOINT: "" + GRAPHRAG_API_BASE: "" + GRAPHRAG_API_VERSION: "" + COGNITIVE_SERVICES_AUDIENCE: "https://cognitiveservices.azure.com/.default" + GRAPHRAG_LLM_MODEL: "" + GRAPHRAG_LLM_DEPLOYMENT_NAME: "" + GRAPHRAG_EMBEDDING_MODEL: "" + GRAPHRAG_EMBEDDING_DEPLOYMENT_NAME: "" + STORAGE_ACCOUNT_BLOB_URL: "" + +master: + name: "master" + replicaCount: 1 + image: + repository: "" + pullPolicy: Always + # Override the image tag whose default is the chart appVersion. + tag: "" + podAnnotations: {} + podLabels: {} + podSecurityContext: + {} + # fsGroup: 2000 + + securityContext: + {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + service: + annotations: {} + type: ClusterIP + port: 80 + + resources: + # We recommend not modifying the default resources below unless you know what you're doing + # and have investigated graphrag's baseline spec requirements to ensure the application + # can run properly. + limits: + cpu: 8 + memory: "16Gi" + requests: + cpu: 4 + memory: "10Gi" + + livenessProbe: + httpGet: + path: /manpage/docs + port: http + failureThreshold: 50 + initialDelaySeconds: 30 + periodSeconds: 20 + + readinessProbe: + httpGet: + path: /manpage/docs + port: http + failureThreshold: 50 + initialDelaySeconds: 30 + periodSeconds: 20 + + autoscaling: + enabled: true + minReplicas: 1 + maxReplicas: 20 + targetMemoryUtilizationPercentage: 50 + # targetCPUUtilizationPercentage: 50 + + # Additional volumes on the output Deployment definition. + volumes: [] + # - name: foo + # secret: + # secretName: mysecret + # optional: false + + # Additional volumeMounts on the output Deployment definition. + volumeMounts: [] + # - name: foo + # mountPath: "/etc/foo" + # readOnly: true + + nodeSelector: {} + + tolerations: [] + + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: workload + operator: In + values: + - graphrag diff --git a/infra/managed-app/artifacts/scripts/updategraphrag.sh b/infra/managed-app/artifacts/scripts/updategraphrag.sh new file mode 100755 index 00000000..686c72de --- /dev/null +++ b/infra/managed-app/artifacts/scripts/updategraphrag.sh @@ -0,0 +1,56 @@ +#!/bin/bash +# Install kubectl +set -e +az aks install-cli --only-show-errors + +az login --identity + +# Get AKS credentials +az aks get-credentials \ + --admin \ + --name $AZURE_AKS_NAME \ + --resource-group $AZURE_RESOURCE_GROUP --only-show-errors + +# Check if the cluster is private or not + +# Assign a value to aksNamespace +aksNamespace="graphrag" + +# Install Helm +curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 -o get_helm.sh -s +chmod 700 get_helm.sh +./get_helm.sh &>/dev/null + +# Add Helm repos +helm repo add prometheus-community https://prometheus-community.github.io/helm-charts +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx + +# Update Helm repos +helm repo update + +helm pull oci://graphrag.azurecr.io/graphrag --untar + + +helm upgrade -i graphrag ./graphrag -f ./graphrag/values.yaml \ + --namespace $aksNamespace --create-namespace \ + --set "serviceAccount.name=$AZURE_AKS_SERVICE_ACCOUNT_NAME" \ + --set "serviceAccount.annotations.azure\.workload\.identity/client-id=$AZURE_WORKLOAD_IDENTITY_CLIENT_ID" \ + --set "master.image.repository=graphrag.azurecr.io/$IMAGE_NAME" \ + --set "master.image.tag=$IMAGE_VERSION" \ + --set "ingress.host=$AZURE_APP_HOSTNAME" \ + --set "graphragConfig.APPLICATIONINSIGHTS_CONNECTION_STRING=$APP_INSIGHTS_CONNECTION_STRING" \ + --set "graphragConfig.AI_SEARCH_URL=https://$AI_SEARCH_NAME.search.windows.net" \ + --set "graphragConfig.COSMOS_URI_ENDPOINT=$AZURE_COSMOSDB_ENDPOINT" \ + --set "graphragConfig.GRAPHRAG_API_BASE=$AZURE_OPENAI_ENDPOINT" \ + --set "graphragConfig.GRAPHRAG_API_VERSION=$AZURE_AOAI_LLM_MODEL_API_VERSION" \ + --set "graphragConfig.GRAPHRAG_LLM_MODEL=$AZURE_AOAI_LLM_MODEL"\ + --set "graphragConfig.GRAPHRAG_LLM_DEPLOYMENT_NAME=$AZURE_AOAI_LLM_MODEL_DEPLOYMENT_NAME" \ + --set "graphragConfig.GRAPHRAG_EMBEDDING_MODEL=$AZURE_AOAI_EMBEDDING_MODEL" \ + --set "graphragConfig.GRAPHRAG_EMBEDDING_DEPLOYMENT_NAME=$AZURE_AOAI_EMBEDDING_MODEL_DEPLOYMENT_NAME" \ + --set "graphragConfig.COGNITIVE_SERVICES_AUDIENCE=$COGNITIVE_SERVICES_AUDIENCE" \ + --set "graphragConfig.STORAGE_ACCOUNT_BLOB_URL=$AZURE_STORAGE_ACCOUNT_BLOB_URL" + + + + + diff --git a/infra/managed-app/createUiDefinition.json b/infra/managed-app/createUiDefinition.json new file mode 100644 index 00000000..cebd039b --- /dev/null +++ b/infra/managed-app/createUiDefinition.json @@ -0,0 +1,214 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#", + "handler": "Microsoft.Azure.CreateUIDef", + "version": "0.1.2-preview", + "parameters": { + "basics": [ + {} + ], + "steps": [ + { + "name": "aoaiSettings", + "label": "AOAI Settings", + "subLabel": { + "preValidation": "Configure the AOAI settings", + "postValidation": "Completed" + }, + "elements": [ + { + "name": "llmModel", + "type": "Microsoft.Common.DropDown", + "label": "LLM Model", + "defaultValue": "gpt-4o", + "toolTip": "LLM model to use.", + "constraints": { + "allowedValues": [ + { + "label": "gpt-4o", + "value": "gpt-4o" + }, + { + "label": "gpt-4o-mini", + "value": "gpt-4o-mini" + } + ], + "required": true + }, + "visible": true + }, + { + "name": "llmModelVersion", + "type": "Microsoft.Common.DropDown", + "label": "LLM Model Version", + "defaultValue": "2024-08-06", + "toolTip": "LLM model version to use.", + "constraints": { + "allowedValues": [ + { + "label": "2024-08-06", + "value": "2024-08-06" + }, + { + "label": "2024-07-18", + "value": "2024-07-18" + } + ], + "required": true + }, + "visible": true + }, + { + "name": "llmModelQuota", + "type": "Microsoft.Common.TextBox", + "label": "LLM Model Quota (x1000)", + "placeholder": "85", + "defaultValue": "", + "toolTip": "Model quota to use.", + "constraints": { + "required": true, + "regex": "^[1-9][0-9]*$", + "validationMessage": "Valid LLM model quota." + }, + "visible": true + }, + { + "name": "embeddingModel", + "type": "Microsoft.Common.DropDown", + "label": "Embedding Model", + "defaultValue": "text-embedding-ada-002", + "toolTip": "Embedding model to use", + "constraints": { + "allowedValues": [ + { + "label": "text-embedding-ada-002", + "value": "text-embedding-ada-002" + }, + { + "label": "text-embedding-3-large", + "value": "text-embedding-3-large" + } + ], + "required": true + }, + "visible": true + }, + { + "name": "embeddingModelQuota", + "type": "Microsoft.Common.TextBox", + "label": "Embedding Model Quota (x1000)", + "placeholder": "100", + "defaultValue": "", + "toolTip": "Model quota to use.", + "constraints": { + "required": true, + "regex": "^[1-9][0-9]*$", + "validationMessage": "Valid embedding model quota." + }, + "visible": true + }, + { + "name": "embeddingModelVersion", + "type": "Microsoft.Common.DropDown", + "label": "Embedding Model Version", + "defaultValue": "2", + "toolTip": "Use a valid embedding model version.", + "constraints": { + "allowedValues": [ + { + "label": "2", + "value": "2" + }, + { + "label": "1", + "value": "1" + } + ], + "required": true + }, + "visible": true + } + ] + }, + { + "name": "graphragSettings", + "label": "GraphRAG Settings", + "subLabel": { + "preValidation": "Configure the graphrag settings", + "postValidation": "Completed" + }, + "elements": [ + { + "name": "apimTier", + "type": "Microsoft.Common.DropDown", + "label": "APIM Tier", + "defaultValue": "StandardV2", + "toolTip": "APIM tier to use", + "constraints": { + "allowedValues": [ + { + "label": "Developer", + "value": "Developer" + }, + { + "label": "StandardV2", + "value": "StandardV2" + } + ], + "required": true + }, + "visible": true + } + ] + }, + { + "name": "StorageaccountSettings", + "label": "StorageAccount Settings", + "subLabel": { + "preValidation": "Configure the graphrag settings", + "postValidation": "Completed" + }, + "elements": [ + { + "name": "StorageAccountName", + "type": "Microsoft.Common.TextBox", + "label": "Storage Account", + "defaultValue": "", + "toolTip": "StorageAccountName to use", + "visible": true, + "constraints": { + "required": true + } + }, + { + "name": "StorageAccountKey", + "type": "Microsoft.Common.PasswordBox", + "label": { + "password": "Storage Account Key", + "confirmPassword": "Confirm Storage Account Key" + }, + "constraints": { + "required": true + }, + "visible": true + + } + + ] + } + + ], + "outputs": { + "resourceGroup": "[resourceGroup().name]", + "location": "[location()]", + "apimTier": "[steps('graphragSettings').apimTier]", + "llmModelName": "[steps('aoaiSettings').llmModel]", + "llmModelQuota": "[int(steps('aoaiSettings').llmModelQuota)]", + "embeddingModelName": "[steps('aoaiSettings').embeddingModel]", + "embeddingModelQuota": "[int(steps('aoaiSettings').embeddingModelQuota)]", + "llmModelVersion": "[steps('aoaiSettings').llmModelVersion]", + "embeddingModelVersion": "[steps('aoaiSettings').embeddingModelVersion]", + "publicStorageAccountName": "[steps('StorageaccountSettings').StorageAccountName]", + "publicStorageAccountKey": "[steps('StorageaccountSettings').StorageAccountKey]" + } + } +} \ No newline at end of file diff --git a/infra/managed-app/mainTemplate.json b/infra/managed-app/mainTemplate.json new file mode 100644 index 00000000..e8f96874 --- /dev/null +++ b/infra/managed-app/mainTemplate.json @@ -0,0 +1,5469 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "9942415607713496570" + } + }, + "parameters": { + "resourceGroup": { + "type": "string", + "minLength": 1, + "maxLength": 64, + "metadata": { + "description": "Name of the resource group that GraphRAG will be deployed in." + } + }, + "resourceBaseName": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Unique name to append to each resource" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Cloud region for all resources" + } + }, + "apiPublisherName": { + "type": "string", + "defaultValue": "Microsoft", + "minLength": 1, + "metadata": { + "description": "Name of the publisher of the API Management instance." + } + }, + "apiPublisherEmail": { + "type": "string", + "defaultValue": "publisher@microsoft.com", + "minLength": 1, + "metadata": { + "description": "Email address of the publisher of the API Management instance." + } + }, + "aksNamespace": { + "type": "string", + "defaultValue": "graphrag", + "metadata": { + "description": "The AKS namespace to install GraphRAG in." + } + }, + "enablePrivateEndpoints": { + "type": "bool", + "defaultValue": true, + "metadata": { + "description": "Whether to enable private endpoints." + } + }, + "restoreAPIM": { + "type": "bool", + "defaultValue": false, + "metadata": { + "description": "Whether to restore the API Management instance." + } + }, + "apimTier": { + "type": "string", + "defaultValue": "Developer" + }, + "apimName": { + "type": "string", + "defaultValue": "" + }, + "acrName": { + "type": "string", + "defaultValue": "" + }, + "storageAccountName": { + "type": "string", + "defaultValue": "" + }, + "cosmosDbName": { + "type": "string", + "defaultValue": "" + }, + "aiSearchName": { + "type": "string", + "defaultValue": "" + }, + "utcString": { + "type": "string", + "defaultValue": "[utcNow()]" + }, + "graphragimage": { + "type": "string", + "defaultValue": "graphragbackend" + }, + "graphragimageversion": { + "type": "string", + "defaultValue": "latest" + }, + "llmModelName": { + "type": "string", + "defaultValue": "gpt-4o", + "allowedValues": [ + "gpt-4o", + "gpt-4o-mini" + ], + "metadata": { + "description": "Name of the AOAI LLM model to use. Must match official model id. For more information: https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models" + } + }, + "llmModelVersion": { + "type": "string", + "defaultValue": "2024-08-06", + "metadata": { + "description": "Version of the AOAI LLM model to use." + } + }, + "llmModelQuota": { + "type": "int", + "defaultValue": 1, + "minValue": 1, + "metadata": { + "description": "Quota of the AOAI LLM model to use." + } + }, + "embeddingModelName": { + "type": "string", + "defaultValue": "text-embedding-ada-002", + "allowedValues": [ + "text-embedding-ada-002", + "text-embedding-3-large" + ], + "metadata": { + "description": "Name of the AOAI embedding model to use. Must match official model id. For more information: https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models" + } + }, + "embeddingModelVersion": { + "type": "string", + "defaultValue": "2" + }, + "embeddingModelQuota": { + "type": "int", + "defaultValue": 1, + "minValue": 1, + "metadata": { + "description": "Quota of the AOAI embedding model to use." + } + }, + "publicStorageAccountName": { + "type": "string", + "defaultValue": "" + }, + "publicStorageAccountKey": { + "type": "securestring", + "defaultValue": "" + } + }, + "variables": { + "$fxv#0": { + "analysisServicesServers": "as", + "apiManagementService": "apim-", + "appConfigurationConfigurationStores": "appcs-", + "appContainerApps": "ca-", + "appManagedEnvironments": "cae-", + "authorizationPolicyDefinitions": "policy-", + "automationAutomationAccounts": "aa-", + "azureOpenAI": "aoai-", + "blueprintBlueprints": "bp-", + "blueprintBlueprintsArtifacts": "bpa-", + "cacheRedis": "redis-", + "cdnProfiles": "cdnp-", + "cdnProfilesEndpoints": "cdne-", + "cognitiveServicesAccounts": "cog-", + "cognitiveServicesFormRecognizer": "cog-fr-", + "cognitiveServicesTextAnalytics": "cog-ta-", + "computeAvailabilitySets": "avail-", + "computeCloudServices": "cld-", + "computeDiskEncryptionSets": "des", + "computeDisks": "disk", + "computeDisksOs": "osdisk", + "computeGalleries": "gal", + "computeSnapshots": "snap-", + "computeVirtualMachineScaleSets": "vmss-", + "computeVirtualMachines": "vm", + "containerInstanceContainerGroups": "ci", + "containerRegistryRegistries": "cr", + "containerServiceManagedClusters": "aks-", + "dBforMySQLServers": "mysql-", + "dBforPostgreSQLServers": "psql-", + "dataFactoryFactories": "adf-", + "dataLakeAnalyticsAccounts": "dla", + "dataLakeStoreAccounts": "dls", + "dataMigrationServices": "dms-", + "databricksWorkspaces": "dbw-", + "devicesIotHubs": "iot-", + "devicesProvisioningServices": "provs-", + "devicesProvisioningServicesCertificates": "pcert-", + "documentDBDatabaseAccounts": "cosmos-", + "eventGridDomains": "evgd-", + "eventGridDomainsTopics": "evgt-", + "eventGridEventSubscriptions": "evgs-", + "eventHubNamespaces": "evhns-", + "eventHubNamespacesEventHubs": "evh-", + "hdInsightClustersHadoop": "hadoop-", + "hdInsightClustersHbase": "hbase-", + "hdInsightClustersKafka": "kafka-", + "hdInsightClustersMl": "mls-", + "hdInsightClustersSpark": "spark-", + "hdInsightClustersStorm": "storm-", + "hybridComputeMachines": "arcs-", + "insightsActionGroups": "ag-", + "insightsComponents": "appi-", + "keyVaultVaults": "kv-", + "kubernetesConnectedClusters": "arck", + "kustoClusters": "dec", + "kustoClustersDatabases": "dedb", + "logicIntegrationAccounts": "ia-", + "logicWorkflows": "logic-", + "machineLearningServicesWorkspaces": "mlw-", + "managedIdentityUserAssignedIdentities": "id-", + "managementManagementGroups": "mg-", + "migrateAssessmentProjects": "migr-", + "networkApplicationGateways": "agw-", + "networkApplicationSecurityGroups": "asg-", + "networkAzureFirewalls": "afw-", + "networkBastionHosts": "bas-", + "networkConnections": "con-", + "networkDnsZones": "dnsz-", + "networkExpressRouteCircuits": "erc-", + "networkFirewallPolicies": "afwp-", + "networkFirewallPoliciesRuleGroups": "wafrg", + "networkFirewallPoliciesWebApplication": "waf", + "networkFrontDoors": "fd-", + "networkFrontdoorWebApplicationFirewallPolicies": "fdfp-", + "networkLoadBalancersExternal": "lbe-", + "networkLoadBalancersInboundNatRules": "rule-", + "networkLoadBalancersInternal": "lbi-", + "networkLocalNetworkGateways": "lgw-", + "networkNatGateways": "ng-", + "networkNetworkInterfaces": "nic-", + "networkNetworkSecurityGroups": "nsg-", + "networkNetworkSecurityGroupsSecurityRules": "nsgsr-", + "networkNetworkWatchers": "nw-", + "networkPrivateDnsZones": "pdnsz-", + "networkPrivateLinkServices": "pl-", + "networkPublicIPAddresses": "pip-", + "networkPublicIPPrefixes": "ippre-", + "networkRouteFilters": "rf-", + "networkRouteTables": "rt-", + "networkRouteTablesRoutes": "udr-", + "networkTrafficManagerProfiles": "traf-", + "networkVirtualNetworkGateways": "vgw-", + "networkVirtualNetworks": "vnet-", + "networkVirtualNetworksSubnets": "snet-", + "networkVirtualNetworksVirtualNetworkPeerings": "peer-", + "networkVirtualWans": "vwan-", + "networkVpnGateways": "vpng-", + "networkVpnGatewaysVpnConnections": "vcn-", + "networkVpnGatewaysVpnSites": "vst-", + "notificationHubsNamespaces": "ntfns-", + "notificationHubsNamespacesNotificationHubs": "ntf-", + "operationalInsightsWorkspaces": "log-", + "portalDashboards": "dash-", + "powerBIDedicatedCapacities": "pbi-", + "privateEndpoint": "pep-", + "purviewAccounts": "pview-", + "recoveryServicesVaults": "rsv-", + "resourcesResourceGroups": "rg-", + "searchSearchServices": "srch-", + "serviceBusNamespaces": "sb-", + "serviceBusNamespacesQueues": "sbq-", + "serviceBusNamespacesTopics": "sbt-", + "serviceEndPointPolicies": "se-", + "serviceFabricClusters": "sf-", + "signalRServiceSignalR": "sigr", + "sqlManagedInstances": "sqlmi-", + "sqlServers": "sql-", + "sqlServersDataWarehouse": "sqldw-", + "sqlServersDatabases": "sqldb-", + "sqlServersDatabasesStretch": "sqlstrdb-", + "storSimpleManagers": "ssimp", + "storageStorageAccounts": "st", + "storageStorageAccountsVm": "stvm", + "streamAnalyticsCluster": "asa-", + "synapseWorkspaces": "syn", + "synapseWorkspacesAnalyticsWorkspaces": "synw", + "synapseWorkspacesSqlPoolsDedicated": "syndp", + "synapseWorkspacesSqlPoolsSpark": "synsp", + "timeSeriesInsightsEnvironments": "tsi-", + "webServerFarms": "plan-", + "webSitesAppService": "app-", + "webSitesAppServiceEnvironment": "ase-", + "webSitesFunctions": "func-", + "webStaticSites": "stapp-" + }, + "$fxv#1": "#!/bin/bash\n# Install kubectl\nset -e\naz aks install-cli --only-show-errors\n \n\n# Get AKS credentials\naz aks get-credentials \\\n --admin \\\n --name $AZURE_AKS_NAME \\\n --resource-group $AZURE_RESOURCE_GROUP --only-show-errors\n\n# Check if the cluster is private or not\n\n# Assign a value to aksNamespace\naksNamespace=\"graphrag\"\n\n# Install Helm\ncurl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 -o get_helm.sh -s\nchmod 700 get_helm.sh\n./get_helm.sh &>/dev/null\n\n# Add Helm repos\nhelm repo add prometheus-community https://prometheus-community.github.io/helm-charts\nhelm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx\n\n# Update Helm repos\nhelm repo update\n\nhelm pull oci://graphrag.azurecr.io/graphrag --untar\n\n \nhelm upgrade -i graphrag ./graphrag -f ./graphrag/values.yaml \\\n --namespace $aksNamespace --create-namespace \\\n --set \"serviceAccount.name=$AZURE_AKS_SERVICE_ACCOUNT_NAME\" \\\n --set \"serviceAccount.annotations.azure\\.workload\\.identity/client-id=$AZURE_WORKLOAD_IDENTITY_CLIENT_ID\" \\\n --set \"master.image.repository=graphrag.azurecr.io/$IMAGE_NAME\" \\\n --set \"master.image.tag=$IMAGE_VERSION\" \\\n --set \"ingress.host=$AZURE_APP_HOSTNAME\" \\\n --set \"graphragConfig.APPLICATIONINSIGHTS_CONNECTION_STRING=$APP_INSIGHTS_CONNECTION_STRING\" \\\n --set \"graphragConfig.AI_SEARCH_URL=https://$AI_SEARCH_NAME.search.windows.net\" \\\n --set \"graphragConfig.COSMOS_URI_ENDPOINT=$AZURE_COSMOSDB_ENDPOINT\" \\\n --set \"graphragConfig.GRAPHRAG_API_BASE=$AZURE_OPENAI_ENDPOINT\" \\\n --set \"graphragConfig.GRAPHRAG_API_VERSION=$AZURE_AOAI_LLM_MODEL_API_VERSION\" \\\n --set \"graphragConfig.GRAPHRAG_LLM_MODEL=$AZURE_AOAI_LLM_MODEL\"\\\n --set \"graphragConfig.GRAPHRAG_LLM_DEPLOYMENT_NAME=$AZURE_AOAI_LLM_MODEL_DEPLOYMENT_NAME\" \\\n --set \"graphragConfig.GRAPHRAG_EMBEDDING_MODEL=$AZURE_AOAI_EMBEDDING_MODEL\" \\\n --set \"graphragConfig.GRAPHRAG_EMBEDDING_DEPLOYMENT_NAME=$AZURE_AOAI_EMBEDDING_MODEL_DEPLOYMENT_NAME\" \\\n --set \"graphragConfig.COGNITIVE_SERVICES_AUDIENCE=$COGNITIVE_SERVICES_AUDIENCE\" \\\n --set \"graphragConfig.STORAGE_ACCOUNT_BLOB_URL=$AZURE_STORAGE_ACCOUNT_BLOB_URL\"\n\n \n\n\n\n", + "resourceBaseNameFinal": "[if(not(empty(parameters('resourceBaseName'))), parameters('resourceBaseName'), toLower(uniqueString(format('{0}/resourceGroups/{1}', subscription().id, parameters('resourceGroup')))))]", + "abbrs": "[variables('$fxv#0')]", + "tags": { + "azd-env-name": "[parameters('resourceGroup')]" + }, + "workloadIdentityName": "[format('{0}{1}', variables('abbrs').managedIdentityUserAssignedIdentities, variables('resourceBaseNameFinal'))]", + "aksServiceAccountName": "[format('{0}-workload-sa', parameters('aksNamespace'))]", + "workloadIdentitySubject": "[format('system:serviceaccount:{0}:{1}', parameters('aksNamespace'), variables('aksServiceAccountName'))]", + "dnsDomain": "graphrag.io", + "appHostname": "[format('graphrag.{0}', variables('dnsDomain'))]", + "appUrl": "[format('http://{0}', variables('appHostname'))]", + "roles": { + "acrPull": "[resourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d')]", + "networkContributor": "[resourceId('Microsoft.Authorization/roleDefinitions', '4d97b98b-1d4f-4787-a291-c67834d212e7')]", + "privateDnsZoneContributor": "[resourceId('Microsoft.Authorization/roleDefinitions', 'b12aa53e-6015-4669-85d0-8515ebb3ae7f')]" + } + }, + "resources": [ + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "aks-workload-identity-rbac-assignments", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "principalId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.principalId.value]" + }, + "principalType": { + "value": "ServicePrincipal" + }, + "cosmosDbName": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.name.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "15674161325892705676" + } + }, + "parameters": { + "principalId": { + "type": "string", + "metadata": { + "description": "ID of the service principal to assign the RBAC roles to." + } + }, + "principalType": { + "type": "string", + "allowedValues": [ + "ServicePrincipal", + "User", + "Group", + "Device", + "ForeignGroup" + ], + "metadata": { + "description": "Type of principal to assign the RBAC roles to." + } + }, + "cosmosDbName": { + "type": "string", + "metadata": { + "description": "Name of an existing CosmosDB resource." + } + } + }, + "variables": { + "roleDefinitions": [ + { + "id": "ba92f5b4-2d11-453d-a403-e96b0029c9fe" + }, + { + "id": "b24988ac-6180-42a0-ab88-20f7382dd24c" + }, + { + "id": "8ebe5a00-799e-43f5-93ac-243d3dce84a7" + }, + { + "id": "1407120a-92aa-4202-b7e9-c0e197c71c8f" + }, + { + "id": "a001fd3d-188f-4b5d-821b-7da978bf7442" + }, + { + "id": "3913510d-42f4-4e42-8a64-420c390055eb" + } + ], + "customRoleName": "Custom cosmosDB role for graphrag - adds read/write permissions at the database and container level" + }, + "resources": [ + { + "copy": { + "name": "roleAssignment", + "count": "[length(variables('roleDefinitions'))]" + }, + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(subscription().subscriptionId, resourceGroup().name, parameters('principalId'), parameters('principalType'), variables('roleDefinitions')[copyIndex()].id)]", + "properties": { + "principalId": "[parameters('principalId')]", + "principalType": "[parameters('principalType')]", + "roleDefinitionId": "[resourceId('Microsoft.Authorization/roleDefinitions', variables('roleDefinitions')[copyIndex()].id)]" + } + }, + { + "type": "Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions", + "apiVersion": "2024-12-01-preview", + "name": "[format('{0}/{1}', parameters('cosmosDbName'), guid(subscription().subscriptionId, resourceGroup().name, resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName')), variables('customRoleName')))]", + "properties": { + "roleName": "[variables('customRoleName')]", + "type": "CustomRole", + "assignableScopes": [ + "[resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName'))]" + ], + "permissions": [ + { + "dataActions": [ + "Microsoft.DocumentDB/databaseAccounts/readMetadata", + "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/*", + "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/*", + "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/write" + ] + } + ] + } + }, + { + "type": "Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments", + "apiVersion": "2024-12-01-preview", + "name": "[format('{0}/{1}', parameters('cosmosDbName'), guid(subscription().subscriptionId, resourceGroup().name, resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName')), resourceId('Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions', parameters('cosmosDbName'), guid(subscription().subscriptionId, resourceGroup().name, resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName')), variables('customRoleName'))), parameters('principalId')))]", + "properties": { + "principalId": "[parameters('principalId')]", + "roleDefinitionId": "[resourceId('Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions', parameters('cosmosDbName'), guid(subscription().subscriptionId, resourceGroup().name, resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName')), variables('customRoleName')))]", + "scope": "[resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName'))]" + }, + "dependsOn": [ + "[resourceId('Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions', parameters('cosmosDbName'), guid(subscription().subscriptionId, resourceGroup().name, resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName')), variables('customRoleName')))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "aks-rbac-assignments", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "roleAssignments": { + "value": [ + { + "principalId": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.kubeletPrincipalId.value]", + "principalType": "ServicePrincipal", + "roleDefinitionId": "[variables('roles').acrPull]" + }, + { + "principalId": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.ingressWebAppIdentity.value]", + "principalType": "ServicePrincipal", + "roleDefinitionId": "[variables('roles').privateDnsZoneContributor]" + }, + { + "principalId": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.systemIdentity.value]", + "principalType": "ServicePrincipal", + "roleDefinitionId": "[variables('roles').networkContributor]" + } + ] + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13254511464568135903" + } + }, + "parameters": { + "roleAssignments": { + "type": "array", + "defaultValue": [], + "metadata": { + "description": "Array of objects with fields principalId, principalType, roleDefinitionId" + } + } + }, + "resources": [ + { + "copy": { + "name": "roleAssignment", + "count": "[length(parameters('roleAssignments'))]" + }, + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(subscription().subscriptionId, resourceGroup().name, parameters('roleAssignments')[copyIndex()].principalId, parameters('roleAssignments')[copyIndex()].principalType, parameters('roleAssignments')[copyIndex()].roleDefinitionId)]", + "properties": "[parameters('roleAssignments')[copyIndex()]]" + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'aks-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "log-analytics-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "name": { + "value": "[format('{0}{1}', variables('abbrs').operationalInsightsWorkspaces, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "publicNetworkAccessForIngestion": "[if(parameters('enablePrivateEndpoints'), createObject('value', 'Disabled'), createObject('value', 'Enabled'))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "11258206015777241921" + } + }, + "parameters": { + "name": { + "type": "string", + "metadata": { + "description": "The name of the Log Analytics resource." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the Log Analytics resource." + } + }, + "publicNetworkAccessForIngestion": { + "type": "string", + "defaultValue": "Disabled", + "metadata": { + "description": "The public network access for ingestion." + } + } + }, + "resources": [ + { + "type": "Microsoft.OperationalInsights/workspaces", + "apiVersion": "2022-10-01", + "name": "[parameters('name')]", + "location": "[parameters('location')]", + "properties": { + "retentionInDays": 30, + "publicNetworkAccessForIngestion": "[parameters('publicNetworkAccessForIngestion')]", + "publicNetworkAccessForQuery": "Enabled", + "features": { + "immediatePurgeDataOn30Days": true + } + } + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('name')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.OperationalInsights/workspaces', parameters('name'))]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "nsg-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "nsgName": { + "value": "[format('{0}{1}', variables('abbrs').networkNetworkSecurityGroups, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "16619124547797522615" + } + }, + "parameters": { + "nsgName": { + "type": "string", + "defaultValue": "[format('apim-nsg-{0}', uniqueString(resourceGroup().id))]", + "metadata": { + "description": "Name of the NSG for the API Management service." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region where the resources will be deployed" + } + } + }, + "resources": [ + { + "type": "Microsoft.Network/networkSecurityGroups", + "apiVersion": "2024-01-01", + "name": "[parameters('nsgName')]", + "location": "[parameters('location')]", + "properties": { + "securityRules": [ + { + "name": "Client_communication_to_API_Management", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "80", + "sourceAddressPrefix": "Internet", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 100, + "direction": "Inbound" + } + }, + { + "name": "Secure_Client_communication_to_API_Management", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "Internet", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 110, + "direction": "Inbound" + } + }, + { + "name": "Management_endpoint_for_Azure_portal_and_Powershell", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "3443", + "sourceAddressPrefix": "ApiManagement", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 120, + "direction": "Inbound" + } + }, + { + "name": "Dependency_on_Redis_Cache", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "6381-6383", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 130, + "direction": "Inbound" + } + }, + { + "name": "Dependency_to_sync_Rate_Limit_Inbound", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "4290", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 135, + "direction": "Inbound" + } + }, + { + "name": "Dependency_on_Azure_SQL", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "1433", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "Sql", + "access": "Allow", + "priority": 140, + "direction": "Outbound" + } + }, + { + "name": "Dependency_for_Log_to_event_Hub_policy", + "properties": { + "protocol": "*", + "sourcePortRange": "*", + "destinationPortRange": "5671", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "EventHub", + "access": "Allow", + "priority": 150, + "direction": "Outbound" + } + }, + { + "name": "Dependency_on_Redis_Cache_outbound", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "6381-6383", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 160, + "direction": "Outbound" + } + }, + { + "name": "Depenedency_To_sync_RateLimit_Outbound", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "4290", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 165, + "direction": "Outbound" + } + }, + { + "name": "Dependency_on_Azure_File_Share_for_GIT", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "445", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "Storage", + "access": "Allow", + "priority": 170, + "direction": "Outbound" + } + }, + { + "name": "Azure_Infrastructure_Load_Balancer", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "6390", + "sourceAddressPrefix": "AzureLoadBalancer", + "destinationAddressPrefix": "VirtualNetwork", + "access": "Allow", + "priority": 180, + "direction": "Inbound" + } + }, + { + "name": "Publish_DiagnosticLogs_And_Metrics", + "properties": { + "description": "API Management logs and metrics for consumption by admins and your IT team are all part of the management plane", + "protocol": "Tcp", + "sourcePortRange": "*", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "AzureMonitor", + "access": "Allow", + "priority": 185, + "direction": "Outbound", + "destinationPortRanges": [ + "443", + "12000", + "1886" + ] + } + }, + { + "name": "Connect_To_SMTP_Relay_For_SendingEmails", + "properties": { + "description": "APIM features the ability to generate email traffic as part of the data plane and the management plane", + "protocol": "Tcp", + "sourcePortRange": "*", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "Internet", + "access": "Allow", + "priority": 190, + "direction": "Outbound", + "destinationPortRanges": [ + "25", + "587", + "25028" + ] + } + }, + { + "name": "Authenticate_To_Azure_Active_Directory", + "properties": { + "description": "Connect to Azure Active Directory for developer Portal authentication or for OAuth 2 flow during any proxy authentication", + "protocol": "Tcp", + "sourcePortRange": "*", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "AzureActiveDirectory", + "access": "Allow", + "priority": 200, + "direction": "Outbound", + "destinationPortRanges": [ + "80", + "443" + ] + } + }, + { + "name": "Dependency_on_Azure_Storage", + "properties": { + "description": "API Management service dependency on Azure blob and Azure table storage", + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "Storage", + "access": "Allow", + "priority": 100, + "direction": "Outbound" + } + }, + { + "name": "Publish_Monitoring_Logs", + "properties": { + "protocol": "Tcp", + "sourcePortRange": "*", + "destinationPortRange": "443", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "AzureCloud", + "access": "Allow", + "priority": 300, + "direction": "Outbound" + } + }, + { + "name": "Deny_All_Internet_Outbound", + "properties": { + "protocol": "*", + "sourcePortRange": "*", + "destinationPortRange": "*", + "sourceAddressPrefix": "VirtualNetwork", + "destinationAddressPrefix": "Internet", + "access": "Deny", + "priority": 999, + "direction": "Outbound" + } + } + ] + } + } + ], + "outputs": { + "id": { + "type": "string", + "value": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('nsgName'))]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "vnet-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "vnetName": { + "value": "[format('{0}{1}', variables('abbrs').networkVirtualNetworks, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "subnetPrefix": { + "value": "[variables('abbrs').networkVirtualNetworksSubnets]" + }, + "apimTier": { + "value": "[parameters('apimTier')]" + }, + "nsgID": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'nsg-deployment'), '2022-09-01').outputs.id.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "9158217012658604749" + } + }, + "parameters": { + "vnetName": { + "type": "string", + "metadata": { + "description": "Name of the vnet resource." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region where the resource will be deployed." + } + }, + "subnetPrefix": { + "type": "string", + "defaultValue": "snet-", + "metadata": { + "description": "Optional prefix to prepend to subnet names." + } + }, + "apimTier": { + "type": "string", + "allowedValues": [ + "Developer", + "StandardV2" + ], + "metadata": { + "description": "APIM tier - used to determine if subnet delegations are required." + } + }, + "nsgID": { + "type": "string", + "metadata": { + "description": "NSG resource ID." + } + } + }, + "resources": [ + { + "type": "Microsoft.Network/virtualNetworks", + "apiVersion": "2024-01-01", + "name": "[parameters('vnetName')]", + "location": "[parameters('location')]", + "properties": { + "addressSpace": { + "addressPrefixes": [ + "10.1.0.0/16" + ] + }, + "subnets": [ + { + "name": "[format('{0}apim', parameters('subnetPrefix'))]", + "properties": { + "addressPrefix": "10.1.0.0/24", + "networkSecurityGroup": { + "id": "[parameters('nsgID')]" + }, + "delegations": "[if(equals(parameters('apimTier'), 'Developer'), createArray(), createArray(createObject('name', 'Microsoft.Web/serverFarms', 'properties', createObject('serviceName', 'Microsoft.Web/serverFarms'))))]" + } + }, + { + "name": "[format('{0}aks', parameters('subnetPrefix'))]", + "properties": { + "addressPrefix": "10.1.1.0/24", + "serviceEndpoints": [ + { + "service": "Microsoft.Storage" + }, + { + "service": "Microsoft.Sql" + }, + { + "service": "Microsoft.EventHub" + } + ] + } + } + ] + } + } + ], + "outputs": { + "vnetId": { + "type": "string", + "value": "[resourceId('Microsoft.Network/virtualNetworks', parameters('vnetName'))]" + }, + "vnetName": { + "type": "string", + "value": "[parameters('vnetName')]" + }, + "apimSubnetId": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('vnetName')), '2024-01-01').subnets[0].id]" + }, + "aksSubnetId": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('vnetName')), '2024-01-01').subnets[1].id]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'nsg-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "aoai-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "openAiName": { + "value": "[format('{0}{1}', variables('abbrs').cognitiveServicesAccounts, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "llmModelName": { + "value": "[parameters('llmModelName')]" + }, + "llmModelVersion": { + "value": "[parameters('llmModelVersion')]" + }, + "llmTpmQuota": { + "value": "[parameters('llmModelQuota')]" + }, + "embeddingModelName": { + "value": "[parameters('embeddingModelName')]" + }, + "embeddingModelVersion": { + "value": "[parameters('embeddingModelVersion')]" + }, + "embeddingTpmQuota": { + "value": "[parameters('embeddingModelQuota')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "15475380690582621771" + } + }, + "parameters": { + "openAiName": { + "type": "string", + "defaultValue": "[format('openai{0}', uniqueString(resourceGroup().id))]", + "metadata": { + "description": "Name of the Azure OpenAI instance" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Location for the Azure OpenAI instance" + } + }, + "llmModelName": { + "type": "string", + "defaultValue": "gpt-4o", + "metadata": { + "description": "LLM model name" + } + }, + "llmModelVersion": { + "type": "string", + "metadata": { + "description": "LLM Model API version" + } + }, + "embeddingModelName": { + "type": "string", + "defaultValue": "text-embedding-ada-002", + "metadata": { + "description": "Embedding model name" + } + }, + "embeddingModelVersion": { + "type": "string", + "metadata": { + "description": "Embedding Model API version" + } + }, + "llmTpmQuota": { + "type": "int", + "defaultValue": 1, + "metadata": { + "description": "TPM quota for llm model deployment (x1000)" + } + }, + "embeddingTpmQuota": { + "type": "int", + "defaultValue": 1, + "metadata": { + "description": "TPM quota for embedding model deployment (x1000)" + } + } + }, + "resources": [ + { + "type": "Microsoft.CognitiveServices/accounts", + "apiVersion": "2024-10-01", + "name": "[parameters('openAiName')]", + "location": "[parameters('location')]", + "sku": { + "name": "S0" + }, + "kind": "OpenAI", + "properties": { + "publicNetworkAccess": "Enabled", + "disableLocalAuth": true + } + }, + { + "type": "Microsoft.CognitiveServices/accounts/deployments", + "apiVersion": "2024-10-01", + "name": "[format('{0}/{1}', parameters('openAiName'), parameters('llmModelName'))]", + "sku": { + "name": "GlobalStandard", + "capacity": "[parameters('llmTpmQuota')]" + }, + "properties": { + "model": { + "format": "OpenAI", + "name": "[parameters('llmModelName')]", + "version": "[parameters('llmModelVersion')]" + }, + "currentCapacity": "[parameters('llmTpmQuota')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.CognitiveServices/accounts', parameters('openAiName'))]" + ] + }, + { + "type": "Microsoft.CognitiveServices/accounts/deployments", + "apiVersion": "2024-10-01", + "name": "[format('{0}/{1}', parameters('openAiName'), parameters('embeddingModelName'))]", + "sku": { + "name": "Standard", + "capacity": "[parameters('embeddingTpmQuota')]" + }, + "properties": { + "model": { + "format": "OpenAI", + "name": "[parameters('embeddingModelName')]", + "version": "[parameters('embeddingModelVersion')]" + }, + "currentCapacity": "[parameters('embeddingTpmQuota')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.CognitiveServices/accounts', parameters('openAiName'))]", + "[resourceId('Microsoft.CognitiveServices/accounts/deployments', parameters('openAiName'), parameters('llmModelName'))]" + ] + } + ], + "outputs": { + "openAiEndpoint": { + "type": "string", + "value": "[reference(resourceId('Microsoft.CognitiveServices/accounts', parameters('openAiName')), '2024-10-01').endpoint]" + }, + "llmModel": { + "type": "string", + "value": "[reference(resourceId('Microsoft.CognitiveServices/accounts/deployments', parameters('openAiName'), parameters('llmModelName')), '2024-10-01').model.name]" + }, + "llmModelDeploymentName": { + "type": "string", + "value": "[parameters('llmModelName')]" + }, + "llmModelApiVersion": { + "type": "string", + "value": "2024-10-01" + }, + "textEmbeddingModel": { + "type": "string", + "value": "[reference(resourceId('Microsoft.CognitiveServices/accounts/deployments', parameters('openAiName'), parameters('embeddingModelName')), '2024-10-01').model.name]" + }, + "textEmbeddingModelDeploymentName": { + "type": "string", + "value": "[parameters('embeddingModelName')]" + }, + "textEmbeddingModelApiVersion": { + "type": "string", + "value": "2024-10-01" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "acr-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "registryName": "[if(not(empty(parameters('acrName'))), createObject('value', parameters('acrName')), createObject('value', format('{0}{1}', variables('abbrs').containerRegistryRegistries, variables('resourceBaseNameFinal'))))]", + "location": { + "value": "[parameters('location')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "3579514199569414551" + } + }, + "parameters": { + "registryName": { + "type": "string", + "metadata": { + "description": "The name of the Container Registry resource. Will be automatically generated if not provided." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the Container Registry resource." + } + } + }, + "resources": [ + { + "type": "Microsoft.ContainerRegistry/registries", + "apiVersion": "2023-11-01-preview", + "name": "[parameters('registryName')]", + "location": "[parameters('location')]", + "sku": { + "name": "Standard" + }, + "properties": { + "adminUserEnabled": false, + "encryption": { + "status": "disabled" + }, + "dataEndpointEnabled": false, + "publicNetworkAccess": "Enabled", + "networkRuleBypassOptions": "AzureServices", + "zoneRedundancy": "Disabled", + "anonymousPullEnabled": false, + "metadataSearch": "Disabled" + } + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('registryName')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registryName'))]" + }, + "loginServer": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerRegistry/registries', parameters('registryName')), '2023-11-01-preview').loginServer]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "aks-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "clusterName": { + "value": "[format('{0}{1}', variables('abbrs').containerServiceManagedClusters, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "graphragVMSize": { + "value": "standard_d8s_v5" + }, + "graphragIndexingVMSize": { + "value": "standard_e8s_v5" + }, + "clusterAdmins": { + "value": null + }, + "logAnalyticsWorkspaceId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'log-analytics-deployment'), '2022-09-01').outputs.id.value]" + }, + "subnetId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.aksSubnetId.value]" + }, + "privateDnsZoneName": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'private-dns-zone-deployment'), '2022-09-01').outputs.name.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "4262586997141187053" + } + }, + "parameters": { + "clusterName": { + "type": "string", + "metadata": { + "description": "The name of the Managed Cluster resource." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the Managed Cluster resource." + } + }, + "logAnalyticsWorkspaceId": { + "type": "string", + "metadata": { + "description": "The workspace id of the Log Analytics resource." + } + }, + "autoUpgradeProfile": { + "type": "object", + "defaultValue": { + "nodeOsUpgradeChannel": "NodeImage", + "upgradeChannel": "stable" + }, + "metadata": { + "description": "The auto-upgrade profile." + } + }, + "dnsPrefix": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Optional DNS prefix to use with hosted Kubernetes API server FQDN." + } + }, + "systemOsDiskSizeGB": { + "type": "int", + "defaultValue": 128, + "minValue": 0, + "maxValue": 1023, + "metadata": { + "description": "Disk size (in GB) to provision for each of the agent pool nodes. This value ranges from 0 to 1023. Specifying 0 will apply the default disk size for that agentVMSize." + } + }, + "systemNodeCount": { + "type": "int", + "defaultValue": 1, + "minValue": 1, + "maxValue": 20, + "metadata": { + "description": "The number of nodes for the system node pool." + } + }, + "systemVMSize": { + "type": "string", + "defaultValue": "standard_d4s_v5", + "metadata": { + "description": "The size of the system Virtual Machine." + } + }, + "graphragNodeCount": { + "type": "int", + "defaultValue": 1, + "minValue": 1, + "maxValue": 50, + "metadata": { + "description": "The number of nodes for the graphrag node pool." + } + }, + "graphragVMSize": { + "type": "string", + "defaultValue": "standard_d8s_v5", + "metadata": { + "description": "The VM size of nodes running the GraphRAG API." + } + }, + "graphragIndexingVMSize": { + "type": "string", + "defaultValue": "standard_e8s_v5", + "metadata": { + "description": "The VM size of nodes running GraphRAG indexing jobs." + } + }, + "enableEncryptionAtHost": { + "type": "bool", + "defaultValue": false, + "metadata": { + "description": "Enable encryption at host" + } + }, + "subnetId": { + "type": "string" + }, + "privateDnsZoneName": { + "type": "string" + }, + "clusterAdmins": { + "type": "array", + "defaultValue": [], + "metadata": { + "description": "Array of object ids that will have admin role of the cluster" + } + } + }, + "resources": [ + { + "type": "Microsoft.ContainerService/managedClusters/agentPools", + "apiVersion": "2024-02-01", + "name": "[format('{0}/{1}', parameters('clusterName'), 'graphrag')]", + "properties": { + "enableAutoScaling": true, + "upgradeSettings": { + "maxSurge": "50%" + }, + "minCount": 1, + "maxCount": 10, + "osDiskSizeGB": "[parameters('systemOsDiskSizeGB')]", + "count": "[parameters('graphragNodeCount')]", + "vmSize": "[parameters('graphragVMSize')]", + "osType": "Linux", + "mode": "User", + "enableEncryptionAtHost": "[parameters('enableEncryptionAtHost')]", + "vnetSubnetID": "[parameters('subnetId')]", + "nodeLabels": { + "workload": "graphrag" + }, + "tags": { + "workload": "graphrag" + }, + "type": "VirtualMachineScaleSets" + }, + "dependsOn": [ + "[resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName'))]" + ] + }, + { + "type": "Microsoft.ContainerService/managedClusters/agentPools", + "apiVersion": "2024-02-01", + "name": "[format('{0}/{1}', parameters('clusterName'), 'indexing')]", + "properties": { + "enableAutoScaling": true, + "upgradeSettings": { + "maxSurge": "50%" + }, + "minCount": 0, + "maxCount": 10, + "osDiskSizeGB": "[parameters('systemOsDiskSizeGB')]", + "count": 0, + "vmSize": "[parameters('graphragIndexingVMSize')]", + "osType": "Linux", + "mode": "User", + "enableEncryptionAtHost": "[parameters('enableEncryptionAtHost')]", + "vnetSubnetID": "[parameters('subnetId')]", + "nodeLabels": { + "workload": "graphrag-indexing" + }, + "tags": { + "workload": "graphrag" + }, + "type": "VirtualMachineScaleSets" + }, + "dependsOn": [ + "[resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName'))]" + ] + }, + { + "type": "Microsoft.ContainerService/managedClusters", + "apiVersion": "2024-09-02-preview", + "name": "[parameters('clusterName')]", + "location": "[parameters('location')]", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "enableRBAC": true, + "disableLocalAccounts": false, + "dnsPrefix": "[if(not(empty(parameters('dnsPrefix'))), parameters('dnsPrefix'), toLower(parameters('clusterName')))]", + "aadProfile": { + "managed": true, + "enableAzureRBAC": true, + "adminGroupObjectIDs": "[parameters('clusterAdmins')]" + }, + "addonProfiles": { + "omsagent": { + "enabled": true, + "config": { + "logAnalyticsWorkspaceResourceID": "[parameters('logAnalyticsWorkspaceId')]" + } + } + }, + "agentPoolProfiles": [ + { + "name": "agentpool", + "enableAutoScaling": true, + "upgradeSettings": { + "maxSurge": "50%" + }, + "minCount": 1, + "maxCount": 10, + "osDiskSizeGB": "[parameters('systemOsDiskSizeGB')]", + "count": "[parameters('systemNodeCount')]", + "vmSize": "[parameters('systemVMSize')]", + "osType": "Linux", + "mode": "System", + "enableEncryptionAtHost": "[parameters('enableEncryptionAtHost')]", + "vnetSubnetID": "[parameters('subnetId')]", + "type": "VirtualMachineScaleSets" + } + ], + "autoScalerProfile": { + "expander": "least-waste" + }, + "ingressProfile": { + "webAppRouting": { + "enabled": true, + "dnsZoneResourceIds": [ + "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZoneName'))]" + ] + } + }, + "networkProfile": { + "serviceCidr": "10.3.0.0/16", + "dnsServiceIP": "10.3.0.10", + "podCidr": "10.244.0.0/16" + }, + "autoUpgradeProfile": "[parameters('autoUpgradeProfile')]", + "oidcIssuerProfile": { + "enabled": true + }, + "securityProfile": { + "workloadIdentity": { + "enabled": true + } + } + } + }, + { + "type": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", + "apiVersion": "2024-09-02-preview", + "name": "[format('{0}/{1}', parameters('clusterName'), 'aksManagedAutoUpgradeSchedule')]", + "properties": { + "maintenanceWindow": { + "schedule": { + "weekly": { + "intervalWeeks": 1, + "dayOfWeek": "Monday" + } + }, + "durationHours": 4, + "startDate": "2024-06-11", + "startTime": "12:00" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName'))]" + ] + }, + { + "type": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", + "apiVersion": "2024-09-02-preview", + "name": "[format('{0}/{1}', parameters('clusterName'), 'aksManagedNodeOSUpgradeSchedule')]", + "properties": { + "maintenanceWindow": { + "schedule": { + "weekly": { + "intervalWeeks": 1, + "dayOfWeek": "Saturday" + } + }, + "durationHours": 4, + "startDate": "2024-06-11", + "startTime": "12:00" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName'))]" + ] + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('clusterName')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName'))]" + }, + "managedResourceGroup": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName')), '2024-09-02-preview').nodeResourceGroup]" + }, + "controlPlaneFqdn": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName')), '2024-09-02-preview').fqdn]" + }, + "kubeletPrincipalId": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName')), '2024-09-02-preview').identityProfile.kubeletidentity.objectId]" + }, + "ingressWebAppIdentity": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName')), '2024-09-02-preview').ingressProfile.webAppRouting.identity.objectId]" + }, + "systemIdentity": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName')), '2024-09-02-preview', 'full').identity.principalId]" + }, + "issuer": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', parameters('clusterName')), '2024-09-02-preview').oidcIssuerProfile.issuerURL]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'log-analytics-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'private-dns-zone-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "cosmosdb-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "cosmosDbName": "[if(not(empty(parameters('cosmosDbName'))), createObject('value', parameters('cosmosDbName')), createObject('value', format('{0}{1}', variables('abbrs').documentDBDatabaseAccounts, variables('resourceBaseNameFinal'))))]", + "location": { + "value": "[parameters('location')]" + }, + "publicNetworkAccess": "[if(parameters('enablePrivateEndpoints'), createObject('value', 'Disabled'), createObject('value', 'Enabled'))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "4114639481216656536" + } + }, + "parameters": { + "cosmosDbName": { + "type": "string", + "metadata": { + "description": "The name of the CosmosDB resource." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the CosmosDB resource." + } + }, + "publicNetworkAccess": { + "type": "string", + "defaultValue": "Disabled", + "allowedValues": [ + "Enabled", + "Disabled" + ] + } + }, + "resources": [ + { + "type": "Microsoft.DocumentDB/databaseAccounts", + "apiVersion": "2024-11-15", + "name": "[parameters('cosmosDbName')]", + "location": "[parameters('location')]", + "tags": { + "defaultExperience": "Core (SQL)", + "hidden-cosmos-mmspecial": "" + }, + "kind": "GlobalDocumentDB", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "publicNetworkAccess": "[parameters('publicNetworkAccess')]", + "enableAutomaticFailover": false, + "enableMultipleWriteLocations": false, + "isVirtualNetworkFilterEnabled": false, + "virtualNetworkRules": [], + "disableKeyBasedMetadataWriteAccess": false, + "enableFreeTier": false, + "enableAnalyticalStorage": false, + "analyticalStorageConfiguration": { + "schemaType": "WellDefined" + }, + "databaseAccountOfferType": "Standard", + "defaultIdentity": "FirstPartyIdentity", + "networkAclBypass": "None", + "disableLocalAuth": true, + "enablePartitionMerge": false, + "minimalTlsVersion": "Tls12", + "consistencyPolicy": { + "defaultConsistencyLevel": "Session", + "maxIntervalInSeconds": 5, + "maxStalenessPrefix": 100 + }, + "locations": [ + { + "locationName": "[parameters('location')]", + "failoverPriority": 0, + "isZoneRedundant": false + } + ], + "cors": [], + "capabilities": [], + "ipRules": [], + "backupPolicy": { + "type": "Periodic", + "periodicModeProperties": { + "backupIntervalInMinutes": 240, + "backupRetentionIntervalInHours": 8, + "backupStorageRedundancy": "Geo" + } + }, + "networkAclBypassResourceIds": [], + "capacity": { + "totalThroughputLimit": 4000 + } + } + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('cosmosDbName')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName'))]" + }, + "endpoint": { + "type": "string", + "value": "[reference(resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('cosmosDbName')), '2024-11-15').documentEndpoint]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "aisearch-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "name": "[if(not(empty(parameters('aiSearchName'))), createObject('value', parameters('aiSearchName')), createObject('value', format('{0}{1}', variables('abbrs').searchSearchServices, variables('resourceBaseNameFinal'))))]", + "location": { + "value": "[parameters('location')]" + }, + "publicNetworkAccess": "[if(parameters('enablePrivateEndpoints'), createObject('value', 'disabled'), createObject('value', 'enabled'))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "4148789917591925909" + } + }, + "parameters": { + "name": { + "type": "string", + "metadata": { + "description": "The name of the AI Search instance." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the Managed Cluster resource." + } + }, + "publicNetworkAccess": { + "type": "string", + "defaultValue": "enabled", + "allowedValues": [ + "enabled", + "disabled" + ] + } + }, + "resources": [ + { + "type": "Microsoft.Search/searchServices", + "apiVersion": "2024-03-01-preview", + "name": "[parameters('name')]", + "location": "[parameters('location')]", + "sku": { + "name": "standard" + }, + "properties": { + "disableLocalAuth": true, + "replicaCount": 1, + "partitionCount": 1, + "publicNetworkAccess": "[parameters('publicNetworkAccess')]", + "semanticSearch": "disabled" + } + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('name')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.Search/searchServices', parameters('name'))]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "storage-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "name": "[if(not(empty(parameters('storageAccountName'))), createObject('value', parameters('storageAccountName')), createObject('value', format('{0}{1}', variables('abbrs').storageStorageAccounts, replace(variables('resourceBaseNameFinal'), '-', ''))))]", + "location": { + "value": "[parameters('location')]" + }, + "publicNetworkAccess": "[if(parameters('enablePrivateEndpoints'), createObject('value', 'Disabled'), createObject('value', 'Enabled'))]", + "tags": { + "value": "[variables('tags')]" + }, + "deleteRetentionPolicy": { + "value": { + "enabled": true, + "days": 5 + } + }, + "defaultToOAuthAuthentication": { + "value": true + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "5352518107419090409" + } + }, + "parameters": { + "name": { + "type": "string", + "metadata": { + "description": "The name of the Storage Account resource." + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the Storage Account resource." + } + }, + "accessTier": { + "type": "string", + "defaultValue": "Hot", + "allowedValues": [ + "Hot", + "Cool", + "Premium" + ] + }, + "dnsEndpointType": { + "type": "string", + "defaultValue": "Standard", + "allowedValues": [ + "AzureDnsZone", + "Standard" + ] + }, + "publicNetworkAccess": { + "type": "string", + "defaultValue": "Disabled", + "allowedValues": [ + "Enabled", + "Disabled" + ] + }, + "tags": { + "type": "object", + "defaultValue": {} + }, + "allowBlobPublicAccess": { + "type": "bool", + "defaultValue": false + }, + "allowCrossTenantReplication": { + "type": "bool", + "defaultValue": true + }, + "allowSharedKeyAccess": { + "type": "bool", + "defaultValue": false + }, + "defaultToOAuthAuthentication": { + "type": "bool", + "defaultValue": false + }, + "deleteRetentionPolicy": { + "type": "object", + "defaultValue": {} + }, + "kind": { + "type": "string", + "defaultValue": "StorageV2" + }, + "minimumTlsVersion": { + "type": "string", + "defaultValue": "TLS1_2" + }, + "containers": { + "type": "array", + "defaultValue": [] + } + }, + "resources": [ + { + "copy": { + "name": "storage::blobServices::container", + "count": "[length(parameters('containers'))]" + }, + "condition": "[not(empty(parameters('containers')))]", + "type": "Microsoft.Storage/storageAccounts/blobServices/containers", + "apiVersion": "2023-01-01", + "name": "[format('{0}/{1}/{2}', parameters('name'), 'default', parameters('containers')[copyIndex()].name)]", + "properties": { + "publicAccess": "[coalesce(tryGet(parameters('containers')[copyIndex()], 'publicAccess'), 'None')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts/blobServices', parameters('name'), 'default')]" + ] + }, + { + "condition": "[not(empty(parameters('containers')))]", + "type": "Microsoft.Storage/storageAccounts/blobServices", + "apiVersion": "2023-01-01", + "name": "[format('{0}/{1}', parameters('name'), 'default')]", + "properties": { + "deleteRetentionPolicy": "[parameters('deleteRetentionPolicy')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', parameters('name'))]" + ] + }, + { + "type": "Microsoft.Storage/storageAccounts", + "apiVersion": "2023-01-01", + "name": "[parameters('name')]", + "location": "[parameters('location')]", + "tags": "[parameters('tags')]", + "kind": "[parameters('kind')]", + "sku": { + "name": "Standard_LRS" + }, + "properties": { + "accessTier": "[parameters('accessTier')]", + "allowBlobPublicAccess": "[parameters('allowBlobPublicAccess')]", + "allowCrossTenantReplication": "[parameters('allowCrossTenantReplication')]", + "allowSharedKeyAccess": "[parameters('allowSharedKeyAccess')]", + "defaultToOAuthAuthentication": "[parameters('defaultToOAuthAuthentication')]", + "dnsEndpointType": "[parameters('dnsEndpointType')]", + "isHnsEnabled": true, + "minimumTlsVersion": "[parameters('minimumTlsVersion')]", + "networkAcls": { + "bypass": "AzureServices", + "defaultAction": "Allow" + }, + "publicNetworkAccess": "[parameters('publicNetworkAccess')]" + } + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('name')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.Storage/storageAccounts', parameters('name'))]" + }, + "primaryEndpoints": { + "type": "object", + "value": "[reference(resourceId('Microsoft.Storage/storageAccounts', parameters('name')), '2023-01-01').primaryEndpoints]" + } + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "app-insights-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "appInsightsName": { + "value": "[format('{0}{1}', variables('abbrs').insightsComponents, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "appInsightsPublicNetworkAccessForIngestion": "[if(parameters('enablePrivateEndpoints'), createObject('value', 'Disabled'), createObject('value', 'Enabled'))]", + "logAnalyticsWorkspaceId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'log-analytics-deployment'), '2022-09-01').outputs.id.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "11002141915701219380" + } + }, + "parameters": { + "appInsightsName": { + "type": "string", + "defaultValue": "appi", + "metadata": { + "description": "Application Insights resource name" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region where the resources will be deployed" + } + }, + "appInsightsPublicNetworkAccessForIngestion": { + "type": "string", + "defaultValue": "Disabled", + "metadata": { + "description": "Application Insights public network access for ingestion" + } + }, + "logAnalyticsWorkspaceId": { + "type": "string", + "metadata": { + "description": "Workspace id of a Log Analytics resource." + } + } + }, + "resources": [ + { + "type": "Microsoft.Insights/components", + "apiVersion": "2020-02-02", + "name": "[parameters('appInsightsName')]", + "location": "[parameters('location')]", + "kind": "web", + "properties": { + "Application_Type": "web", + "WorkspaceResourceId": "[parameters('logAnalyticsWorkspaceId')]", + "publicNetworkAccessForIngestion": "[parameters('appInsightsPublicNetworkAccessForIngestion')]", + "publicNetworkAccessForQuery": "Enabled" + } + } + ], + "outputs": { + "id": { + "type": "string", + "value": "[resourceId('Microsoft.Insights/components', parameters('appInsightsName'))]" + }, + "connectionString": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Insights/components', parameters('appInsightsName')), '2020-02-02').ConnectionString]" + }, + "instrumentationKey": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Insights/components', parameters('appInsightsName')), '2020-02-02').InstrumentationKey]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'log-analytics-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "apim-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "apiManagementName": "[if(not(empty(parameters('apimName'))), createObject('value', parameters('apimName')), createObject('value', format('{0}{1}', variables('abbrs').apiManagementService, variables('resourceBaseNameFinal'))))]", + "restoreAPIM": { + "value": "[parameters('restoreAPIM')]" + }, + "appInsightsId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'app-insights-deployment'), '2022-09-01').outputs.id.value]" + }, + "appInsightsInstrumentationKey": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'app-insights-deployment'), '2022-09-01').outputs.instrumentationKey.value]" + }, + "publicIpName": { + "value": "[format('{0}{1}', variables('abbrs').networkPublicIPAddresses, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "sku": { + "value": "[parameters('apimTier')]" + }, + "skuCount": { + "value": 1 + }, + "availabilityZones": { + "value": [] + }, + "publisherEmail": { + "value": "[parameters('apiPublisherEmail')]" + }, + "publisherName": { + "value": "[parameters('apiPublisherName')]" + }, + "subnetId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.apimSubnetId.value]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "14843923724157327855" + } + }, + "parameters": { + "apiManagementName": { + "type": "string", + "defaultValue": "[format('apiservice{0}', uniqueString(resourceGroup().id))]", + "metadata": { + "description": "The name of the API Management service instance" + } + }, + "publisherEmail": { + "type": "string", + "minLength": 1, + "metadata": { + "description": "The email address of the owner of the service" + } + }, + "publisherName": { + "type": "string", + "minLength": 1, + "metadata": { + "description": "The name of the owner of the service" + } + }, + "sku": { + "type": "string", + "defaultValue": "Developer", + "allowedValues": [ + "Developer", + "StandardV2" + ], + "metadata": { + "description": "The pricing tier of this API Management service" + } + }, + "skuCount": { + "type": "int", + "defaultValue": 1, + "metadata": { + "description": "The instance size of this API Management service. This should be a multiple of the number of availability zones getting deployed." + } + }, + "appInsightsId": { + "type": "string", + "metadata": { + "description": "Application Insights resource ID" + } + }, + "appInsightsInstrumentationKey": { + "type": "string", + "metadata": { + "description": "Application Insights instrumentation key" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "Azure region where the resources will be deployed" + } + }, + "availabilityZones": { + "type": "array", + "defaultValue": [ + "1", + "2" + ], + "metadata": { + "description": "Numbers for availability zones, for example, 1,2,3." + } + }, + "publicIpName": { + "type": "string", + "defaultValue": "apimPublicIP", + "metadata": { + "description": "Name for the public IP address used to access the API Management service." + } + }, + "publicIpSku": { + "type": "string", + "defaultValue": "Standard", + "allowedValues": [ + "Standard" + ], + "metadata": { + "description": "SKU for the public IP address used to access the API Management service." + } + }, + "publicIPAllocationMethod": { + "type": "string", + "defaultValue": "Static", + "allowedValues": [ + "Static" + ], + "metadata": { + "description": "Allocation method for the public IP address used to access the API Management service. Standard SKU public IP requires `Static` allocation." + } + }, + "dnsLabelPrefix": { + "type": "string", + "defaultValue": "[toLower(format('{0}-{1}', parameters('publicIpName'), uniqueString(resourceGroup().id)))]", + "metadata": { + "description": "Unique DNS name for the public IP address used to access the API management service." + } + }, + "restoreAPIM": { + "type": "bool", + "defaultValue": false + }, + "subnetId": { + "type": "string" + } + }, + "resources": [ + { + "type": "Microsoft.Network/publicIPAddresses", + "apiVersion": "2024-01-01", + "name": "[parameters('publicIpName')]", + "location": "[parameters('location')]", + "sku": { + "name": "[parameters('publicIpSku')]" + }, + "properties": { + "publicIPAllocationMethod": "[parameters('publicIPAllocationMethod')]", + "publicIPAddressVersion": "IPv4", + "dnsSettings": { + "domainNameLabel": "[parameters('dnsLabelPrefix')]" + } + } + }, + { + "type": "Microsoft.ApiManagement/service", + "apiVersion": "2023-09-01-preview", + "name": "[parameters('apiManagementName')]", + "location": "[parameters('location')]", + "sku": { + "name": "[parameters('sku')]", + "capacity": "[parameters('skuCount')]" + }, + "zones": "[if(equals(length(parameters('availabilityZones')), 0), null(), parameters('availabilityZones'))]", + "properties": { + "restore": "[parameters('restoreAPIM')]", + "publisherEmail": "[parameters('publisherEmail')]", + "publisherName": "[parameters('publisherName')]", + "virtualNetworkType": "External", + "publicIpAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))]", + "virtualNetworkConfiguration": { + "subnetResourceId": "[parameters('subnetId')]" + }, + "customProperties": { + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_GCM_SHA256": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA256": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA256": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_256_CBC_SHA": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TLS_RSA_WITH_AES_128_CBC_SHA": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Ciphers.TripleDes168": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls10": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Tls11": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Protocols.Ssl30": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls10": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Tls11": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Security.Backend.Protocols.Ssl30": "false", + "Microsoft.WindowsAzure.ApiManagement.Gateway.Protocols.Server.Http2": "false" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIpName'))]" + ] + }, + { + "type": "Microsoft.ApiManagement/service/loggers", + "apiVersion": "2024-06-01-preview", + "name": "[format('{0}/{1}', parameters('apiManagementName'), 'apimLogger')]", + "properties": { + "credentials": { + "instrumentationKey": "[parameters('appInsightsInstrumentationKey')]" + }, + "description": "Application Insights for APIM", + "loggerType": "applicationInsights", + "resourceId": "[parameters('appInsightsId')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.ApiManagement/service', parameters('apiManagementName'))]" + ] + }, + { + "type": "Microsoft.ApiManagement/service/diagnostics", + "apiVersion": "2023-09-01-preview", + "name": "[format('{0}/{1}', parameters('apiManagementName'), 'applicationinsights')]", + "properties": { + "loggerId": "[resourceId('Microsoft.ApiManagement/service/loggers', parameters('apiManagementName'), 'apimLogger')]", + "alwaysLog": "allErrors", + "verbosity": "information", + "sampling": { + "percentage": 100, + "samplingType": "fixed" + } + }, + "dependsOn": [ + "[resourceId('Microsoft.ApiManagement/service', parameters('apiManagementName'))]", + "[resourceId('Microsoft.ApiManagement/service/loggers', parameters('apiManagementName'), 'apimLogger')]" + ] + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('apiManagementName')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.ApiManagement/service', parameters('apiManagementName'))]" + }, + "apimGatewayUrl": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ApiManagement/service', parameters('apiManagementName')), '2023-09-01-preview').gatewayUrl]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'app-insights-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "graphrag-api-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "apimname": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'apim-deployment'), '2022-09-01').outputs.name.value]" + }, + "backendUrl": { + "value": "[variables('appUrl')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "2670804874768629752" + } + }, + "parameters": { + "apimname": { + "type": "string" + }, + "backendUrl": { + "type": "string" + } + }, + "resources": [ + { + "type": "Microsoft.ApiManagement/service/apis/operations", + "apiVersion": "2023-09-01-preview", + "name": "[format('{0}/{1}/{2}', split(format('{0}/documentation', parameters('apimname')), '/')[0], split(format('{0}/documentation', parameters('apimname')), '/')[1], 'docs')]", + "properties": { + "displayName": "docs", + "method": "GET", + "urlTemplate": "/docs", + "templateParameters": [], + "responses": [] + }, + "dependsOn": [ + "[resourceId('Microsoft.ApiManagement/service/apis', split(format('{0}/documentation', parameters('apimname')), '/')[0], split(format('{0}/documentation', parameters('apimname')), '/')[1])]" + ] + }, + { + "type": "Microsoft.ApiManagement/service/apis/operations", + "apiVersion": "2023-09-01-preview", + "name": "[format('{0}/{1}/{2}', split(format('{0}/documentation', parameters('apimname')), '/')[0], split(format('{0}/documentation', parameters('apimname')), '/')[1], 'openapi')]", + "properties": { + "displayName": "openapi", + "method": "GET", + "urlTemplate": "/openapi.json", + "templateParameters": [], + "responses": [] + }, + "dependsOn": [ + "[resourceId('Microsoft.ApiManagement/service/apis', split(format('{0}/documentation', parameters('apimname')), '/')[0], split(format('{0}/documentation', parameters('apimname')), '/')[1])]" + ] + }, + { + "type": "Microsoft.ApiManagement/service/apis", + "apiVersion": "2023-09-01-preview", + "name": "[format('{0}/documentation', parameters('apimname'))]", + "properties": { + "displayName": "documentation", + "apiRevision": "1", + "subscriptionRequired": false, + "serviceUrl": "[format('{0}/manpage', parameters('backendUrl'))]", + "path": "manpage", + "protocols": [ + "https" + ], + "authenticationSettings": { + "oAuth2AuthenticationSettings": [], + "openidAuthenticationSettings": [] + }, + "subscriptionKeyParameterNames": { + "header": "Ocp-Apim-Subscription-Key", + "query": "subscription-key" + }, + "isCurrent": true + } + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'apim-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "workload-identity-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "name": { + "value": "[variables('workloadIdentityName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "federatedCredentials": { + "value": { + "aks-workload-identity": { + "issuer": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.issuer.value]", + "audiences": [ + "api://AzureADTokenExchange" + ], + "subject": "[variables('workloadIdentitySubject')]" + } + } + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "17962046310475786003" + } + }, + "parameters": { + "name": { + "type": "string", + "metadata": { + "description": "The name of the identity" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of the identity" + } + }, + "federatedCredentials": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "federated name: FederatedIdentityCredentialProperties. See https://learn.microsoft.com/en-us/azure/templates/microsoft.managedidentity/userassignedidentities/federatedidentitycredentials?pivots=deployment-language-bicep#federatedidentitycredentialproperties" + } + } + }, + "resources": [ + { + "type": "Microsoft.ManagedIdentity/userAssignedIdentities", + "apiVersion": "2023-01-31", + "name": "[parameters('name')]", + "location": "[parameters('location')]" + }, + { + "copy": { + "name": "federatedCredentialResources", + "count": "[length(items(parameters('federatedCredentials')))]" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials", + "apiVersion": "2023-01-31", + "name": "[format('{0}/{1}', parameters('name'), items(parameters('federatedCredentials'))[copyIndex()].key)]", + "properties": "[items(parameters('federatedCredentials'))[copyIndex()].value]", + "dependsOn": [ + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('name'))]" + ] + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('name')]" + }, + "clientId": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('name')), '2023-01-31').clientId]" + }, + "principalId": { + "type": "string", + "value": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('name')), '2023-01-31').principalId]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'aks-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "private-dns-zone-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "name": { + "value": "[variables('dnsDomain')]" + }, + "vnetNames": { + "value": [ + "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.vnetName.value]" + ] + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "languageVersion": "2.0", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13258802455944913421" + } + }, + "parameters": { + "name": { + "type": "string", + "metadata": { + "description": "The name of the private DNS zone." + } + }, + "vnetNames": { + "type": "array", + "items": { + "type": "string" + }, + "metadata": { + "description": "The name of the virtual networks the DNS zone should be associated with." + } + } + }, + "resources": { + "dnsZone": { + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[parameters('name')]", + "location": "global", + "properties": {} + }, + "vnets": { + "copy": { + "name": "vnets", + "count": "[length(parameters('vnetNames'))]" + }, + "existing": true, + "type": "Microsoft.Network/virtualNetworks", + "apiVersion": "2024-01-01", + "name": "[parameters('vnetNames')[copyIndex()]]" + }, + "dnsZoneLinks": { + "copy": { + "name": "dnsZoneLinks", + "count": "[length(parameters('vnetNames'))]" + }, + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', parameters('name'), parameters('vnetNames')[copyIndex()])]", + "location": "global", + "properties": { + "registrationEnabled": false, + "virtualNetwork": { + "id": "[resourceId('Microsoft.Network/virtualNetworks', parameters('vnetNames')[copyIndex()])]" + } + }, + "dependsOn": [ + "dnsZone" + ] + } + }, + "outputs": { + "name": { + "type": "string", + "value": "[parameters('name')]" + }, + "id": { + "type": "string", + "value": "[resourceId('Microsoft.Network/privateDnsZones', parameters('name'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "condition": "[parameters('enablePrivateEndpoints')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "privatelink-private-dns-zones-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "linkedVnetIds": { + "value": [ + "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.vnetId.value]" + ] + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "1905656724149562282" + } + }, + "parameters": { + "linkedVnetIds": { + "type": "array", + "metadata": { + "description": "Virtual Network IDs to link to" + } + } + }, + "variables": { + "$fxv#0": { + "azureCloud": { + "azureMonitor": [ + "privatelink.monitor.azure.com", + "privatelink.oms.opinsights.azure.com", + "privatelink.agentsvc.azure-automation.net", + "privatelink.ods.opinsights.azure.com" + ] + }, + "azureusgovernment": { + "azureMonitor": [ + "privatelink.monitor.azure.us", + "privatelink.oms.opinsights.azure.us", + "privatelink.agentsvc.azure-automation.us", + "privatelink.ods.opinsights.azure.us" + ] + } + }, + "aiSearchPrivateDnsZoneName": "privatelink.search.windows.net", + "blobStoragePrivateDnsZoneName": "[format('privatelink.blob.{0}', environment().suffixes.storage)]", + "cosmosDbPrivateDnsZoneName": "privatelink.documents.azure.com", + "storagePrivateDnsZoneNames": [ + "[variables('blobStoragePrivateDnsZoneName')]" + ], + "privateDnsZoneData": "[variables('$fxv#0')]", + "cloudName": "[toLower(environment().name)]", + "azureMonitorPrivateDnsZones": "[variables('privateDnsZoneData')[variables('cloudName')].azureMonitor]", + "privateDnsZones": "[union(variables('azureMonitorPrivateDnsZones'), variables('storagePrivateDnsZoneNames'), createArray(variables('cosmosDbPrivateDnsZoneName')), createArray(variables('aiSearchPrivateDnsZoneName')))]" + }, + "resources": [ + { + "copy": { + "name": "privateDnsZoneResources", + "count": "[length(variables('privateDnsZones'))]" + }, + "type": "Microsoft.Network/privateDnsZones", + "apiVersion": "2020-06-01", + "name": "[variables('privateDnsZones')[copyIndex()]]", + "location": "global" + }, + { + "copy": { + "name": "dnsVnetLinks", + "count": "[length(variables('privateDnsZones'))]" + }, + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[replace(variables('privateDnsZones')[copyIndex()], '.', '-')]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "privateDnsZoneName": { + "value": "[variables('privateDnsZones')[copyIndex()]]" + }, + "vnetIds": { + "value": "[parameters('linkedVnetIds')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "9115361788050213720" + } + }, + "parameters": { + "privateDnsZoneName": { + "type": "string" + }, + "vnetIds": { + "type": "array" + } + }, + "resources": [ + { + "copy": { + "name": "dnsVnetLinks", + "count": "[length(parameters('vnetIds'))]" + }, + "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", + "apiVersion": "2020-06-01", + "name": "[format('{0}/{1}', parameters('privateDnsZoneName'), format('{0}-{1}', replace(parameters('privateDnsZoneName'), '.', '-'), uniqueString(parameters('vnetIds')[copyIndex()])))]", + "location": "global", + "properties": { + "virtualNetwork": { + "id": "[parameters('vnetIds')[copyIndex()]]" + }, + "registrationEnabled": false + } + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZones')[copyIndex()])]" + ] + } + ], + "outputs": { + "azureMonitorPrivateDnsZoneConfigs": { + "type": "array", + "copy": { + "count": "[length(union(variables('azureMonitorPrivateDnsZones'), createArray(variables('blobStoragePrivateDnsZoneName'))))]", + "input": { + "name": "[variables('privateDnsZones')[indexOf(variables('privateDnsZones'), union(variables('azureMonitorPrivateDnsZones'), createArray(variables('blobStoragePrivateDnsZoneName')))[copyIndex()])]]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZones')[indexOf(variables('privateDnsZones'), union(variables('azureMonitorPrivateDnsZones'), createArray(variables('blobStoragePrivateDnsZoneName')))[copyIndex()])])]" + } + } + } + }, + "blobStoragePrivateDnsZoneConfigs": { + "type": "array", + "value": [ + { + "name": "[variables('blobStoragePrivateDnsZoneName')]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZones')[indexOf(variables('privateDnsZones'), variables('blobStoragePrivateDnsZoneName'))])]" + } + } + ] + }, + "cosmosDbPrivateDnsZoneConfigs": { + "type": "array", + "value": [ + { + "name": "[variables('privateDnsZones')[indexOf(variables('privateDnsZones'), variables('cosmosDbPrivateDnsZoneName'))]]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZones')[indexOf(variables('privateDnsZones'), variables('cosmosDbPrivateDnsZoneName'))])]" + } + } + ] + }, + "aiSearchPrivateDnsZoneConfigs": { + "type": "array", + "value": [ + { + "name": "[variables('privateDnsZones')[indexOf(variables('privateDnsZones'), variables('aiSearchPrivateDnsZoneName'))]]", + "properties": { + "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZones')[indexOf(variables('privateDnsZones'), variables('aiSearchPrivateDnsZoneName'))])]" + } + } + ] + }, + "privateDnsZones": { + "type": "array", + "value": "[variables('privateDnsZones')]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "condition": "[parameters('enablePrivateEndpoints')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "azure-monitor-privatelink-scope-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "privateLinkScopeName": { + "value": "[format('pls-{0}', variables('resourceBaseNameFinal'))]" + }, + "privateLinkScopedResources": { + "value": [ + "[reference(resourceId('Microsoft.Resources/deployments', 'log-analytics-deployment'), '2022-09-01').outputs.id.value]", + "[reference(resourceId('Microsoft.Resources/deployments', 'app-insights-deployment'), '2022-09-01').outputs.id.value]" + ] + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "6906230456894515846" + } + }, + "parameters": { + "privateLinkScopeName": { + "type": "string" + }, + "privateLinkScopedResources": { + "type": "array", + "defaultValue": [] + }, + "queryAccessMode": { + "type": "string", + "defaultValue": "Open" + }, + "ingestionAccessMode": { + "type": "string", + "defaultValue": "PrivateOnly" + } + }, + "resources": [ + { + "type": "microsoft.insights/privateLinkScopes", + "apiVersion": "2021-07-01-preview", + "name": "[parameters('privateLinkScopeName')]", + "location": "global", + "properties": { + "accessModeSettings": { + "queryAccessMode": "[parameters('queryAccessMode')]", + "ingestionAccessMode": "[parameters('ingestionAccessMode')]" + } + } + }, + { + "copy": { + "name": "scopedResources", + "count": "[length(parameters('privateLinkScopedResources'))]" + }, + "type": "Microsoft.Insights/privateLinkScopes/scopedResources", + "apiVersion": "2021-07-01-preview", + "name": "[format('{0}/{1}', parameters('privateLinkScopeName'), uniqueString(parameters('privateLinkScopedResources')[copyIndex()]))]", + "properties": { + "linkedResourceId": "[parameters('privateLinkScopedResources')[copyIndex()]]" + }, + "dependsOn": [ + "[resourceId('microsoft.insights/privateLinkScopes', parameters('privateLinkScopeName'))]" + ] + } + ], + "outputs": { + "name": { + "type": "string", + "value": "[parameters('privateLinkScopeName')]" + }, + "id": { + "type": "string", + "value": "[resourceId('microsoft.insights/privateLinkScopes', parameters('privateLinkScopeName'))]" + } + } + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'app-insights-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'log-analytics-deployment')]" + ] + }, + { + "condition": "[parameters('enablePrivateEndpoints')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "cosmosDb-private-endpoint-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "privateEndpointName": { + "value": "[format('{0}cosmos-{1}', variables('abbrs').privateEndpoint, reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.name.value)]" + }, + "location": { + "value": "[parameters('location')]" + }, + "privateLinkServiceId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.id.value]" + }, + "subnetId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.aksSubnetId.value]" + }, + "groupId": { + "value": "Sql" + }, + "privateDnsZoneConfigs": "[if(parameters('enablePrivateEndpoints'), createObject('value', reference(resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment'), '2022-09-01').outputs.cosmosDbPrivateDnsZoneConfigs.value), createObject('value', createArray()))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13335949838347044523" + } + }, + "parameters": { + "privateLinkServiceId": { + "type": "string", + "metadata": { + "description": "Resource ID of service the private endpoint is for" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "The resource ID of the subnet to deploy the private endpoint to" + } + }, + "privateDnsZoneConfigs": { + "type": "array", + "metadata": { + "description": "Map of group id to array of private dns zone configs to associate with the private endpoint" + } + }, + "privateEndpointName": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]" + } + }, + "resources": [ + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2021-05-01", + "name": "[parameters('privateEndpointName')]", + "location": "[parameters('location')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('privateEndpointName')]", + "properties": { + "privateLinkServiceId": "[parameters('privateLinkServiceId')]", + "groupIds": [ + "[parameters('groupId')]" + ] + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + } + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2021-05-01", + "name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('groupId'))]", + "properties": { + "privateDnsZoneConfigs": "[parameters('privateDnsZoneConfigs')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpointName'))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "condition": "[parameters('enablePrivateEndpoints')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "blob-storage-private-endpoint-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "privateEndpointName": { + "value": "[format('{0}blob-{1}', variables('abbrs').privateEndpoint, reference(resourceId('Microsoft.Resources/deployments', 'storage-deployment'), '2022-09-01').outputs.name.value)]" + }, + "location": { + "value": "[parameters('location')]" + }, + "privateLinkServiceId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'storage-deployment'), '2022-09-01').outputs.id.value]" + }, + "subnetId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.aksSubnetId.value]" + }, + "groupId": { + "value": "blob" + }, + "privateDnsZoneConfigs": "[if(parameters('enablePrivateEndpoints'), createObject('value', reference(resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment'), '2022-09-01').outputs.blobStoragePrivateDnsZoneConfigs.value), createObject('value', createArray()))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13335949838347044523" + } + }, + "parameters": { + "privateLinkServiceId": { + "type": "string", + "metadata": { + "description": "Resource ID of service the private endpoint is for" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "The resource ID of the subnet to deploy the private endpoint to" + } + }, + "privateDnsZoneConfigs": { + "type": "array", + "metadata": { + "description": "Map of group id to array of private dns zone configs to associate with the private endpoint" + } + }, + "privateEndpointName": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]" + } + }, + "resources": [ + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2021-05-01", + "name": "[parameters('privateEndpointName')]", + "location": "[parameters('location')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('privateEndpointName')]", + "properties": { + "privateLinkServiceId": "[parameters('privateLinkServiceId')]", + "groupIds": [ + "[parameters('groupId')]" + ] + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + } + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2021-05-01", + "name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('groupId'))]", + "properties": { + "privateDnsZoneConfigs": "[parameters('privateDnsZoneConfigs')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpointName'))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'storage-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "condition": "[parameters('enablePrivateEndpoints')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "ai-search-private-endpoint-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "privateEndpointName": { + "value": "[format('{0}search-{1}', variables('abbrs').privateEndpoint, reference(resourceId('Microsoft.Resources/deployments', 'aisearch-deployment'), '2022-09-01').outputs.name.value)]" + }, + "location": { + "value": "[parameters('location')]" + }, + "privateLinkServiceId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aisearch-deployment'), '2022-09-01').outputs.id.value]" + }, + "subnetId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.aksSubnetId.value]" + }, + "groupId": { + "value": "searchService" + }, + "privateDnsZoneConfigs": "[if(parameters('enablePrivateEndpoints'), createObject('value', reference(resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment'), '2022-09-01').outputs.aiSearchPrivateDnsZoneConfigs.value), createObject('value', createArray()))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13335949838347044523" + } + }, + "parameters": { + "privateLinkServiceId": { + "type": "string", + "metadata": { + "description": "Resource ID of service the private endpoint is for" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "The resource ID of the subnet to deploy the private endpoint to" + } + }, + "privateDnsZoneConfigs": { + "type": "array", + "metadata": { + "description": "Map of group id to array of private dns zone configs to associate with the private endpoint" + } + }, + "privateEndpointName": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]" + } + }, + "resources": [ + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2021-05-01", + "name": "[parameters('privateEndpointName')]", + "location": "[parameters('location')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('privateEndpointName')]", + "properties": { + "privateLinkServiceId": "[parameters('privateLinkServiceId')]", + "groupIds": [ + "[parameters('groupId')]" + ] + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + } + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2021-05-01", + "name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('groupId'))]", + "properties": { + "privateDnsZoneConfigs": "[parameters('privateDnsZoneConfigs')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpointName'))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'aisearch-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "condition": "[parameters('enablePrivateEndpoints')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "privatelink-scope-private-endpoint-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "privateEndpointName": { + "value": "[format('{0}pls-{1}', variables('abbrs').privateEndpoint, variables('resourceBaseNameFinal'))]" + }, + "location": { + "value": "[parameters('location')]" + }, + "privateLinkServiceId": "[if(parameters('enablePrivateEndpoints'), createObject('value', reference(resourceId('Microsoft.Resources/deployments', 'azure-monitor-privatelink-scope-deployment'), '2022-09-01').outputs.id.value), createObject('value', ''))]", + "subnetId": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'vnet-deployment'), '2022-09-01').outputs.aksSubnetId.value]" + }, + "groupId": { + "value": "azuremonitor" + }, + "privateDnsZoneConfigs": "[if(parameters('enablePrivateEndpoints'), createObject('value', reference(resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment'), '2022-09-01').outputs.azureMonitorPrivateDnsZoneConfigs.value), createObject('value', createArray()))]" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13335949838347044523" + } + }, + "parameters": { + "privateLinkServiceId": { + "type": "string", + "metadata": { + "description": "Resource ID of service the private endpoint is for" + } + }, + "subnetId": { + "type": "string", + "metadata": { + "description": "The resource ID of the subnet to deploy the private endpoint to" + } + }, + "privateDnsZoneConfigs": { + "type": "array", + "metadata": { + "description": "Map of group id to array of private dns zone configs to associate with the private endpoint" + } + }, + "privateEndpointName": { + "type": "string" + }, + "groupId": { + "type": "string" + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]" + } + }, + "resources": [ + { + "type": "Microsoft.Network/privateEndpoints", + "apiVersion": "2021-05-01", + "name": "[parameters('privateEndpointName')]", + "location": "[parameters('location')]", + "properties": { + "privateLinkServiceConnections": [ + { + "name": "[parameters('privateEndpointName')]", + "properties": { + "privateLinkServiceId": "[parameters('privateLinkServiceId')]", + "groupIds": [ + "[parameters('groupId')]" + ] + } + } + ], + "subnet": { + "id": "[parameters('subnetId')]" + } + } + }, + { + "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", + "apiVersion": "2021-05-01", + "name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('groupId'))]", + "properties": { + "privateDnsZoneConfigs": "[parameters('privateDnsZoneConfigs')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpointName'))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'azure-monitor-privatelink-scope-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'vnet-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "[parameters('utcString')]", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "utcValue": { + "value": "[parameters('utcString')]" + }, + "name": { + "value": "graphragscript" + }, + "location": { + "value": "[parameters('location')]" + }, + "subscriptionId": { + "value": "[subscription().id]" + }, + "tenantid": { + "value": "[tenant().tenantId]" + }, + "acrserver": { + "value": "graphrag.azure.acr.io" + }, + "azure_location": { + "value": "[parameters('location')]" + }, + "azure_acr_login_server": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'acr-deployment'), '2022-09-01').outputs.loginServer.value]" + }, + "azure_acr_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'acr-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_aks_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_aks_controlplanefqdn": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.controlPlaneFqdn.value]" + }, + "azure_aks_managed_rg": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.managedResourceGroup.value]" + }, + "azure_aks_service_account_name": { + "value": "[variables('aksServiceAccountName')]" + }, + "imagename": { + "value": "[parameters('graphragimage')]" + }, + "imageversion": { + "value": "[parameters('graphragimageversion')]" + }, + "azure_apim_gateway_url": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'apim-deployment'), '2022-09-01').outputs.apimGatewayUrl.value]" + }, + "azure_apim_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'apim-deployment'), '2022-09-01').outputs.name.value]" + }, + "managed_identity_aks": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.systemIdentity.value]" + }, + "script_file": { + "value": "[variables('$fxv#1')]" + }, + "ai_search_name": { + "value": "aisearch-deployment" + }, + "azure_aoai_endpoint": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.openAiEndpoint.value]" + }, + "azure_aoai_llm_model": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.llmModel.value]" + }, + "azure_aoai_llm_model_deployment_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.llmModelDeploymentName.value]" + }, + "azure_aoai_llm_model_api_version": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.llmModelApiVersion.value]" + }, + "azure_aoai_embedding_model": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.textEmbeddingModel.value]" + }, + "azure_aoai_embedding_model_deployment_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.textEmbeddingModelDeploymentName.value]" + }, + "azure_aoai_embedding_model_api_version": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.textEmbeddingModelApiVersion.value]" + }, + "azure_app_hostname": { + "value": "[variables('appHostname')]" + }, + "azure_app_url": { + "value": "[variables('appUrl')]" + }, + "azure_app_insights_connection_string": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'app-insights-deployment'), '2022-09-01').outputs.connectionString.value]" + }, + "azure_cosmosdb_endpoint": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.endpoint.value]" + }, + "azure_cosmosdb_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_cosmosdb_id": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.id.value]" + }, + "azure_dns_zone_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'private-dns-zone-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_storage_account": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'storage-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_storage_account_blob_url": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'storage-deployment'), '2022-09-01').outputs.primaryEndpoints.value.blob]" + }, + "azure_workload_identity_client_id": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.clientId.value]" + }, + "azure_workload_identity_principal_id": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.principalId.value]" + }, + "azure_workload_identity_name": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.name.value]" + }, + "public_storage_account_name": { + "value": "[parameters('publicStorageAccountName')]" + }, + "public_storage_account_key": { + "value": "[parameters('publicStorageAccountKey')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "17195102145442235485" + } + }, + "parameters": { + "name": { + "type": "string" + }, + "utcValue": { + "type": "string" + }, + "location": { + "type": "string" + }, + "subscriptionId": { + "type": "string" + }, + "tenantid": { + "type": "string" + }, + "acrserver": { + "type": "string" + }, + "azure_location": { + "type": "string" + }, + "azure_acr_login_server": { + "type": "string" + }, + "azure_acr_name": { + "type": "string" + }, + "azure_aks_name": { + "type": "string" + }, + "azure_aks_controlplanefqdn": { + "type": "string" + }, + "azure_aks_managed_rg": { + "type": "string" + }, + "azure_aks_service_account_name": { + "type": "string" + }, + "azure_apim_gateway_url": { + "type": "string" + }, + "azure_apim_name": { + "type": "string" + }, + "managed_identity_aks": { + "type": "string" + }, + "ai_search_name": { + "type": "string" + }, + "imagename": { + "type": "string" + }, + "imageversion": { + "type": "string" + }, + "script_file": { + "type": "string" + }, + "azure_aoai_endpoint": { + "type": "string" + }, + "azure_aoai_llm_model": { + "type": "string" + }, + "azure_aoai_llm_model_deployment_name": { + "type": "string" + }, + "azure_aoai_llm_model_api_version": { + "type": "string" + }, + "azure_aoai_embedding_model": { + "type": "string" + }, + "azure_aoai_embedding_model_deployment_name": { + "type": "string" + }, + "azure_aoai_embedding_model_api_version": { + "type": "string" + }, + "azure_app_hostname": { + "type": "string" + }, + "azure_app_url": { + "type": "string" + }, + "azure_app_insights_connection_string": { + "type": "string" + }, + "azure_cosmosdb_endpoint": { + "type": "string" + }, + "azure_cosmosdb_name": { + "type": "string" + }, + "azure_cosmosdb_id": { + "type": "string" + }, + "azure_dns_zone_name": { + "type": "string" + }, + "azure_storage_account": { + "type": "string" + }, + "azure_storage_account_blob_url": { + "type": "string" + }, + "azure_workload_identity_client_id": { + "type": "string" + }, + "azure_workload_identity_principal_id": { + "type": "string" + }, + "azure_workload_identity_name": { + "type": "string" + }, + "cognitive_services_audience": { + "type": "string", + "defaultValue": "https://cognitiveservices.azure.com/default" + }, + "public_storage_account_name": { + "type": "string" + }, + "public_storage_account_key": { + "type": "string" + } + }, + "variables": { + "clusterAdminRoleDefinitionId": "[resourceId('Microsoft.Authorization/roleDefinitions', '0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8')]" + }, + "resources": [ + { + "type": "Microsoft.ManagedIdentity/userAssignedIdentities", + "apiVersion": "2023-01-31", + "name": "[uniqueString(resourceGroup().id)]", + "location": "[parameters('location')]" + }, + { + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "scope": "[format('Microsoft.ContainerService/managedClusters/{0}', parameters('azure_aks_name'))]", + "name": "[guid(parameters('managed_identity_aks'), resourceId('Microsoft.ContainerService/managedClusters', parameters('azure_aks_name')), variables('clusterAdminRoleDefinitionId'))]", + "properties": { + "roleDefinitionId": "[variables('clusterAdminRoleDefinitionId')]", + "principalId": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', uniqueString(resourceGroup().id)), '2023-01-31').principalId]", + "principalType": "ServicePrincipal" + }, + "dependsOn": [ + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', uniqueString(resourceGroup().id))]" + ] + }, + { + "type": "Microsoft.Resources/deploymentScripts", + "apiVersion": "2020-10-01", + "name": "[parameters('name')]", + "location": "[parameters('location')]", + "kind": "AzureCLI", + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "[format('{0}', resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', uniqueString(resourceGroup().id)))]": {} + } + }, + "properties": { + "storageAccountSettings": { + "storageAccountName": "[parameters('public_storage_account_name')]", + "storageAccountKey": "[parameters('public_storage_account_key')]" + }, + "forceUpdateTag": "[parameters('utcValue')]", + "azCliVersion": "2.7.0", + "timeout": "PT1H", + "environmentVariables": [ + { + "name": "AZURE_SUBSCRIPTION_ID", + "value": "[parameters('subscriptionId')]" + }, + { + "name": "AZURE_TENANT_ID", + "value": "[parameters('tenantid')]" + }, + { + "name": "ACR_SERVER", + "value": "[parameters('acrserver')]" + }, + { + "name": "AZURE_LOCATION", + "value": "[parameters('azure_location')]" + }, + { + "name": "AZURE_ACR_LOGIN_SERVER", + "value": "[parameters('azure_acr_login_server')]" + }, + { + "name": "AZURE_ACR_NAME", + "value": "[parameters('azure_acr_name')]" + }, + { + "name": "AZURE_AKS_NAME", + "value": "[parameters('azure_aks_name')]" + }, + { + "name": "AZURE_AKS_CONTROLPLANEFQDN", + "value": "[parameters('azure_aks_controlplanefqdn')]" + }, + { + "name": "AZURE_AKS_MANAGED_RG", + "value": "[parameters('azure_aks_managed_rg')]" + }, + { + "name": "AZURE_AKS_SERVICE_ACCOUNT_NAME", + "value": "[parameters('azure_aks_service_account_name')]" + }, + { + "name": "AZURE_APIM_GATEWAY_URL", + "value": "[parameters('azure_apim_gateway_url')]" + }, + { + "name": "AZURE_APIM_NAME", + "value": "[parameters('azure_apim_name')]" + }, + { + "name": "MANAGED_IDENTITY_AKS", + "value": "[parameters('managed_identity_aks')]" + }, + { + "name": "IMAGE_NAME", + "value": "[parameters('imagename')]" + }, + { + "name": "IMAGE_VERSION", + "value": "[parameters('imageversion')]" + }, + { + "name": "AI_SEARCH_NAME", + "value": "[parameters('ai_search_name')]" + }, + { + "name": "AZURE_AOAI_LLM_MODEL", + "value": "[parameters('azure_aoai_llm_model')]" + }, + { + "name": "AZURE_AOAI_LLM_MODEL_DEPLOYMENT_NAME", + "value": "[parameters('azure_aoai_llm_model_deployment_name')]" + }, + { + "name": "AZURE_AOAI_LLM_MODEL_API_VERSION", + "value": "[parameters('azure_aoai_llm_model_api_version')]" + }, + { + "name": "AZURE_AOAI_EMBEDDING_MODEL", + "value": "[parameters('azure_aoai_embedding_model')]" + }, + { + "name": "AZURE_AOAI_EMBEDDING_MODEL_DEPLOYMENT_NAME", + "value": "[parameters('azure_aoai_embedding_model_deployment_name')]" + }, + { + "name": "AZURE_AOAI_EMBEDDING_MODEL_API_VERSION", + "value": "[parameters('azure_aoai_embedding_model_api_version')]" + }, + { + "name": "AZURE_APP_HOSTNAME", + "value": "[parameters('azure_app_hostname')]" + }, + { + "name": "AZURE_APP_URL", + "value": "[parameters('azure_app_url')]" + }, + { + "name": "AZURE_APP_INSIGHTS_CONNECTION_STRING", + "value": "[parameters('azure_app_insights_connection_string')]" + }, + { + "name": "AZURE_COSMOSDB_ENDPOINT", + "value": "[parameters('azure_cosmosdb_endpoint')]" + }, + { + "name": "AZURE_COSMOSDB_NAME", + "value": "[parameters('azure_cosmosdb_name')]" + }, + { + "name": "AZURE_COSMOSDB_ID", + "value": "[parameters('azure_cosmosdb_id')]" + }, + { + "name": "AZURE_DNS_ZONE_NAME", + "value": "[parameters('azure_dns_zone_name')]" + }, + { + "name": "AZURE_STORAGE_ACCOUNT", + "value": "[parameters('azure_storage_account')]" + }, + { + "name": "AZURE_STORAGE_ACCOUNT_BLOB_URL", + "value": "[parameters('azure_storage_account_blob_url')]" + }, + { + "name": "AZURE_WORKLOAD_IDENTITY_CLIENT_ID", + "value": "[parameters('azure_workload_identity_client_id')]" + }, + { + "name": "AZURE_WORKLOAD_IDENTITY_PRINCIPAL_ID", + "value": "[parameters('azure_workload_identity_principal_id')]" + }, + { + "name": "AZURE_WORKLOAD_IDENTITY_NAME", + "value": "[parameters('azure_workload_identity_name')]" + }, + { + "name": "COGNITIVE_SERVICES_AUDIENCE", + "value": "[parameters('cognitive_services_audience')]" + }, + { + "name": "AZURE_OPENAI_ENDPOINT", + "value": "[parameters('azure_aoai_endpoint')]" + }, + { + "name": "AZURE_RESOURCE_GROUP", + "value": "[resourceGroup().name]" + } + ], + "cleanupPreference": "OnSuccess", + "retentionInterval": "P1D", + "scriptContent": "[parameters('script_file')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', uniqueString(resourceGroup().id))]" + ] + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'acr-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'aisearch-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'aks-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'aoai-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'apim-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'app-insights-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'private-dns-zone-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'storage-deployment')]", + "[resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment')]" + ] + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2022-09-01", + "name": "graphragservicedef-deployment", + "properties": { + "expressionEvaluationOptions": { + "scope": "inner" + }, + "mode": "Incremental", + "parameters": { + "name": { + "value": "GraphRag" + }, + "apimname": { + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'apim-deployment'), '2022-09-01').outputs.name.value]" + }, + "backendUrl": { + "value": "[variables('appUrl')]" + } + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "metadata": { + "_generator": { + "name": "bicep", + "version": "0.33.93.31351", + "templateHash": "13338625497669096861" + } + }, + "parameters": { + "backendUrl": { + "type": "string" + }, + "name": { + "type": "string" + }, + "apimname": { + "type": "string" + } + }, + "variables": { + "$fxv#0": { + "openapi": "3.1.0", + "info": { + "title": "GraphRAG", + "version": "v0.0.0" + }, + "paths": { + "/data": { + "get": { + "tags": [ + "Data Management" + ], + "summary": "Get all data storage containers.", + "description": "Retrieve a list of all data storage containers.", + "operationId": "get_all_data_storage_containers_data_get", + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/StorageNameList" + } + } + } + } + } + }, + "post": { + "tags": [ + "Data Management" + ], + "summary": "Upload data to a data storage container", + "description": "Create a data storage container in Azure and upload files to it.\n\nArgs:\n files (List[UploadFile]): A list of files to be uploaded.\n storage_name (str): The name of the Azure Blob Storage container to which files will be uploaded.\n overwrite (bool): Whether to overwrite existing files with the same name. Defaults to True. If False, files that already exist will be skipped.\n\nReturns:\n BaseResponse: An instance of the BaseResponse model with a status message indicating the result of the upload.\n\nRaises:\n HTTPException: If the container name is invalid or if any error occurs during the upload process.", + "operationId": "upload_files_data_post", + "parameters": [ + { + "name": "storage_name", + "in": "query", + "required": true, + "schema": { + "type": "string", + "title": "Storage Name" + } + }, + { + "name": "overwrite", + "in": "query", + "required": false, + "schema": { + "type": "boolean", + "default": true, + "title": "Overwrite" + } + } + ], + "requestBody": { + "required": true, + "content": { + "multipart/form-data": { + "schema": { + "$ref": "#/components/schemas/Body_upload_files_data_post" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/BaseResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/data/{storage_name}": { + "delete": { + "tags": [ + "Data Management" + ], + "summary": "Delete a data storage container", + "description": "Delete a specified data storage container.", + "operationId": "delete_files_data__storage_name__delete", + "parameters": [ + { + "name": "storage_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Storage Name" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/BaseResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/index": { + "post": { + "tags": [ + "Index Operations" + ], + "summary": "Build an index", + "operationId": "setup_indexing_pipeline_index_post", + "parameters": [ + { + "name": "storage_name", + "in": "query", + "required": true, + "schema": { + "type": "string", + "title": "Storage Name" + } + }, + { + "name": "index_name", + "in": "query", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + } + ], + "requestBody": { + "content": { + "multipart/form-data": { + "schema": { + "$ref": "#/components/schemas/Body_setup_indexing_pipeline_index_post" + } + } + } + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/BaseResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + }, + "get": { + "tags": [ + "Index Operations" + ], + "summary": "Get all indexes", + "description": "Retrieve a list of all index names.", + "operationId": "get_all_indexes_index_get", + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/IndexNameList" + } + } + } + } + } + } + }, + "/index/{index_name}": { + "delete": { + "tags": [ + "Index Operations" + ], + "summary": "Delete a specified index", + "description": "Delete a specified index.", + "operationId": "delete_index_index__index_name__delete", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/BaseResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/index/status/{index_name}": { + "get": { + "tags": [ + "Index Operations" + ], + "summary": "Track the status of an indexing job", + "operationId": "get_index_job_status_index_status__index_name__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/IndexStatusResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/query/global": { + "post": { + "tags": [ + "Query Operations" + ], + "summary": "Perform a global search across the knowledge graph index", + "description": "The global query method generates answers by searching over all AI-generated community reports in a map-reduce fashion. This is a resource-intensive method, but often gives good responses for questions that require an understanding of the dataset as a whole.", + "operationId": "global_query_query_global_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/query/local": { + "post": { + "tags": [ + "Query Operations" + ], + "summary": "Perform a local search across the knowledge graph index.", + "description": "The local query method generates answers by combining relevant data from the AI-extracted knowledge-graph with text chunks of the raw documents. This method is suitable for questions that require an understanding of specific entities mentioned in the documents (e.g. What are the healing properties of chamomile?).", + "operationId": "local_query_query_local_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/query/streaming/global": { + "post": { + "tags": [ + "Query Streaming Operations" + ], + "summary": "Stream a response back after performing a global search", + "description": "The global query method generates answers by searching over all AI-generated community reports in a map-reduce fashion. This is a resource-intensive method, but often gives good responses for questions that require an understanding of the dataset as a whole.", + "operationId": "global_search_streaming_query_streaming_global_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/query/streaming/local": { + "post": { + "tags": [ + "Query Streaming Operations" + ], + "summary": "Stream a response back after performing a local search", + "description": "The local query method generates answers by combining relevant data from the AI-extracted knowledge-graph with text chunks of the raw documents. This method is suitable for questions that require an understanding of specific entities mentioned in the documents (e.g. What are the healing properties of chamomile?).", + "operationId": "local_search_streaming_query_streaming_local_post", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphRequest" + } + } + }, + "required": true + }, + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/index/config/prompts": { + "get": { + "tags": [ + "Index Configuration" + ], + "summary": "Generate graphrag prompts from user-provided data.", + "description": "Generating custom prompts from user-provided data may take several minutes to run based on the amount of data used.", + "operationId": "generate_prompts_index_config_prompts_get", + "parameters": [ + { + "name": "storage_name", + "in": "query", + "required": true, + "schema": { + "type": "string", + "title": "Storage Name" + } + }, + { + "name": "limit", + "in": "query", + "required": false, + "schema": { + "type": "integer", + "default": 5, + "title": "Limit" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/source/report/{index_name}/{report_id}": { + "get": { + "tags": [ + "Sources" + ], + "summary": "Return a single community report.", + "operationId": "get_report_info_source_report__index_name___report_id__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + }, + { + "name": "report_id", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Report Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ReportResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/source/text/{index_name}/{text_unit_id}": { + "get": { + "tags": [ + "Sources" + ], + "summary": "Return a single base text unit.", + "operationId": "get_chunk_info_source_text__index_name___text_unit_id__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + }, + { + "name": "text_unit_id", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Text Unit Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/TextUnitResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/source/entity/{index_name}/{entity_id}": { + "get": { + "tags": [ + "Sources" + ], + "summary": "Return a single entity.", + "operationId": "get_entity_info_source_entity__index_name___entity_id__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + }, + { + "name": "entity_id", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "Entity Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/EntityResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/source/claim/{index_name}/{claim_id}": { + "get": { + "tags": [ + "Sources" + ], + "summary": "Return a single claim.", + "operationId": "get_claim_info_source_claim__index_name___claim_id__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + }, + { + "name": "claim_id", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "Claim Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ClaimResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/source/relationship/{index_name}/{relationship_id}": { + "get": { + "tags": [ + "Sources" + ], + "summary": "Return a single relationship.", + "operationId": "get_relationship_info_source_relationship__index_name___relationship_id__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + }, + { + "name": "relationship_id", + "in": "path", + "required": true, + "schema": { + "type": "integer", + "title": "Relationship Id" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/RelationshipResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/graph/graphml/{index_name}": { + "get": { + "tags": [ + "Graph Operations" + ], + "summary": "Retrieve a GraphML file of the knowledge graph", + "operationId": "retrieve_graphml_file_graph_graphml__index_name__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + } + ], + "responses": { + "200": { + "description": "GraphML file successfully downloaded", + "content": { + "application/json": { + "schema": {} + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/graph/stats/{index_name}": { + "get": { + "tags": [ + "Graph Operations" + ], + "summary": "Retrieve basic graph statistics, number of nodes and edges", + "operationId": "retrieve_graph_stats_graph_stats__index_name__get", + "parameters": [ + { + "name": "index_name", + "in": "path", + "required": true, + "schema": { + "type": "string", + "title": "Index Name" + } + } + ], + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/GraphDataResponse" + } + } + } + }, + "422": { + "description": "Validation Error", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/HTTPValidationError" + } + } + } + } + } + } + }, + "/health": { + "get": { + "summary": "API health check", + "description": "Returns a 200 response to indicate the API is healthy.", + "operationId": "health_check_health_get", + "responses": { + "200": { + "description": "Successful Response", + "content": { + "application/json": { + "schema": {} + } + } + } + } + } + } + }, + "components": { + "schemas": { + "BaseResponse": { + "properties": { + "status": { + "type": "string", + "title": "Status" + } + }, + "type": "object", + "required": [ + "status" + ], + "title": "BaseResponse" + }, + "Body_setup_indexing_pipeline_index_post": { + "properties": { + "entity_extraction_prompt": { + "anyOf": [ + { + "type": "string", + "format": "binary" + }, + { + "type": "null" + } + ], + "title": "Entity Extraction Prompt" + }, + "community_report_prompt": { + "anyOf": [ + { + "type": "string", + "format": "binary" + }, + { + "type": "null" + } + ], + "title": "Community Report Prompt" + }, + "summarize_descriptions_prompt": { + "anyOf": [ + { + "type": "string", + "format": "binary" + }, + { + "type": "null" + } + ], + "title": "Summarize Descriptions Prompt" + } + }, + "type": "object", + "title": "Body_setup_indexing_pipeline_index_post" + }, + "Body_upload_files_data_post": { + "properties": { + "files": { + "items": { + "type": "string", + "format": "binary" + }, + "type": "array", + "title": "Files" + } + }, + "type": "object", + "required": [ + "files" + ], + "title": "Body_upload_files_data_post" + }, + "ClaimResponse": { + "properties": { + "covariate_type": { + "type": "string", + "title": "Covariate Type" + }, + "type": { + "type": "string", + "title": "Type" + }, + "description": { + "type": "string", + "title": "Description" + }, + "subject_id": { + "type": "string", + "title": "Subject Id" + }, + "object_id": { + "type": "string", + "title": "Object Id" + }, + "source_text": { + "type": "string", + "title": "Source Text" + }, + "text_unit_id": { + "type": "string", + "title": "Text Unit Id" + }, + "document_ids": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Document Ids" + } + }, + "type": "object", + "required": [ + "covariate_type", + "type", + "description", + "subject_id", + "object_id", + "source_text", + "text_unit_id", + "document_ids" + ], + "title": "ClaimResponse" + }, + "EntityResponse": { + "properties": { + "name": { + "type": "string", + "title": "Name" + }, + "description": { + "type": "string", + "title": "Description" + }, + "text_units": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Text Units" + } + }, + "type": "object", + "required": [ + "name", + "description", + "text_units" + ], + "title": "EntityResponse" + }, + "GraphDataResponse": { + "properties": { + "nodes": { + "type": "integer", + "title": "Nodes" + }, + "edges": { + "type": "integer", + "title": "Edges" + } + }, + "type": "object", + "required": [ + "nodes", + "edges" + ], + "title": "GraphDataResponse" + }, + "GraphRequest": { + "properties": { + "index_name": { + "anyOf": [ + { + "type": "string" + }, + { + "items": { + "type": "string" + }, + "type": "array" + } + ], + "title": "Index Name" + }, + "query": { + "type": "string", + "title": "Query" + } + }, + "type": "object", + "required": [ + "index_name", + "query" + ], + "title": "GraphRequest" + }, + "GraphResponse": { + "properties": { + "result": { + "title": "Result" + }, + "context_data": { + "title": "Context Data" + } + }, + "type": "object", + "required": [ + "result", + "context_data" + ], + "title": "GraphResponse" + }, + "HTTPValidationError": { + "properties": { + "detail": { + "items": { + "$ref": "#/components/schemas/ValidationError" + }, + "type": "array", + "title": "Detail" + } + }, + "type": "object", + "title": "HTTPValidationError" + }, + "IndexNameList": { + "properties": { + "index_name": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Index Name" + } + }, + "type": "object", + "required": [ + "index_name" + ], + "title": "IndexNameList" + }, + "IndexStatusResponse": { + "properties": { + "status_code": { + "type": "integer", + "title": "Status Code" + }, + "index_name": { + "type": "string", + "title": "Index Name" + }, + "storage_name": { + "type": "string", + "title": "Storage Name" + }, + "status": { + "type": "string", + "title": "Status" + }, + "percent_complete": { + "type": "number", + "title": "Percent Complete" + }, + "progress": { + "type": "string", + "title": "Progress" + } + }, + "type": "object", + "required": [ + "status_code", + "index_name", + "storage_name", + "status", + "percent_complete", + "progress" + ], + "title": "IndexStatusResponse" + }, + "RelationshipResponse": { + "properties": { + "source": { + "type": "string", + "title": "Source" + }, + "source_id": { + "type": "integer", + "title": "Source Id" + }, + "target": { + "type": "string", + "title": "Target" + }, + "target_id": { + "type": "integer", + "title": "Target Id" + }, + "description": { + "type": "string", + "title": "Description" + }, + "text_units": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Text Units" + } + }, + "type": "object", + "required": [ + "source", + "source_id", + "target", + "target_id", + "description", + "text_units" + ], + "title": "RelationshipResponse" + }, + "ReportResponse": { + "properties": { + "text": { + "type": "string", + "title": "Text" + } + }, + "type": "object", + "required": [ + "text" + ], + "title": "ReportResponse" + }, + "StorageNameList": { + "properties": { + "storage_name": { + "items": { + "type": "string" + }, + "type": "array", + "title": "Storage Name" + } + }, + "type": "object", + "required": [ + "storage_name" + ], + "title": "StorageNameList" + }, + "TextUnitResponse": { + "properties": { + "text": { + "type": "string", + "title": "Text" + }, + "source_document": { + "type": "string", + "title": "Source Document" + } + }, + "type": "object", + "required": [ + "text", + "source_document" + ], + "title": "TextUnitResponse" + }, + "ValidationError": { + "properties": { + "loc": { + "items": { + "anyOf": [ + { + "type": "string" + }, + { + "type": "integer" + } + ] + }, + "type": "array", + "title": "Location" + }, + "msg": { + "type": "string", + "title": "Message" + }, + "type": { + "type": "string", + "title": "Error Type" + } + }, + "type": "object", + "required": [ + "loc", + "msg", + "type" + ], + "title": "ValidationError" + } + } + } + }, + "$fxv#1": "\n\t\n\t\t\n\t\t\n\t\t\t\n\t\t\t\t*\n\t\t\t\n\t\t\t\n\t\t\t\t*\n\t\t\t\n\t\t\t\n\t\t\t\t
*
\n\t\t\t\n\t\t\t\n\t\t\t\t
*
\n\t\t\t\n\t\t\n\t\n\t\n\t\t\n\t\n\t\n\t\t\n\t\n\t\n\t\t\n\t\n" + }, + "resources": [ + { + "type": "Microsoft.ApiManagement/service/apis/policies", + "apiVersion": "2022-08-01", + "name": "[format('{0}/{1}/{2}', split(format('{0}/{1}', parameters('apimname'), parameters('name')), '/')[0], split(format('{0}/{1}', parameters('apimname'), parameters('name')), '/')[1], 'policy')]", + "properties": { + "format": "rawxml", + "value": "[variables('$fxv#1')]" + }, + "dependsOn": [ + "[resourceId('Microsoft.ApiManagement/service/apis', split(format('{0}/{1}', parameters('apimname'), parameters('name')), '/')[0], split(format('{0}/{1}', parameters('apimname'), parameters('name')), '/')[1])]" + ] + }, + { + "type": "Microsoft.ApiManagement/service/apis", + "apiVersion": "2023-09-01-preview", + "name": "[format('{0}/{1}', parameters('apimname'), parameters('name'))]", + "properties": { + "displayName": "GraphRAG", + "apiRevision": "1", + "subscriptionRequired": true, + "serviceUrl": "[parameters('backendUrl')]", + "path": "", + "protocols": [ + "https" + ], + "authenticationSettings": { + "oAuth2AuthenticationSettings": [], + "openidAuthenticationSettings": [] + }, + "subscriptionKeyParameterNames": { + "header": "Ocp-Apim-Subscription-Key", + "query": "subscription-key" + }, + "isCurrent": true, + "format": "openapi+json", + "value": "[string(variables('$fxv#0'))]" + } + } + ] + } + }, + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'apim-deployment')]" + ] + } + ], + "outputs": { + "azure_location": { + "type": "string", + "value": "[parameters('location')]" + }, + "azure_tenant_id": { + "type": "string", + "value": "[tenant().tenantId]" + }, + "azure_ai_search_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aisearch-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_acr_login_server": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'acr-deployment'), '2022-09-01').outputs.loginServer.value]" + }, + "azure_acr_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'acr-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_aks_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_aks_controlplanefqdn": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.controlPlaneFqdn.value]" + }, + "azure_aks_managed_rg": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aks-deployment'), '2022-09-01').outputs.managedResourceGroup.value]" + }, + "azure_aks_service_account_name": { + "type": "string", + "value": "[variables('aksServiceAccountName')]" + }, + "azure_aoai_endpoint": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.openAiEndpoint.value]" + }, + "azure_aoai_llm_model": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.llmModel.value]" + }, + "azure_aoai_llm_model_deployment_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.llmModelDeploymentName.value]" + }, + "azure_aoai_llm_model_api_version": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.llmModelApiVersion.value]" + }, + "azure_aoai_embedding_model": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.textEmbeddingModel.value]" + }, + "azure_aoai_embedding_model_deployment_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.textEmbeddingModelDeploymentName.value]" + }, + "azure_aoai_embedding_model_api_version": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'aoai-deployment'), '2022-09-01').outputs.textEmbeddingModelApiVersion.value]" + }, + "azure_apim_gateway_url": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'apim-deployment'), '2022-09-01').outputs.apimGatewayUrl.value]" + }, + "azure_apim_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'apim-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_app_hostname": { + "type": "string", + "value": "[variables('appHostname')]" + }, + "azure_app_url": { + "type": "string", + "value": "[variables('appUrl')]" + }, + "azure_app_insights_connection_string": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'app-insights-deployment'), '2022-09-01').outputs.connectionString.value]" + }, + "azure_cosmosdb_endpoint": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.endpoint.value]" + }, + "azure_cosmosdb_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_cosmosdb_id": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'cosmosdb-deployment'), '2022-09-01').outputs.id.value]" + }, + "azure_dns_zone_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'private-dns-zone-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_private_dns_zones": { + "type": "array", + "value": "[if(parameters('enablePrivateEndpoints'), union(reference(resourceId('Microsoft.Resources/deployments', 'privatelink-private-dns-zones-deployment'), '2022-09-01').outputs.privateDnsZones.value, createArray(reference(resourceId('Microsoft.Resources/deployments', 'private-dns-zone-deployment'), '2022-09-01').outputs.name.value)), createArray())]" + }, + "azure_storage_account": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'storage-deployment'), '2022-09-01').outputs.name.value]" + }, + "azure_storage_account_blob_url": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'storage-deployment'), '2022-09-01').outputs.primaryEndpoints.value.blob]" + }, + "azure_workload_identity_client_id": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.clientId.value]" + }, + "azure_workload_identity_principal_id": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.principalId.value]" + }, + "azure_workload_identity_name": { + "type": "string", + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'workload-identity-deployment'), '2022-09-01').outputs.name.value]" + } + } +} \ No newline at end of file diff --git a/infra/managed-app/managed-app.zip b/infra/managed-app/managed-app.zip new file mode 100644 index 00000000..d28a2c2b Binary files /dev/null and b/infra/managed-app/managed-app.zip differ diff --git a/infra/managed-app/managedapp.zip b/infra/managed-app/managedapp.zip new file mode 100644 index 00000000..d28a2c2b Binary files /dev/null and b/infra/managed-app/managedapp.zip differ diff --git a/infra/managed-app/openapi.json b/infra/managed-app/openapi.json new file mode 100644 index 00000000..5ed5b27b --- /dev/null +++ b/infra/managed-app/openapi.json @@ -0,0 +1 @@ +{"openapi":"3.1.0","info":{"title":"GraphRAG","version":"v0.0.0"},"paths":{"/data":{"get":{"tags":["Data Management"],"summary":"Get all data storage containers.","description":"Retrieve a list of all data storage containers.","operationId":"get_all_data_storage_containers_data_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/StorageNameList"}}}}}},"post":{"tags":["Data Management"],"summary":"Upload data to a data storage container","description":"Create a data storage container in Azure and upload files to it.\n\nArgs:\n files (List[UploadFile]): A list of files to be uploaded.\n storage_name (str): The name of the Azure Blob Storage container to which files will be uploaded.\n overwrite (bool): Whether to overwrite existing files with the same name. Defaults to True. If False, files that already exist will be skipped.\n\nReturns:\n BaseResponse: An instance of the BaseResponse model with a status message indicating the result of the upload.\n\nRaises:\n HTTPException: If the container name is invalid or if any error occurs during the upload process.","operationId":"upload_files_data_post","parameters":[{"name":"storage_name","in":"query","required":true,"schema":{"type":"string","title":"Storage Name"}},{"name":"overwrite","in":"query","required":false,"schema":{"type":"boolean","default":true,"title":"Overwrite"}}],"requestBody":{"required":true,"content":{"multipart/form-data":{"schema":{"$ref":"#/components/schemas/Body_upload_files_data_post"}}}},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BaseResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/data/{storage_name}":{"delete":{"tags":["Data Management"],"summary":"Delete a data storage container","description":"Delete a specified data storage container.","operationId":"delete_files_data__storage_name__delete","parameters":[{"name":"storage_name","in":"path","required":true,"schema":{"type":"string","title":"Storage Name"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BaseResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/index":{"post":{"tags":["Index Operations"],"summary":"Build an index","operationId":"setup_indexing_pipeline_index_post","parameters":[{"name":"storage_name","in":"query","required":true,"schema":{"type":"string","title":"Storage Name"}},{"name":"index_name","in":"query","required":true,"schema":{"type":"string","title":"Index Name"}}],"requestBody":{"content":{"multipart/form-data":{"schema":{"$ref":"#/components/schemas/Body_setup_indexing_pipeline_index_post"}}}},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BaseResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}},"get":{"tags":["Index Operations"],"summary":"Get all indexes","description":"Retrieve a list of all index names.","operationId":"get_all_indexes_index_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IndexNameList"}}}}}}},"/index/{index_name}":{"delete":{"tags":["Index Operations"],"summary":"Delete a specified index","description":"Delete a specified index.","operationId":"delete_index_index__index_name__delete","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BaseResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/index/status/{index_name}":{"get":{"tags":["Index Operations"],"summary":"Track the status of an indexing job","operationId":"get_index_job_status_index_status__index_name__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IndexStatusResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/query/global":{"post":{"tags":["Query Operations"],"summary":"Perform a global search across the knowledge graph index","description":"The global query method generates answers by searching over all AI-generated community reports in a map-reduce fashion. This is a resource-intensive method, but often gives good responses for questions that require an understanding of the dataset as a whole.","operationId":"global_query_query_global_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/query/local":{"post":{"tags":["Query Operations"],"summary":"Perform a local search across the knowledge graph index.","description":"The local query method generates answers by combining relevant data from the AI-extracted knowledge-graph with text chunks of the raw documents. This method is suitable for questions that require an understanding of specific entities mentioned in the documents (e.g. What are the healing properties of chamomile?).","operationId":"local_query_query_local_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/query/streaming/global":{"post":{"tags":["Query Streaming Operations"],"summary":"Stream a response back after performing a global search","description":"The global query method generates answers by searching over all AI-generated community reports in a map-reduce fashion. This is a resource-intensive method, but often gives good responses for questions that require an understanding of the dataset as a whole.","operationId":"global_search_streaming_query_streaming_global_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/query/streaming/local":{"post":{"tags":["Query Streaming Operations"],"summary":"Stream a response back after performing a local search","description":"The local query method generates answers by combining relevant data from the AI-extracted knowledge-graph with text chunks of the raw documents. This method is suitable for questions that require an understanding of specific entities mentioned in the documents (e.g. What are the healing properties of chamomile?).","operationId":"local_search_streaming_query_streaming_local_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/index/config/prompts":{"get":{"tags":["Index Configuration"],"summary":"Generate graphrag prompts from user-provided data.","description":"Generating custom prompts from user-provided data may take several minutes to run based on the amount of data used.","operationId":"generate_prompts_index_config_prompts_get","parameters":[{"name":"storage_name","in":"query","required":true,"schema":{"type":"string","title":"Storage Name"}},{"name":"limit","in":"query","required":false,"schema":{"type":"integer","default":5,"title":"Limit"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/source/report/{index_name}/{report_id}":{"get":{"tags":["Sources"],"summary":"Return a single community report.","operationId":"get_report_info_source_report__index_name___report_id__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}},{"name":"report_id","in":"path","required":true,"schema":{"type":"string","title":"Report Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ReportResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/source/text/{index_name}/{text_unit_id}":{"get":{"tags":["Sources"],"summary":"Return a single base text unit.","operationId":"get_chunk_info_source_text__index_name___text_unit_id__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}},{"name":"text_unit_id","in":"path","required":true,"schema":{"type":"string","title":"Text Unit Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/TextUnitResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/source/entity/{index_name}/{entity_id}":{"get":{"tags":["Sources"],"summary":"Return a single entity.","operationId":"get_entity_info_source_entity__index_name___entity_id__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}},{"name":"entity_id","in":"path","required":true,"schema":{"type":"integer","title":"Entity Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/EntityResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/source/claim/{index_name}/{claim_id}":{"get":{"tags":["Sources"],"summary":"Return a single claim.","operationId":"get_claim_info_source_claim__index_name___claim_id__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}},{"name":"claim_id","in":"path","required":true,"schema":{"type":"integer","title":"Claim Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ClaimResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/source/relationship/{index_name}/{relationship_id}":{"get":{"tags":["Sources"],"summary":"Return a single relationship.","operationId":"get_relationship_info_source_relationship__index_name___relationship_id__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}},{"name":"relationship_id","in":"path","required":true,"schema":{"type":"integer","title":"Relationship Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RelationshipResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/graph/graphml/{index_name}":{"get":{"tags":["Graph Operations"],"summary":"Retrieve a GraphML file of the knowledge graph","operationId":"retrieve_graphml_file_graph_graphml__index_name__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}}],"responses":{"200":{"description":"GraphML file successfully downloaded","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/graph/stats/{index_name}":{"get":{"tags":["Graph Operations"],"summary":"Retrieve basic graph statistics, number of nodes and edges","operationId":"retrieve_graph_stats_graph_stats__index_name__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphDataResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/health":{"get":{"summary":"API health check","description":"Returns a 200 response to indicate the API is healthy.","operationId":"health_check_health_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}}}}}},"components":{"schemas":{"BaseResponse":{"properties":{"status":{"type":"string","title":"Status"}},"type":"object","required":["status"],"title":"BaseResponse"},"Body_setup_indexing_pipeline_index_post":{"properties":{"entity_extraction_prompt":{"anyOf":[{"type":"string","format":"binary"},{"type":"null"}],"title":"Entity Extraction Prompt"},"community_report_prompt":{"anyOf":[{"type":"string","format":"binary"},{"type":"null"}],"title":"Community Report Prompt"},"summarize_descriptions_prompt":{"anyOf":[{"type":"string","format":"binary"},{"type":"null"}],"title":"Summarize Descriptions Prompt"}},"type":"object","title":"Body_setup_indexing_pipeline_index_post"},"Body_upload_files_data_post":{"properties":{"files":{"items":{"type":"string","format":"binary"},"type":"array","title":"Files"}},"type":"object","required":["files"],"title":"Body_upload_files_data_post"},"ClaimResponse":{"properties":{"covariate_type":{"type":"string","title":"Covariate Type"},"type":{"type":"string","title":"Type"},"description":{"type":"string","title":"Description"},"subject_id":{"type":"string","title":"Subject Id"},"object_id":{"type":"string","title":"Object Id"},"source_text":{"type":"string","title":"Source Text"},"text_unit_id":{"type":"string","title":"Text Unit Id"},"document_ids":{"items":{"type":"string"},"type":"array","title":"Document Ids"}},"type":"object","required":["covariate_type","type","description","subject_id","object_id","source_text","text_unit_id","document_ids"],"title":"ClaimResponse"},"EntityResponse":{"properties":{"name":{"type":"string","title":"Name"},"description":{"type":"string","title":"Description"},"text_units":{"items":{"type":"string"},"type":"array","title":"Text Units"}},"type":"object","required":["name","description","text_units"],"title":"EntityResponse"},"GraphDataResponse":{"properties":{"nodes":{"type":"integer","title":"Nodes"},"edges":{"type":"integer","title":"Edges"}},"type":"object","required":["nodes","edges"],"title":"GraphDataResponse"},"GraphRequest":{"properties":{"index_name":{"anyOf":[{"type":"string"},{"items":{"type":"string"},"type":"array"}],"title":"Index Name"},"query":{"type":"string","title":"Query"}},"type":"object","required":["index_name","query"],"title":"GraphRequest"},"GraphResponse":{"properties":{"result":{"title":"Result"},"context_data":{"title":"Context Data"}},"type":"object","required":["result","context_data"],"title":"GraphResponse"},"HTTPValidationError":{"properties":{"detail":{"items":{"$ref":"#/components/schemas/ValidationError"},"type":"array","title":"Detail"}},"type":"object","title":"HTTPValidationError"},"IndexNameList":{"properties":{"index_name":{"items":{"type":"string"},"type":"array","title":"Index Name"}},"type":"object","required":["index_name"],"title":"IndexNameList"},"IndexStatusResponse":{"properties":{"status_code":{"type":"integer","title":"Status Code"},"index_name":{"type":"string","title":"Index Name"},"storage_name":{"type":"string","title":"Storage Name"},"status":{"type":"string","title":"Status"},"percent_complete":{"type":"number","title":"Percent Complete"},"progress":{"type":"string","title":"Progress"}},"type":"object","required":["status_code","index_name","storage_name","status","percent_complete","progress"],"title":"IndexStatusResponse"},"RelationshipResponse":{"properties":{"source":{"type":"string","title":"Source"},"source_id":{"type":"integer","title":"Source Id"},"target":{"type":"string","title":"Target"},"target_id":{"type":"integer","title":"Target Id"},"description":{"type":"string","title":"Description"},"text_units":{"items":{"type":"string"},"type":"array","title":"Text Units"}},"type":"object","required":["source","source_id","target","target_id","description","text_units"],"title":"RelationshipResponse"},"ReportResponse":{"properties":{"text":{"type":"string","title":"Text"}},"type":"object","required":["text"],"title":"ReportResponse"},"StorageNameList":{"properties":{"storage_name":{"items":{"type":"string"},"type":"array","title":"Storage Name"}},"type":"object","required":["storage_name"],"title":"StorageNameList"},"TextUnitResponse":{"properties":{"text":{"type":"string","title":"Text"},"source_document":{"type":"string","title":"Source Document"}},"type":"object","required":["text","source_document"],"title":"TextUnitResponse"},"ValidationError":{"properties":{"loc":{"items":{"anyOf":[{"type":"string"},{"type":"integer"}]},"type":"array","title":"Location"},"msg":{"type":"string","title":"Message"},"type":{"type":"string","title":"Error Type"}},"type":"object","required":["loc","msg","type"],"title":"ValidationError"}}}} \ No newline at end of file diff --git a/infra/runbicep.sh b/infra/runbicep.sh new file mode 100755 index 00000000..e2f70783 --- /dev/null +++ b/infra/runbicep.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +deployAzureResources () { + + + echo "Deploying Azure resources..." + local datetime="`date +%Y%m%d%H%M%S`" + local deployName="graphrag-deploy-$datetime" + local rggoup="harjsin$datetime" + echo "Deployment name: $deployName" + az group create -l eastus2 -n "$rggoup" + local AZURE_DEPLOY_RESULTS=$(az deployment group create --name "$deployName" \ + --no-prompt \ + --resource-group "$rggoup" \ + --mode Incremental \ + --template-file ./main.bicep \ + --parameters "resourceBaseName=$rggoup" \ + --parameters "resourceGroup=$rggoup" \ + --parameters "apimName=$rggoup" \ + --parameters "apimTier=Developer" \ + --parameters "apiPublisherName=harjsin" \ + --parameters "apiPublisherEmail=harjsin@microsoft.com" \ + --parameters "enablePrivateEndpoints=false" \ + --output json) + # errors in deployment may not be caught by exitIfCommandFailed function so we also check the output for errors + exitIfCommandFailed $? "Error deploying Azure resources..." + exitIfValueEmpty "$AZURE_DEPLOY_RESULTS" "Error deploying Azure resources..." + AZURE_OUTPUTS=$(jq -r .properties.outputs <<< "$AZURE_DEPLOY_RESULTS") + exitIfCommandFailed $? "Error parsing outputs from Azure deployment..." + exitIfValueEmpty "$AZURE_OUTPUTS" "Error parsing outputs from Azure deployment..." +} + + +deployAzureResources + diff --git a/openapi.json b/openapi.json new file mode 100644 index 00000000..aa507f6e --- /dev/null +++ b/openapi.json @@ -0,0 +1 @@ +{"openapi":"3.1.0","info":{"title":"GraphRAG","version":"v0.0.0"},"paths":{"/data":{"get":{"tags":["Data Management"],"summary":"Get all data storage containers.","description":"Retrieve a list of all data storage containers.","operationId":"get_all_data_storage_containers_data_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/StorageNameList"}}}}}},"post":{"tags":["Data Management"],"summary":"Upload data to a data storage container","description":"Create a data storage container in Azure and upload files to it.\n\nArgs:\n files (List[UploadFile]): A list of files to be uploaded.\n storage_name (str): The name of the Azure Blob Storage container to which files will be uploaded.\n overwrite (bool): Whether to overwrite existing files with the same name. Defaults to True. If False, files that already exist will be skipped.\n\nReturns:\n BaseResponse: An instance of the BaseResponse model with a status message indicating the result of the upload.\n\nRaises:\n HTTPException: If the container name is invalid or if any error occurs during the upload process.","operationId":"upload_files_data_post","parameters":[{"name":"storage_name","in":"query","required":true,"schema":{"type":"string","title":"Storage Name"}},{"name":"overwrite","in":"query","required":false,"schema":{"type":"boolean","default":true,"title":"Overwrite"}}],"requestBody":{"required":true,"content":{"multipart/form-data":{"schema":{"$ref":"#/components/schemas/Body_upload_files_data_post"}}}},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BaseResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/data/{storage_name}":{"delete":{"tags":["Data Management"],"summary":"Delete a data storage container","description":"Delete a specified data storage container.","operationId":"delete_files_data__storage_name__delete","parameters":[{"name":"storage_name","in":"path","required":true,"schema":{"type":"string","title":"Storage Name"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BaseResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/index":{"post":{"tags":["Index Operations"],"summary":"Build an index","operationId":"setup_indexing_pipeline_index_post","parameters":[{"name":"storage_name","in":"query","required":true,"schema":{"type":"string","title":"Storage Name"}},{"name":"index_name","in":"query","required":true,"schema":{"type":"string","title":"Index Name"}}],"requestBody":{"content":{"multipart/form-data":{"schema":{"$ref":"#/components/schemas/Body_setup_indexing_pipeline_index_post"}}}},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BaseResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}},"get":{"tags":["Index Operations"],"summary":"Get all indexes","description":"Retrieve a list of all index names.","operationId":"get_all_indexes_index_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IndexNameList"}}}}}}},"/index/{index_name}":{"delete":{"tags":["Index Operations"],"summary":"Delete a specified index","description":"Delete a specified index.","operationId":"delete_index_index__index_name__delete","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BaseResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/index/status/{index_name}":{"get":{"tags":["Index Operations"],"summary":"Track the status of an indexing job","operationId":"get_index_job_status_index_status__index_name__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IndexStatusResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/query/global":{"post":{"tags":["Query Operations"],"summary":"Perform a global search across the knowledge graph index","description":"The global query method generates answers by searching over all AI-generated community reports in a map-reduce fashion. This is a resource-intensive method, but often gives good responses for questions that require an understanding of the dataset as a whole.","operationId":"global_query_query_global_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/query/local":{"post":{"tags":["Query Operations"],"summary":"Perform a local search across the knowledge graph index.","description":"The local query method generates answers by combining relevant data from the AI-extracted knowledge-graph with text chunks of the raw documents. This method is suitable for questions that require an understanding of specific entities mentioned in the documents (e.g. What are the healing properties of chamomile?).","operationId":"local_query_query_local_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/query/streaming/global":{"post":{"tags":["Query Streaming Operations"],"summary":"Stream a response back after performing a global search","description":"The global query method generates answers by searching over all AI-generated community reports in a map-reduce fashion. This is a resource-intensive method, but often gives good responses for questions that require an understanding of the dataset as a whole.","operationId":"global_search_streaming_query_streaming_global_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/query/streaming/local":{"post":{"tags":["Query Streaming Operations"],"summary":"Stream a response back after performing a local search","description":"The local query method generates answers by combining relevant data from the AI-extracted knowledge-graph with text chunks of the raw documents. This method is suitable for questions that require an understanding of specific entities mentioned in the documents (e.g. What are the healing properties of chamomile?).","operationId":"local_search_streaming_query_streaming_local_post","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/GraphRequest"}}},"required":true},"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/index/config/prompts":{"get":{"tags":["Index Configuration"],"summary":"Generate prompts from user-provided data.","description":"Generating custom prompts from user-provided data may take several minutes to run based on the amount of data used.","operationId":"generate_prompts_index_config_prompts_get","parameters":[{"name":"storage_name","in":"query","required":true,"schema":{"type":"string","title":"Storage Name"}},{"name":"limit","in":"query","required":false,"schema":{"type":"integer","default":5,"title":"Limit"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/source/report/{index_name}/{report_id}":{"get":{"tags":["Sources"],"summary":"Return a single community report.","operationId":"get_report_info_source_report__index_name___report_id__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}},{"name":"report_id","in":"path","required":true,"schema":{"type":"string","title":"Report Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ReportResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/source/text/{index_name}/{text_unit_id}":{"get":{"tags":["Sources"],"summary":"Return a single base text unit.","operationId":"get_chunk_info_source_text__index_name___text_unit_id__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}},{"name":"text_unit_id","in":"path","required":true,"schema":{"type":"string","title":"Text Unit Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/TextUnitResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/source/entity/{index_name}/{entity_id}":{"get":{"tags":["Sources"],"summary":"Return a single entity.","operationId":"get_entity_info_source_entity__index_name___entity_id__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}},{"name":"entity_id","in":"path","required":true,"schema":{"type":"integer","title":"Entity Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/EntityResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/source/claim/{index_name}/{claim_id}":{"get":{"tags":["Sources"],"summary":"Return a single claim.","operationId":"get_claim_info_source_claim__index_name___claim_id__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}},{"name":"claim_id","in":"path","required":true,"schema":{"type":"integer","title":"Claim Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ClaimResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/source/relationship/{index_name}/{relationship_id}":{"get":{"tags":["Sources"],"summary":"Return a single relationship.","operationId":"get_relationship_info_source_relationship__index_name___relationship_id__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}},{"name":"relationship_id","in":"path","required":true,"schema":{"type":"integer","title":"Relationship Id"}}],"responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/RelationshipResponse"}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/graph/graphml/{index_name}":{"get":{"tags":["Graph Operations"],"summary":"Retrieve a GraphML file of the knowledge graph","operationId":"get_graphml_file_graph_graphml__index_name__get","parameters":[{"name":"index_name","in":"path","required":true,"schema":{"type":"string","title":"Index Name"}}],"responses":{"200":{"description":"GraphML file successfully downloaded","content":{"application/json":{"schema":{}}}},"422":{"description":"Validation Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/HTTPValidationError"}}}}}}},"/health":{"get":{"summary":"API health check","description":"Returns a 200 response to indicate the API is healthy.","operationId":"health_check_health_get","responses":{"200":{"description":"Successful Response","content":{"application/json":{"schema":{}}}}}}}},"components":{"schemas":{"BaseResponse":{"properties":{"status":{"type":"string","title":"Status"}},"type":"object","required":["status"],"title":"BaseResponse"},"Body_setup_indexing_pipeline_index_post":{"properties":{"entity_extraction_prompt":{"anyOf":[{"type":"string","format":"binary"},{"type":"null"}],"title":"Entity Extraction Prompt"},"community_report_prompt":{"anyOf":[{"type":"string","format":"binary"},{"type":"null"}],"title":"Community Report Prompt"},"summarize_descriptions_prompt":{"anyOf":[{"type":"string","format":"binary"},{"type":"null"}],"title":"Summarize Descriptions Prompt"}},"type":"object","title":"Body_setup_indexing_pipeline_index_post"},"Body_upload_files_data_post":{"properties":{"files":{"items":{"type":"string","format":"binary"},"type":"array","title":"Files"}},"type":"object","required":["files"],"title":"Body_upload_files_data_post"},"ClaimResponse":{"properties":{"covariate_type":{"type":"string","title":"Covariate Type"},"type":{"type":"string","title":"Type"},"description":{"type":"string","title":"Description"},"subject_id":{"type":"string","title":"Subject Id"},"object_id":{"type":"string","title":"Object Id"},"source_text":{"type":"string","title":"Source Text"},"text_unit_id":{"type":"string","title":"Text Unit Id"},"document_ids":{"items":{"type":"string"},"type":"array","title":"Document Ids"}},"type":"object","required":["covariate_type","type","description","subject_id","object_id","source_text","text_unit_id","document_ids"],"title":"ClaimResponse"},"EntityResponse":{"properties":{"name":{"type":"string","title":"Name"},"description":{"type":"string","title":"Description"},"text_units":{"items":{"type":"string"},"type":"array","title":"Text Units"}},"type":"object","required":["name","description","text_units"],"title":"EntityResponse"},"GraphRequest":{"properties":{"index_name":{"anyOf":[{"type":"string"},{"items":{"type":"string"},"type":"array"}],"title":"Index Name"},"query":{"type":"string","title":"Query"},"community_level":{"anyOf":[{"type":"integer"},{"type":"null"}],"title":"Community Level"}},"type":"object","required":["index_name","query"],"title":"GraphRequest"},"GraphResponse":{"properties":{"result":{"title":"Result"},"context_data":{"title":"Context Data"}},"type":"object","required":["result","context_data"],"title":"GraphResponse"},"HTTPValidationError":{"properties":{"detail":{"items":{"$ref":"#/components/schemas/ValidationError"},"type":"array","title":"Detail"}},"type":"object","title":"HTTPValidationError"},"IndexNameList":{"properties":{"index_name":{"items":{"type":"string"},"type":"array","title":"Index Name"}},"type":"object","required":["index_name"],"title":"IndexNameList"},"IndexStatusResponse":{"properties":{"status_code":{"type":"integer","title":"Status Code"},"index_name":{"type":"string","title":"Index Name"},"storage_name":{"type":"string","title":"Storage Name"},"status":{"type":"string","title":"Status"},"percent_complete":{"type":"number","title":"Percent Complete"},"progress":{"type":"string","title":"Progress"}},"type":"object","required":["status_code","index_name","storage_name","status","percent_complete","progress"],"title":"IndexStatusResponse"},"RelationshipResponse":{"properties":{"source":{"type":"string","title":"Source"},"source_id":{"type":"integer","title":"Source Id"},"target":{"type":"string","title":"Target"},"target_id":{"type":"integer","title":"Target Id"},"description":{"type":"string","title":"Description"},"text_units":{"items":{"type":"string"},"type":"array","title":"Text Units"}},"type":"object","required":["source","source_id","target","target_id","description","text_units"],"title":"RelationshipResponse"},"ReportResponse":{"properties":{"text":{"type":"string","title":"Text"}},"type":"object","required":["text"],"title":"ReportResponse"},"StorageNameList":{"properties":{"storage_name":{"items":{"type":"string"},"type":"array","title":"Storage Name"}},"type":"object","required":["storage_name"],"title":"StorageNameList"},"TextUnitResponse":{"properties":{"text":{"type":"string","title":"Text"},"source_document":{"type":"string","title":"Source Document"}},"type":"object","required":["text","source_document"],"title":"TextUnitResponse"},"ValidationError":{"properties":{"loc":{"items":{"anyOf":[{"type":"string"},{"type":"integer"}]},"type":"array","title":"Location"},"msg":{"type":"string","title":"Message"},"type":{"type":"string","title":"Error Type"}},"type":"object","required":["loc","msg","type"],"title":"ValidationError"}}}} \ No newline at end of file