merged cmk into hub.tf

2024-05-15 21:17:25 +00:00 · 2024-05-15 21:17:25 +00:00 · c4bdeb74c0
commit c4bdeb74c0
parent 661af04fe8
4 changed files with 22 additions and 50 deletions
--- a/quickstart/101-ai-studio/dependent.tf
+++ b/quickstart/101-ai-studio/dependent.tf
@ -24,7 +24,7 @@ resource "azurerm_key_vault" "default" {

 // AzAPI AIServices
 resource "azapi_resource" "AIServicesResource"{
-  type = "Microsoft.CognitiveServices/accounts@2024-01-01-preview"
+  type = "Microsoft.CognitiveServices/accounts@2024-04-01-preview"
  name = "${var.names}AIServicesResource"
  location = azurerm_resource_group.default.location
  parent_id = azurerm_resource_group.default.id
--- a/quickstart/101-ai-studio/hub-cmk.tf
+++ b/quickstart/101-ai-studio/hub-cmk.tf
@ -1,48 +0,0 @@
-/* // To enable cmk, pass in arguments to set up keyIdentifier via cmk_keyvault_key_uri. Also comment out hub.tf.
-
-variable "cmk_keyvault_key_uri" {
-    description = "Key vault uri to access the encryption key."
-}
-
-variable "encryption_status" {
-    description = "Indicates whether or not the encryption is enabled for the workspace."
-    default = "Enabled"
-}
-
-resource "azapi_resource" "hub" {
-  type = "Microsoft.MachineLearningServices/workspaces@2024-04-01"
-  name = "my-ai-hub"
-  location = azurerm_resource_group.default.location
-  parent_id = azurerm_resource_group.default.id
-
-  identity {
-    type = "SystemAssigned"
-  }
-
-  body = jsonencode({
-    properties = {
-      description = "This is my Azure AI hub"
-      friendlyName = "My Hub"
-      storageAccount = azurerm_storage_account.default.id
-      keyVault = azurerm_key_vault.default.id
-
-      /* Optional: To enable these field, the corresponding dependent resources need to be uncommented.
-      applicationInsight = azurerm_application_insights.default.id
-      containerRegistry = azurerm_container_registry.default.id
-      /*
-
-      encryption = {
-        status = var.encryption_status
-        keyVaultProperties = {
-            keyVaultArmId = azurerm_key_vault.default.id
-            keyIdentifier = var.cmk_keyvault_key_uri
-        }
-      }
-
-    }
-    kind = "hub"
-  })
-  schema_validation_enabled = false
-}
-
-*/
--- a/quickstart/101-ai-studio/hub.tf
+++ b/quickstart/101-ai-studio/hub.tf
@ -19,6 +19,16 @@ resource "azapi_resource" "hub" {
      applicationInsight = azurerm_application_insights.default.id
      containerRegistry = azurerm_container_registry.default.id
      */
+
+      //Optional: To enable Customer Managed Keys, the corresponding 
+      encryption = {
+        status = var.encryption_status
+        keyVaultProperties = {
+            keyVaultArmId = azurerm_key_vault.default.id
+            keyIdentifier = var.cmk_keyvault_key_uri
+        }
+      }
+      
    }
    kind = "hub"
  })
--- a/quickstart/101-ai-studio/variables.tf
+++ b/quickstart/101-ai-studio/variables.tf
@ -15,4 +15,14 @@ variable "sku" {
    type        = string
    description = "The sku name of the Azure Analysis Services server to create. Choose from: B1, B2, D1, S0, S1, S2, S3, S4, S8, S9. Some skus are region specific. See https://docs.microsoft.com/en-us/azure/analysis-services/analysis-services-overview#availability-by-region"
    default     = "S0"
-}
+}
+
+//Optional: For Customer Managed Keys, uncomment this part AND the corresponding section in hub.tf
+variable "cmk_keyvault_key_uri" {
+    description = "Key vault uri to access the encryption key."
+}
+
+variable "encryption_status" {
+    description = "Indicates whether or not the encryption is enabled for the workspace."
+    default = "Enabled"
+}