aztfmod · rfernandezdo · Oct 29, 2024 · Oct 29, 2024 · Oct 29, 2024 · Oct 29, 2024
diff --git a/.github/workflows/standalone-dataplat.json b/.github/workflows/standalone-dataplat.json
@@ -41,11 +41,7 @@
     "datalake/101-datalake-storage",
     "machine_learning/100-aml",
     "machine_learning/101-aml-vnet",
-    "machine_learning/102-aml-compute_instance",
-    "mariadb_server/100-simple-mariadb",
-    "mariadb_server/101-vnet-rule-mariadb",
-    "mariadb_server/102-private-endpoint-mariadb",
-    "mariadb_server/103-private-endpoint-with-fw-rule-mariadb",
+    "machine_learning/102-aml-compute_instance",    
     "mssql_mi/200-mi",
     "mssql_server/101-sqlserver-simple",
     "mssql_server/102-sqlserver-extend",
@@ -56,11 +52,7 @@
     "mssql_server/109-sqlserver-network-firewall-rule",
     "mysql_flexible_server/100-simple-mysql-flexible",
     "mysql_flexible_server/101-delegated-subnet-with-fw-rule",
-    "mysql_flexible_server/102-advanced-mysql-flexible",
-    "mysql_server/100-simple-mysql",
-    "mysql_server/101-vnet-rule-mysql",
-    "mysql_server/102-private-endpoint-mysql",
-    "mysql_server/103-private-endpoint-with-fw-rule-mysql",
+    "mysql_flexible_server/102-advanced-mysql-flexible",    
     "postgresql_flexible_server/100-simple-postgresql-flexible",
     "postgresql_flexible_server/101-delegated-subnet-with-fw-rule",
     "postgresql_flexible_server/102-advanced-postgresql-flexible",

diff --git a/.github/workflows/standalone-scenarios.json b/.github/workflows/standalone-scenarios.json
@@ -29,6 +29,7 @@
     "automation/102-automation-msi",
     "automation/103-automation-private-endpoints",
     "automation/104-automation-schedule-runbook",
+    "cognitive_services/100-cognitive-services-account-OpenAI",
     "communication/communication_services/101-communication_service",
     "diagnostics_profiles/100-multiple-destinations",
     "diagnostics_profiles/100-multiple-destinations",

diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -19,5 +19,8 @@
         "MD025": {
             "front_matter_title": ""
         }
-    }
+    },
+    "conventionalCommits.scopes": [
+        "subnet"
+    ]
 }
diff --git a/cognitive_service.tf b/cognitive_service.tf
@@ -1,24 +1,54 @@
 module "cognitive_services_account" {
-  source   = "./modules/cognitive_services/cognitive_services_account"
-  for_each = local.cognitive_services.cognitive_services_account
-
+  source              = "./modules/cognitive_services/cognitive_services_account"
+  for_each            = local.cognitive_services.cognitive_services_account
   client_config       = local.client_config
   global_settings     = local.global_settings
+  settings            = each.value
+  location            = try(each.value.location, null)
   base_tags           = local.global_settings.inherit_tags
-  resource_group      = local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group_key, each.value.resource_group.key)]
+  resource_group      = local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)]
   resource_group_name = local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].name
-  location            = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].location : local.global_settings.regions[each.value.region]
-  settings            = each.value
-  resource_groups     = local.combined_objects_resource_groups
-  vnets               = local.combined_objects_networking
   private_endpoints   = try(each.value.private_endpoints, {})
-  private_dns         = local.combined_objects_private_dns
-  diagnostics         = local.combined_diagnostics
-  diagnostic_profiles = try(each.value.diagnostic_profiles, {})
 
-  managed_identities = local.combined_objects_managed_identities
+  remote_objects = {
+    # Depurar en algún moment para pasar la logica de la subnet_id a remote_objects, error: The given key does not identify an element in this collection value.
+    #subnet_id = can(each.value.network_acls.virtual_network_rules.subnet_key) ? local.combined_objects_networking[try(each.value.network_acls.virtual_network_rules.lz_key, local.client_config.landingzone_key)][each.value.network_acls.virtual_network_rules.vnet_key].subnets[each.value.network_acls.virtual_network_rules.subnet_key].id : null
+    #subnet_id           = can(each.value.vnet.subnet_key) ? local.combined_objects_networking[try(each.value.vnet.lz_key, local.client_config.landingzone_key)][each.value.vnet.key].subnets[each.value.vnet.subnet_key].id : null
+    vnets               = local.combined_objects_networking
+    virtual_subnets     = local.combined_objects_virtual_subnets
+    private_dns_zone_id = can(each.value.private_dns_zone.key) ? local.combined_objects_private_dns[try(each.value.private_dns_zone.lz_key, local.client_config.landingzone_key)][each.value.private_dns_zone.key].id : null
+    diagnostics         = local.combined_diagnostics
+    resource_groups     = local.combined_objects_resource_groups
+    private_dns         = local.combined_objects_private_dns
+  }
 }
 
+
 output "cognitive_services_account" {
   value = module.cognitive_services_account
 }
+
+module "cognitive_account_customer_managed_key" {
+  source               = "./modules/cognitive_services/cognitive_account_customer_managed_key"
+  for_each             = local.cognitive_services.cognitive_account_customer_managed_key
+  cognitive_account_id = can(each.value.cognitive_account_id) || can(each.value.cognitive_account.id) ? try(each.value.cognitive_account_id, each.value.cognitive_account.id) : local.combined_objects_cognitive_services_accounts[try(each.value.cognitive_account.lz_key, local.client_config.landingzone_key)][try(each.value.cognitive_account_key, each.value.cognitive_account_key.key)].id
+  key_vault_key_id     = can(each.value.key_vault_key_id) || can(each.value.key_vault_key.id) ? try(each.value.key_vault_key_id, each.value.key_vault_key.id) : local.combined_objects_keyvault_keys[try(each.value.keyvault_key.lz_key, local.client_config.landingzone_key)][try(each.value.key_vault_key_key, each.value.key_vault_key.key)].id
+  identity_client_id   = try(can(each.value.identity_client_id) || can(each.value.identity_client.id) ? try(each.value.identity_client_id, each.value.identity_client.id) : local.combined_objects_managed_identities[try(each.value.identity_client.lz_key, local.client_config.landingzone_key)][try(each.value.identity_client_key, each.value.identity_client.key)].id, null)
+
+
+}
+
+output "cognitive_account_customer_managed_key" {
+  value = module.cognitive_account_customer_managed_key
+}
+
+module "cognitive_deployment" {
+  source               = "./modules/cognitive_services/cognitive_deployment"
+  for_each             = local.cognitive_services.cognitive_deployment
+  settings             = each.value
+  cognitive_account_id = can(each.value.cognitive_account_id) || can(each.value.cognitive_account.id) ? try(each.value.cognitive_account_id, each.value.cognitive_account.id) : local.combined_objects_cognitive_services_accounts[try(each.value.cognitive_account.lz_key, local.client_config.landingzone_key)][try(each.value.cognitive_account_key, each.value.cognitive_account_key.key)].id
+}
+
+output "cognitive_deployment" {
+  value = module.cognitive_deployment
+}
diff --git a/examples/README.md b/examples/README.md
@@ -47,6 +47,7 @@ The current folder contains an example of module with the whole features set of
 ```bash
 cd /tf/caf/examples
 az login
+export  ARM_SUBSCRIPTION_ID=00000000-0000-0000-0000-000000000000
 terraform init
 terraform plan -var-file <path to your variable file>
 terraform apply -var-file <path to your variable file>

diff --git a/examples/app_config/101-private-link/configuration.tfvars b/examples/app_config/101-private-link/configuration.tfvars
@@ -55,7 +55,7 @@ vnets = {
       private_link = {
         name                                           = "private-links"
         cidr                                           = ["10.1.100.128/26"]
-        enforce_private_link_endpoint_network_policies = true
+        private_endpoint_network_policies = "Enabled"
       }
     }
   }

diff --git a/examples/automation/103-automation-private-endpoints/configuration.tfvars b/examples/automation/103-automation-private-endpoints/configuration.tfvars
@@ -74,7 +74,7 @@ vnets = {
       auto_subnet = {
         name                                           = "auto-subnet"
         cidr                                           = ["10.150.102.0/25"]
-        enforce_private_link_endpoint_network_policies = true
+        private_endpoint_network_policies = "Enabled"
       }
     }
 

diff --git a/.../cognitive_services/100-cognitive-services-account-CognitiveServices/configuration.tfvars b/.../cognitive_services/100-cognitive-services-account-CognitiveServices/configuration.tfvars
@@ -0,0 +1,33 @@
+global_settings = {
+  default_region = "region1"
+  regions = {
+    region1 = "westus"
+  }
+  random_length = 5
+  #pass_through = true
+}
+
+resource_groups = {
+  test-rg = {
+    name = "rg-alz-caf-test-1"
+  }
+}
+
+cognitive_services_account = {
+  test_account-2 = {
+    resource_group = {
+      # accepts either id or key to get resource group id
+      # id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1"
+      # lz_key = "examples"
+      key = "test-rg"
+    }
+    name     = "cs-alz-caf-test-2"
+    kind     = "CognitiveServices"
+    sku_name = "S0"
+    tags = {
+      env = "test"
+    }   
+
+  }
+}
+
diff --git a/...ive-services-account/configuration.tfvars → ...vices-account-OpenAI/configuration.tfvars b/...ive-services-account/configuration.tfvars → ...vices-account-OpenAI/configuration.tfvars
@@ -4,6 +4,7 @@ global_settings = {
     region1 = "westus"
   }
   random_length = 5
+  #pass_through = true
 }
 
 resource_groups = {
@@ -13,16 +14,17 @@ resource_groups = {
 }
 
 cognitive_services_account = {
-  test_account-1 = {
+  openai_account-1 = {
     resource_group = {
       # accepts either id or key to get resource group id
       # id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1"
       # lz_key = "examples"
       key = "test-rg"
     }
     name     = "cs-alz-caf-test-1"
-    kind     = "ComputerVision"
-    sku_name = "F0"
+    kind     = "OpenAI"
+    sku_name = "S0"
+
     tags = {
       env = "test"
     }
@@ -31,22 +33,5 @@ cognitive_services_account = {
     #   default_action = "Allow"
     #   ip_rules       = ["10.10.10.0/16"]
     # }
-  }
-  test_account-2 = {
-    resource_group = {
-      # accepts either id or key to get resource group id
-      # id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1"
-      # lz_key = "examples"
-      key = "test-rg"
-    }
-    name     = "cs-alz-caf-test-2"
-    kind     = "QnAMaker"
-    sku_name = "F0"
-    tags = {
-      env = "test"
-    }
-    qna_runtime_endpoint = "https://cs-alz-caf-test-2.azurewebsites.net"
-
-  }
+  }   
 }
-
diff --git a/...s/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars b/...s/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars
diff --git a/examples/cognitive_services/200-cognitive-services-account-OpenAI/configuration.tfvars b/examples/cognitive_services/200-cognitive-services-account-OpenAI/configuration.tfvars
@@ -0,0 +1,56 @@
+global_settings = {
+  default_region = "region1"
+  regions = {
+    region1 = "westus"
+  }
+  random_length = 5
+  #pass_through = true
+}
+
+resource_groups = {
+  test-rg = {
+    name = "rg-alz-caf-test-1"
+  }
+}
+
+cognitive_services_account = {
+  openai_account-1 = {
+    resource_group = {
+      # accepts either id or key to get resource group id
+      # id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1"
+      # lz_key = "examples"
+      key = "test-rg"
+    }
+    name     = "cs-alz-caf-test-1"
+    kind     = "OpenAI"
+    sku_name = "S0"
+    tags = {
+      env = "test"
+    }
+    # custom_subdomain_name = "cs-alz-caf-test-1"
+    # network_acls = {
+    #   default_action = "Allow"
+    #   ip_rules       = ["10.10.10.0/16"]
+    # }
+  }   
+}
+
+cognitive_deployment = {
+  openai_deployment-1 = {
+    name = "gpt4"
+    cognitive_account_key = "openai_account-1"
+    #cognitive_account_id = "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/example-resource-group/providers/Microsoft.CognitiveServices/accounts/accountValue"
+    #Check https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models?tabs=python-secure%2Cglobal-standard%2Cstandard-chat-completions
+    #Check  https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models?tabs=python-secure%2Cglobal-standard%2Cstandard-chat-completions#global-standard-model-availability
+    model = {
+      format = "OpenAI"
+      name = "gpt-4"
+      version = "turbo-2024-04-09"
+
+    }
+    sku = {
+      name = "Standard"
+      capacity = 1  
+    }
+  }
+}