Skip to content

feat: Implemented WAF for Infrastructure #458

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 33 commits into from
Sep 12, 2025
Merged

feat: Implemented WAF for Infrastructure #458

merged 33 commits into from
Sep 12, 2025

Conversation

@Prajwal-Microsoft
Copy link
Contributor

@Prajwal-Microsoft Prajwal-Microsoft commented Sep 12, 2025

Purpose

This pull request introduces significant changes to the authentication and deployment approach for Azure services in both the backend API and infrastructure layers. The main focus is on transitioning from API key-based authentication to Azure Managed Identity and Azure AD token-based authentication for services such as Azure AI Search and OpenAI, as well as simplifying and removing parameters from infrastructure Bicep modules.

Key changes include:

Backend API: Authentication Modernization

Infrastructure: Bicep Module Simplification

Created WAF version, and also added azd deployment rather than power shell deployment.

These changes modernize authentication patterns and streamline infrastructure-as-code, promoting better security and maintainability.

Does this introduce a breaking change?

  • Yes
  • [] No

Golden Path Validation

  • I have tested the primary workflows (the "golden path") to ensure they function correctly without errors.

Deployment Validation

  • I have validated the deployment process successfully and all services are running as expected with this change.

What to Check

Verify that the following are valid

  • Validate different types of deployment such as WAF & NON WAF along with end to end Application testing.

Other Information

Kingshuk-Microsoft and others added 30 commits August 26, 2025 17:45
@Kingshuk-Microsoft
Bicep Standard Changes
dd2d504
@Kingshuk-Microsoft
avm changes 1
510a47a
@Kingshuk-Microsoft
bicep changes
c9eb239
@Prajwal-Microsoft
feat: Fixed build issues
c6d9bf7
@Kingshuk-Microsoft
resourcedeployment ps changes
e9ab3a7
@Kingshuk-Microsoft
output variables added
adca3cd
@Prajwal-Microsoft
feat: Added Modules for Cosmos, Conainer Registry, App Config
2412c4f
@Prajwal-Microsoft
Merge branch 'kings-dkm-dev' of https://github.com/microsoft/Document…
314ad40 
…-Knowledge-Mining-Solution-Accelerator into kings-dkm-dev
@Prajwal-Microsoft
feat: Added Changes for Deployment script to remove the deployment re…
e86deb7 
…lated steps
@Prajwal-Microsoft
fieat: Updated the power shell script
fd4d917
@Prajwal-Microsoft
fix: Added DIsable local Auth for Now Waf deployment to work
ec2a094
@Prajwal-Microsoft
fix: Added prmopt for Email Ifd
471381b
@Prajwal-Microsoft
fix: Removed unwanted keys from AppConfig
090fc7a
@Prajwal-Microsoft
feat: Implemented Identity based Authentication
c0e78db
@Prajwal-Microsoft
feat: Removed unwanted sections from Power shell script
d896727
@Prajwal-Microsoft
feat: Working for WAF aligned change
5414d29
@Prajwal-Microsoft
feat: Added WAF aligned params for AKS
23a2edd
@Kingshuk-Microsoft
deployment guide azd changes
f996a4e
@Kingshuk-Microsoft
deployment steps altered
e13f9ac
@Prajwal-Microsoft
feat: Added parameters.json & waf version of it, fixed bicep warnings
cd9ce22
@Prajwal-Microsoft
Merge branch 'kings-dkm-dev' of https://github.com/microsoft/Document…
851a163 
…-Knowledge-Mining-Solution-Accelerator into kings-dkm-dev
@Kingshuk-Microsoft
feat: added customizingAzdParameters.md and changes for DeploymentGuide
e3c42bc
@Kingshuk-Microsoft
changed model value
dca79ee
@Kingshuk-Microsoft
changed default value of embedding model
58289cd
@Prajwal-Microsoft
fix: WAF + EXP issue with bicep
57ded83
@Prajwal-Microsoft
docs: Updated the Deployment Guide
afe3ea2
@Prajwal-Microsoft
Merge pull request #457 from microsoft/kings-dkm-dev
705f61b 
feat: Down merge
@Prajwal-Microsoft
Merge remote-tracking branch 'origin/dev' into waf-prdc
962f0c1
@Prajwal-Microsoft
feat: Added created by in the tags
74470e7
@Prajwal-Microsoft
docs: Updated deployment guide and information message
0cb6a25
@Prajwal-Microsoft Prajwal-Microsoft merged commit c53ece9 into dev Sep 12, 2025
6 checks passed
@github-actions
Copy link

github-actions bot commented Sep 16, 2025

🎉 This PR is included in version 1.1.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Avijit-Microsoft Avijit-Microsoft Awaiting requested review from Avijit-Microsoft Avijit-Microsoft is a code owner

@Roopan-Microsoft Roopan-Microsoft Awaiting requested review from Roopan-Microsoft Roopan-Microsoft is a code owner

@Dongbumlee Dongbumlee Awaiting requested review from Dongbumlee Dongbumlee is a code owner

@Vinay-Microsoft Vinay-Microsoft Awaiting requested review from Vinay-Microsoft Vinay-Microsoft is a code owner

@aniaroramsft aniaroramsft Awaiting requested review from aniaroramsft aniaroramsft is a code owner

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Prajwal-Microsoft @Kingshuk-Microsoft