added files

2024-05-15 20:45:38 +00:00 · 2024-05-15 20:45:38 +00:00 · 097321f7d5
commit 097321f7d5
parent 7ce10b04ff
9 changed files with 282 additions and 0 deletions
--- a/quickstart/101-ai-studio/README.md
+++ b/quickstart/101-ai-studio/README.md
@ -0,0 +1,44 @@
+# Azure AI Studio
+
+This deployment configuration specifies an [Azure AI hub](https://learn.microsoft.com/en-us/azure/ai-studio/concepts/ai-resources), 
+and its associated resources including Azure Key Vault, Azure Storage. You can optionally provision and attach Azure Application Insights and Azure Container Registry.
+
+This configuration describes the minimal set of resources you require to get started with Azure AI Studio.
+
+## Resources
+
+| Terraform Resource Type | Description |
+| - | - |
+| `azurerm_resource_group` | The resource group all resources get deployed into. |
+| `azurerm_key_vault` | An Azure Key Vault instance associated to the Azure Machine Learning workspace. |
+| `azurerm_storage_account` | An Azure Storage instance associated to the Azure Machine Learning workspace. |
+| `azurerm_application_insights` | An Azure Application Insights instance associated to the Azure Machine Learning workspace. |
+| `azurerm_container_registry` | An Azure Container Registry instance associated to the Azure Machine Learning workspace. |
+
+## Variables
+
+| Name | Description | Default |
+| ---- | ----------- | ------- |
+| names | Prefix name for dependent resources. | myfirst |
+| location | The Azure region used for deployments | East US |
+| sku | The SKU for AI Services resources | S0
+
+## Usage
+
+After git cloning the repo, run the following commands after having docker running on your machine.
+
+```bash
+terraform init
+
+az login 
+
+terraform plan -var names="tftemplate" -out demo.tfplan
+
+terraform apply "demo.tfplan"
+```
+
+## Common mistakes
+
+1. Make sure docker is running
+1. Make sure to have logged into your Azure Subscription by running ```az login```.
+1. Ensure that you have the correct RBAC permissions for in your subscription, hub, and project. 
--- a/quickstart/101-ai-studio/connections.tf
+++ b/quickstart/101-ai-studio/connections.tf
@ -0,0 +1,26 @@
+//Create an AI Services connection. 
+resource "azapi_resource" "AIServicesConnection" {
+  type = "Microsoft.MachineLearningServices/workspaces/connections@2024-04-01-preview"
+  name = "Default_AIServices"
+  parent_id = azapi_resource.hub.id
+
+  body = jsonencode({
+      properties = {
+        category = "AIServices",
+        target = jsondecode(azapi_resource.AIServicesResource.output).properties.endpoint,
+        authType = "AAD", //  or "APIKey"
+        isSharedToAll = true,
+        metadata = {
+          ApiType = "Azure",
+          ResourceId = azapi_resource.AIServicesResource.id
+        }
+        
+        credentials = {
+            Key = "" // <- must input APIKey here
+        }
+        
+      }
+    })
+  schema_validation_enabled = false
+  response_export_values = ["*"]
+}
--- a/quickstart/101-ai-studio/dependent.tf
+++ b/quickstart/101-ai-studio/dependent.tf
@ -0,0 +1,67 @@
+
+resource "azurerm_resource_group" "default" {
+  name     = "azapi-template-rg-${var.names}"
+  location = var.location
+}
+
+resource "azurerm_storage_account" "default" {
+  name                            = "${var.names}storage"
+  location                        = azurerm_resource_group.default.location
+  resource_group_name             = azurerm_resource_group.default.name
+  account_tier                    = "Standard"
+  account_replication_type        = "GRS"
+  allow_nested_items_to_be_public = false
+}
+
+resource "azurerm_key_vault" "default" {
+  name                     = "${var.names}keyvault"
+  location                 = azurerm_resource_group.default.location
+  resource_group_name      = azurerm_resource_group.default.name
+  tenant_id                = data.azurerm_client_config.current.tenant_id
+  sku_name                 = "standard"
+  purge_protection_enabled = false
+}
+
+// AzAPI AIServices
+resource "azapi_resource" "AIServicesResource"{
+  type = "Microsoft.CognitiveServices/accounts@2024-01-01-preview"
+  name = "${var.names}AIServicesResource"
+  location = azurerm_resource_group.default.location
+  parent_id = azurerm_resource_group.default.id
+
+  identity {
+    type = "SystemAssigned"
+  }
+
+  body = jsonencode({
+    properties = {
+        apiProperties = {
+            statisticsEnabled = false
+        }
+    }
+    kind = "AIServices"
+    sku = {
+        name = var.sku
+    }
+    })
+
+  schema_validation_enabled = false
+  response_export_values = ["*"]
+}
+
+/* The following resources are OPTIONAL.
+resource "azurerm_application_insights" "default" {
+  name                = "${var.names}appinsights"
+  location            = azurerm_resource_group.default.location
+  resource_group_name = azurerm_resource_group.default.name
+  application_type    = "web"
+}
+
+resource "azurerm_container_registry" "default" {
+  name                     = "${var.names}contreg"
+  resource_group_name      = azurerm_resource_group.default.name
+  location            = azurerm_resource_group.default.location
+  sku                      = "premium"
+  admin_enabled            = true
+}
+*/
--- a/quickstart/101-ai-studio/hub-cmk.tf
+++ b/quickstart/101-ai-studio/hub-cmk.tf
@ -0,0 +1,48 @@
+/* // To enable cmk, pass in arguments to set up keyIdentifier via cmk_keyvault_key_uri. Also comment out hub.tf.
+
+variable "cmk_keyvault_key_uri" {
+    description = "Key vault uri to access the encryption key."
+}
+
+variable "encryption_status" {
+    description = "Indicates whether or not the encryption is enabled for the workspace."
+    default = "Enabled"
+}
+
+resource "azapi_resource" "hub" {
+  type = "Microsoft.MachineLearningServices/workspaces@2024-04-01"
+  name = "my-ai-hub"
+  location = azurerm_resource_group.default.location
+  parent_id = azurerm_resource_group.default.id
+
+  identity {
+    type = "SystemAssigned"
+  }
+
+  body = jsonencode({
+    properties = {
+      description = "This is my Azure AI hub"
+      friendlyName = "My Hub"
+      storageAccount = azurerm_storage_account.default.id
+      keyVault = azurerm_key_vault.default.id
+
+      /* Optional: To enable these field, the corresponding dependent resources need to be uncommented.
+      applicationInsight = azurerm_application_insights.default.id
+      containerRegistry = azurerm_container_registry.default.id
+      /*
+
+      encryption = {
+        status = var.encryption_status
+        keyVaultProperties = {
+            keyVaultArmId = azurerm_key_vault.default.id
+            keyIdentifier = var.cmk_keyvault_key_uri
+        }
+      }
+
+    }
+    kind = "hub"
+  })
+  schema_validation_enabled = false
+}
+
+*/
--- a/quickstart/101-ai-studio/hub.tf
+++ b/quickstart/101-ai-studio/hub.tf
@ -0,0 +1,26 @@
+resource "azapi_resource" "hub" {
+  type = "Microsoft.MachineLearningServices/workspaces@2024-04-01"
+  name = "my-ai-hub"
+  location = azurerm_resource_group.default.location
+  parent_id = azurerm_resource_group.default.id
+
+  identity {
+    type = "SystemAssigned"
+  }
+
+  body = jsonencode({
+    properties = {
+      description = "This is my Azure AI hub"
+      friendlyName = "My Hub"
+      storageAccount = azurerm_storage_account.default.id
+      keyVault = azurerm_key_vault.default.id
+
+      /* Optional: To enable these field, the corresponding dependent resources need to be uncommented.
+      applicationInsight = azurerm_application_insights.default.id
+      containerRegistry = azurerm_container_registry.default.id
+      */
+    }
+    kind = "hub"
+  })
+  schema_validation_enabled = false
+}
--- a/quickstart/101-ai-studio/main.tf
+++ b/quickstart/101-ai-studio/main.tf
@ -0,0 +1,17 @@
+terraform {
+  required_providers {
+    azapi = {
+      source  = "azure/azapi"
+    }
+  }
+}
+
+provider "azurerm" {
+    features {}
+}
+
+provider "azapi" {
+}
+
+data "azurerm_client_config" "current" {
+}
--- a/quickstart/101-ai-studio/output.tf
+++ b/quickstart/101-ai-studio/output.tf
@ -0,0 +1,16 @@
+output "ResourceGroup" {
+  value = azurerm_resource_group.default.id
+}
+
+output "HubId" {
+    value = azapi_resource.hub.id
+}
+
+output "ProjectId" {
+    value = azapi_resource.project.id
+}
+
+output "endpoint" {
+  value = jsondecode(azapi_resource.AIServicesResource.output).properties.endpoint
+}
+
--- a/quickstart/101-ai-studio/project.tf
+++ b/quickstart/101-ai-studio/project.tf
@ -0,0 +1,20 @@
+resource "azapi_resource" "project" {
+  type = "Microsoft.MachineLearningServices/workspaces@2024-04-01"
+  name = "my-ai-project"
+  location = azurerm_resource_group.default.location
+  parent_id = azurerm_resource_group.default.id
+
+  identity {
+    type = "SystemAssigned"
+  }
+
+  body = jsonencode({
+    properties = {
+      description = "This is my Azure AI PROJECT"
+      friendlyName = "My Project"
+      hubResourceId = azapi_resource.hub.id
+    }
+    kind = "project"
+  })
+  schema_validation_enabled = false
+}
--- a/quickstart/101-ai-studio/variables.tf
+++ b/quickstart/101-ai-studio/variables.tf
@ -0,0 +1,18 @@
+// Names and Try are used for naming conventions in hub.tf and depende
+variable "names" {
+    type = string
+    description="This variable is used to name the hub, project, and dependent resources."
+    default = "tftemplate"
+}
+
+variable "location" {
+    type = string
+    description = "This is the location for all resources"
+    default = "East US 2"
+}
+
+variable "sku" {
+    type        = string
+    description = "The sku name of the Azure Analysis Services server to create. Choose from: B1, B2, D1, S0, S1, S2, S3, S4, S8, S9. Some skus are region specific. See https://docs.microsoft.com/en-us/azure/analysis-services/analysis-services-overview#availability-by-region"
+    default     = "S0"
+}