Skip to content

refactor: Updated main.bicep and other modules#2

Open
Vamshi-Microsoft wants to merge 28 commits into
mainfrom
vk-avm1
Open

refactor: Updated main.bicep and other modules#2
Vamshi-Microsoft wants to merge 28 commits into
mainfrom
vk-avm1

Conversation

@Vamshi-Microsoft

@Vamshi-Microsoft Vamshi-Microsoft commented Sep 11, 2025

Copy link
Copy Markdown
Owner

Description

This pull request introduces new infrastructure modules and a workflow for the "build-your-own-copilot-solution-accelerator" in Azure, focusing on Cognitive Services, AI Search connectivity, and Key Vault secret management. The changes add reusable and parameterized Bicep modules for deploying and configuring these resources, alongside a GitHub Actions workflow to automate deployments and validations.

New infrastructure modules for Azure resources:

  • Added a comprehensive ai-services.bicep module to deploy and configure Azure Cognitive Services accounts, supporting advanced options like managed identities, customer-managed keys, network controls, private endpoints, role assignments, and secret exports. This module also defines types for endpoints, deployments, and secret export configurations.
  • Introduced the deploy_aifp_aisearch_connection.bicep module to establish a connection between an AI Foundry project and Azure Cognitive Search, including authentication and metadata configuration.
  • Added the keyVaultExport.bicep module to automate exporting secrets to an Azure Key Vault, with support for setting multiple secrets and outputting references to the created secrets.

Deployment automation and workflow:

  • Created a new GitHub Actions workflow .github/workflows/avm.ptn.sa.build-your-own-copilot-solution-accelerator.yml to orchestrate deployments, including static and deployment validations, removal of deployed modules, and support for custom locations. The workflow initializes pipeline parameters, collects test file paths, and calls a reusable workflow for actual deployment.

Pipeline Reference

Pipeline

Type of Change

  • Azure Verified Module updates:
    • Bugfix containing backwards-compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in version.json:
    • Feature update backwards compatible feature updates, and I have bumped the MINOR version in version.json.
    • Breaking changes and I have bumped the MAJOR version in version.json.
    • Update to documentation
  • Update to CI Environment or utilities (Non-module affecting changes)

Checklist

  • I'm sure there are no other open Pull Requests for the same update/change
  • I have run Set-AVMModule locally to generate the supporting module files.
  • My corresponding pipelines / checks run clean and green without any errors or warnings
  • I have updated the module's CHANGELOG.md file with an entry for the next version

@Vamshi-Microsoft Vamshi-Microsoft changed the title Updated main.bicep and other modules refactor: Updated main.bicep and other modules Sep 11, 2025
@Prajwal-Microsoft Prajwal-Microsoft changed the base branch from avm/ptn/sa/build-your-own-copilot-solution-accelerator to main September 16, 2025 17:34
Prajwal-Microsoft and others added 14 commits September 16, 2025 23:05
@Prajwal-Microsoft
fix: Removed user branch
cca92ae
@Prajwal-Microsoft
fix: Added default tests
5cd559f
@Prajwal-Microsoft
fix: updated main.json
9dc11b1
@Prajwal-Microsoft
fix: Updated the open AI endpoint
e1f31c7
@Prajwal-Microsoft
fix: Added service short for default test
5237fa2
@Vamshi-Microsoft
Added Module identifier in issue template
fe72e7b
@Vamshi-Microsoft
AVM-RES: Update storage account and SQL module configurations
fefd8f8 
- Changed allowBlobPublicAccess logic to enhance security.
- Added delete retention policy settings for blob services.
- Introduced maintenance window resource for SQL database.
- Adjusted SKU capacity and replica count for better performance.
- Updated availability zone for Jumpbox VM deployment.
@Vamshi-Microsoft
AVM-RES: Add SQL vulnerability assessment parameter
1933534 
- Introduced `enableSqlVulnerabilityAssessment` parameter to enable SQL vulnerability assessment scanning.
- Updated README and main.bicep to reflect the new parameter and its default value.
- Adjusted main.json to include the new parameter in the module's schema.
@Vamshi-Microsoft
Implement maintenance configuration for Jumpbox VM and update network…
3fdfb7d 
… module

- Added maintenance configuration module for Jumpbox VM to manage in-guest patching.
- Updated Jumpbox and Bastion Host configurations to include availability zones.
- Modified main.json and README.md to reflect changes in resource types and versions.
@Vamshi-Microsoft
Update default action and blob access settings
bf2e279
@Prajwal-Microsoft
fix: Moved storage into seperate module
84616ce
@Prajwal-Microsoft
fix: Update storage settings
f6d9f18
@Vamshi-Microsoft
Add SQL maintenance configuration mapping
4e9bd6c 
- Introduced a mapping for SQL Database maintenance configurations based on Azure regions.
- Enabled hierarchical namespace for storage account.
- Updated maintenance window resource to use dynamic configuration name based on location.
- Adjusted SQL database module to conditionally set maintenance configuration ID.
- Added security alert policies for SQL vulnerability assessment.
@Vamshi-Microsoft
Updated main.bicep and jumpbox.bicep to resolve the Soft Delete and m…
04d40c6 
…aintenanceConfiguration issue
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Vamshi-Microsoft @Prajwal-Microsoft @AjitPadhi-Microsoft