To deploy this solution accelerator, ensure you have access to an Azure subscription with the necessary permissions to create resource groups, resources, and assign roles at the resource group level*. Follow the steps in Azure Account Set Up
Check the Azure Products by Region page and select a region where the following services are available:
Here are some example regions where the services are available: East US, East US2, Australia East, UK South, France Central.
By default, the Gpt-4o-mini model capacity in deployment is set to 30k tokens, so we recommend updating the following:
For Global Standard | GPT-4o-mini - increase the capacity to at least 150k tokens post-deployment for optimal performance.
Depending on your subscription quota and capacity, you can adjust quota settings to better meet your specific needs. You can also adjust the deployment parameters for additional optimization.
The infra folder of the Build-your-own-copilot-Solution-Accelerator contains the main.bicep Bicep script, which defines all Azure infrastructure components for this solution.
By default, the azd up command uses the main.parameters.json file to deploy the solution. This file is pre-configured for a sandbox environment — ideal for development and proof-of-concept scenarios, with minimal security and cost controls for rapid iteration.
For production deployments, the repository also provides main.waf.parameters.json, which applies a Well-Architected Framework (WAF) aligned configuration. This option enables additional Azure best practices for reliability, security, cost optimization, operational excellence, and performance efficiency, such as:
- Enhanced network security (e.g., Network protection with private endpoints)
- Stricter access controls and managed identities
- Logging, monitoring, and diagnostics enabled by default
- Resource tagging and cost management recommendations
How to choose your deployment configuration:
- Use the default
main.parameters.jsonfile for a sandbox/dev environment - For a WAF-aligned, production-ready deployment, copy the contents of
main.waf.parameters.jsonintomain.parameters.jsonbefore runningazd up
By default, the solution sets the VM administrator username and password from environment variables.
To set your own VM credentials before deployment, use:
azd env set AZURE_ENV_VM_ADMIN_USERNAME <your-username>
azd env set AZURE_ENV_VM_ADMIN_PASSWORD <your-password>Tip
Always review and adjust parameter values (such as region, capacity, security settings and log analytics workspace configuration) to match your organization’s requirements before deploying. For production, ensure you have sufficient quota and follow the principle of least privilege for all identities and role assignments.
Important
The WAF-aligned configuration is under active development. More Azure Well-Architected recommendations will be added in future updates.
Pick from the options below to see step-by-step instructions for GitHub Codespaces, VS Code Dev Containers, and Local Environments.
 |
 |
|---|
Deploy in GitHub Codespaces
You can run this solution using GitHub Codespaces. The button will open a web-based VS Code instance in your browser:
-
Open the solution accelerator (this may take several minutes):
-
Accept the default values on the create Codespaces page.
-
Open a terminal window if it is not already open.
-
Continue with the deploying steps.
Deploy in VS Code
You can run this solution in VS Code Dev Containers, which will open the project in your local VS Code using the Dev Containers extension:
-
Start Docker Desktop (install it if not already installed).
-
Open the project:
-
In the VS Code window that opens, once the project files show up (this may take several minutes), open a terminal window.
-
Continue with the deploying steps.
Deploy in your local Environment
If you're not using one of the above options for opening the project, then you'll need to:
-
Make sure the following tools are installed:
- PowerShell (v7.0+) - available for Windows, macOS, and Linux.
- Azure Developer CLI (azd) (v1.15.0+) - version
- Python 3.9 to 3.11
- Docker Desktop
- Git
- Microsoft ODBC Driver 18 for SQL Server
- sqlcmd(ODBC-Windows) / sqlcmd(Linux/Mac)
-
Clone the repository or download the project code via command-line:
azd init -t microsoft/build-your-own-copilot-solution-accelerator/
-
Open the project folder in your terminal or editor.
-
Continue with the deploying steps.
Consider the following settings during your deployment to modify specific settings:
Configurable Deployment Settings
When you start the deployment, most parameters will have default values, but you can update the below settings by following the steps here:
| Setting | Description | Default value |
|---|---|---|
| Environment Name | A 3-20 character alphanumeric value used to generate a unique ID to prefix the resources. | azdtemp |
| Cosmos Location | A less busy region for CosmosDB, useful in case of availability constraints. | eastus2 |
| Deployment Type | Select from a drop-down list (Standard, GlobalStandard). |
GlobalStandard |
| GPT Model | Azure OpenAI GPT model to deploy. | gpt-4o-mini |
| GPT Model Deployment Capacity | Configure capacity for GPT models. Choose based on Azure OpenAI quota. | 30 |
| Embedding Model | OpenAI embedding model used for vector similarity. | text-embedding-ada-002 |
| Embedding Model Capacity | Set the capacity for embedding models. Choose based on usage and quota. | 80 |
| Image Tag | The version of the Docker image to use (e.g., latest, dev, hotfix). |
latest |
| Azure OpenAI API Version | Set the API version for OpenAI model deployments. | 2025-04-01-preview |
| AZURE_LOCATION | Sets the Azure region for resource deployment. | <User selects during deployment> |
| Existing Log Analytics Workspace | To reuse an existing Log Analytics Workspace ID instead of creating a new one. | (empty) |
| Existing AI Foundry Project Resource ID | To reuse an existing AI Foundry Project Resource ID instead of creating a new one. | (empty) |
[Optional] Quota Recommendations
By default, the GPT model capacity in deployment is set to 30k tokens.
We recommend increasing the capacity to 100k tokens, if available, for optimal performance.
To adjust quota settings, follow these steps.
Reusing an Existing Log Analytics Workspace
Guide to get your Existing Workspace ID
Reusing an Existing Azure AI Foundry Project
Guide to get your Existing Project ID
Once you've opened the project in Codespaces, Dev Containers, or locally, you can deploy it to Azure by following these steps:
-
Login to Azure:
azd auth login
azd auth login --tenant-id <tenant-id>
Note: To retrieve the Tenant ID required for local deployment, you can go to Tenant Properties in Azure Portal from the resource list. Alternatively, follow these steps:
- Open the Azure Portal.
- Navigate to Azure Active Directory from the left-hand menu.
- Under the Overview section, locate the Tenant ID field. Copy the value displayed.
-
Provision and deploy all the resources:
azd up
-
Provide an
azdenvironment name (e.g., "byocaapp"). -
Select a subscription from your Azure account and choose a location that has quota for all the resources.
- This deployment will take 7-10 minutes to provision the resources in your account and set up the solution with sample data.
- If you encounter an error or timeout during deployment, changing the location may help, as there could be availability constraints for the resources.
-
Once the deployment is complete, please follow the Import Sample Data instructions under Post Deployment Steps to load the sample data correctly.
-
Open the Azure Portal, go to the deployed resource group, find the App Service and get the app URL from
Default domain. -
Test the app locally with the sample question with any selected client: Show latest asset value by asset type?. For more sample questions you can test in the application, see Sample Questions.
-
You can now delete the resources by running
azd down, if you are done trying out the application.
If you need to rebuild the source code and push the updated container to the deployed Azure Container Registry, follow these steps:
-
Set the environment variable
USE_LOCAL_BUILDtoTrue:-
Linux/macOS:
export USE_LOCAL_BUILD=True -
Windows (PowerShell):
$env:USE_LOCAL_BUILD = $true
-
-
Run the
az logincommandaz login
-
Run the
azd upcommand again to rebuild and push the updated container:azd up
This will rebuild the source code, package it into a container, and push it to the Azure Container Registry associated with your deployment.
If you encounter any issues during the deployment process, please refer troubleshooting document for detailed steps and solutions
-
Import Sample Data -Run bash command printed in the terminal. The bash command will look like the following:
bash ./infra/scripts/process_sample_data.sh
if you don't have azd env then you need to pass parameters along with the command. Then the command will look like the following:
bash ./infra/scripts/process_sample_data.sh <resourceGroupName> <cosmosDbAccountName> <storageAccount> <storageContainerName> <keyvaultName> <sqlServerName> <sqlDatabaseName> <webAppUserManagedIdentityClientId> <webAppUserManagedIdentityDisplayName> <aiFoundryResourceName> <aiSearchResourceName>
-
Add Authentication Provider
- Follow steps in App Authentication to configure authentication in app service. Note that Authentication changes can take up to 10 minutes.
-
Deleting Resources After a Failed Deployment
- Follow steps in Delete Resource Group if your deployment fails and/or you need to clean up the resources.
Set APP_ENV in your .env file to control Azure authentication. Set the environment variable to dev to use Azure CLI credentials, or to prod to use Managed Identity for production. Ensure you're logged in via az login when using dev in local.
To configure your environment, follow these steps:
1. Navigate to the `src\App` folder.
2. Create a `.env` file based on the `.env.sample` file.
3. Fill in the `.env` file using the deployment output or by retrieving values from the Azure Portal under "Deployments" in your resource group.
4. Ensure that the `APP_ENV` variable is set to "**dev**".