Add IAzurePrivateEndpointTarget support to AzureOpenAIResource and FoundryResource (#15945)

* Initial plan

* Add IAzurePrivateEndpointTarget support to AzureOpenAIResource and FoundryResource

Agent-Logs-Url: https://github.com/microsoft/aspire/sessions/c060fb13-56b1-4905-9cbc-b78a181f5062

Co-authored-by: eerhardt <8291187+eerhardt@users.noreply.github.com>

* Replace interface-check tests with bicep-baseline tests for private endpoints

Agent-Logs-Url: https://github.com/microsoft/aspire/sessions/85ce9899-08f7-411c-b83d-e162ddb09217

Co-authored-by: eerhardt <8291187+eerhardt@users.noreply.github.com>

* Disable PublicNetworkAccess when private endpoints are used.

* Move Id property back to original position in AzureOpenAIResource and FoundryResource

Agent-Logs-Url: https://github.com/microsoft/aspire/sessions/b73a625e-b303-4af6-9099-032be15a9605

Co-authored-by: eerhardt <8291187+eerhardt@users.noreply.github.com>

* Revert AzurePrivateEndpointExtensionsTests.cs to original state

Agent-Logs-Url: https://github.com/microsoft/aspire/sessions/4d004e72-6da4-4c52-be06-fbb0d30d4bda

Co-authored-by: eerhardt <8291187+eerhardt@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: eerhardt <8291187+eerhardt@users.noreply.github.com>
Co-authored-by: Eric Erhardt <eric.erhardt@microsoft.com>

Author: Copilot

src/Aspire.Hosting.Azure.CognitiveServices/AzureOpenAIExtensions.cs

@@ -1,6 +1,8 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
+#pragma warning disable ASPIREAZURE003 // Type is for evaluation purposes only and is subject to change or removal in future updates. Suppress this diagnostic to proceed.
+
 using Aspire.Hosting.ApplicationModel;
 using Aspire.Hosting.Azure;
 using Aspire.Hosting.Azure.CognitiveServices;
@@ -38,6 +40,11 @@ public static IResourceBuilder<AzureOpenAIResource> AddAzureOpenAI(this IDistrib
 
         var configureInfrastructure = (AzureResourceInfrastructure infrastructure) =>
         {
+            var azureResource = (AzureOpenAIResource)infrastructure.AspireResource;
+
+            // Check if this Azure OpenAI has a private endpoint (via annotation)
+            var hasPrivateEndpoint = azureResource.HasAnnotationOfType<PrivateEndpointTargetAnnotation>();
+
             var cogServicesAccount = AzureProvisioningResource.CreateExistingOrNewProvisionableResource(infrastructure,
                 (identifier, name) =>
                 {
@@ -55,7 +62,9 @@ public static IResourceBuilder<AzureOpenAIResource> AddAzureOpenAI(this IDistrib
                     Properties = new CognitiveServicesAccountProperties()
                     {
                         CustomSubDomainName = ToLower(Take(Concat(infrastructure.AspireResource.Name, GetUniqueString(GetResourceGroup().Id)), 24)),
-                        PublicNetworkAccess = ServiceAccountPublicNetworkAccess.Enabled,
+                        PublicNetworkAccess = hasPrivateEndpoint
+                            ? ServiceAccountPublicNetworkAccess.Disabled
+                            : ServiceAccountPublicNetworkAccess.Enabled,
                         // Disable local auth for AOAI since managed identity is used
                         DisableLocalAuth = true
                     },

src/Aspire.Hosting.Azure.CognitiveServices/AzureOpenAIResource.cs

@@ -17,7 +17,7 @@ namespace Aspire.Hosting.ApplicationModel;
 [AspireExport]
 public class AzureOpenAIResource(string name, Action<AzureResourceInfrastructure> configureInfrastructure)
     : AzureProvisioningResource(name, configureInfrastructure),
-    IResourceWithConnectionString, IAzureNspAssociationTarget
+    IResourceWithConnectionString, IAzurePrivateEndpointTarget, IAzureNspAssociationTarget
 {
     [Obsolete("Use AzureOpenAIDeploymentResource instead.")]
     private readonly List<AzureOpenAIDeployment> _deployments = [];
@@ -111,6 +111,10 @@ public override ProvisionableResource AddAsExistingResource(AzureResourceInfrast
         return account;
     }
 
+    IEnumerable<string> IAzurePrivateEndpointTarget.GetPrivateLinkGroupIds() => ["account"];
+
+    string IAzurePrivateEndpointTarget.GetPrivateDnsZoneName() => "privatelink.openai.azure.com";
+
     IEnumerable<KeyValuePair<string, ReferenceExpression>> IResourceWithConnectionString.GetConnectionProperties()
     {
         yield return new("Uri", UriExpression);

src/Aspire.Hosting.Foundry/FoundryExtensions.cs

@@ -1,6 +1,8 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
+#pragma warning disable ASPIREAZURE003 // Type is for evaluation purposes only and is subject to change or removal in future updates. Suppress this diagnostic to proceed.
+
 using Aspire.Hosting.ApplicationModel;
 using Aspire.Hosting.Azure;
 using Aspire.Hosting.Foundry;
@@ -408,6 +410,11 @@ await rns.PublishUpdateAsync(deployment, state => state with
 
     private static void ConfigureInfrastructure(AzureResourceInfrastructure infrastructure)
     {
+        var azureResource = (FoundryResource)infrastructure.AspireResource;
+
+        // Check if this Foundry resource has a private endpoint (via annotation)
+        var hasPrivateEndpoint = azureResource.HasAnnotationOfType<PrivateEndpointTargetAnnotation>();
+
         var cogServicesAccount = AzureProvisioningResource.CreateExistingOrNewProvisionableResource(infrastructure,
                 (identifier, name) =>
                 {
@@ -427,7 +434,9 @@ private static void ConfigureInfrastructure(AzureResourceInfrastructure infrastr
                         // Until this bug is fixed, CustomSubDomainName must be set to the
                         // account's name: https://msdata.visualstudio.com/Vienna/_workitems/edit/4866592
                         CustomSubDomainName = ToLower(Take(Concat(infrastructure.AspireResource.Name, GetUniqueString(GetResourceGroup().Id)), 24)),
-                        PublicNetworkAccess = ServiceAccountPublicNetworkAccess.Enabled,
+                        PublicNetworkAccess = hasPrivateEndpoint
+                            ? ServiceAccountPublicNetworkAccess.Disabled
+                            : ServiceAccountPublicNetworkAccess.Enabled,
                         DisableLocalAuth = true,
                         AllowProjectManagement = true
                     },

src/Aspire.Hosting.Foundry/FoundryResource.cs

@@ -17,7 +17,7 @@ namespace Aspire.Hosting.Foundry;
 /// <param name="configureInfrastructure">Configures the underlying Azure resource using Azure.Provisioning.</param>
 [AspireExport]
 public class FoundryResource(string name, Action<AzureResourceInfrastructure> configureInfrastructure) :
-    AzureProvisioningResource(name, configureInfrastructure), IResourceWithEndpoints, IResourceWithConnectionString, IAzureNspAssociationTarget
+    AzureProvisioningResource(name, configureInfrastructure), IResourceWithEndpoints, IResourceWithConnectionString, IAzurePrivateEndpointTarget, IAzureNspAssociationTarget
 {
     internal Uri? EmulatorServiceUri { get; set; }
 
@@ -132,6 +132,10 @@ IEnumerable<KeyValuePair<string, ReferenceExpression>> IResourceWithConnectionSt
             yield return new("Key", ReferenceExpression.Create($"{ApiKey}"));
         }
     }
+
+    IEnumerable<string> IAzurePrivateEndpointTarget.GetPrivateLinkGroupIds() => ["account"];
+
+    string IAzurePrivateEndpointTarget.GetPrivateDnsZoneName() => "privatelink.cognitiveservices.azure.com";
 }
 
 /// <summary>

tests/Aspire.Hosting.Azure.Tests/AzurePrivateEndpointLockdownTests.cs

@@ -184,4 +184,36 @@ public async Task AddAzureWebPubSub_WithPrivateEndpoint_GeneratesCorrectBicep()
 
         await Verify(manifest.BicepText, extension: "bicep");
     }
+
+    [Fact]
+    public async Task AddAzureOpenAI_WithPrivateEndpoint_GeneratesCorrectBicep()
+    {
+        using var builder = TestDistributedApplicationBuilder.Create(DistributedApplicationOperation.Publish);
+
+        var vnet = builder.AddAzureVirtualNetwork("myvnet");
+        var subnet = vnet.AddSubnet("pesubnet", "10.0.1.0/24");
+        var openai = builder.AddAzureOpenAI("openai");
+
+        subnet.AddPrivateEndpoint(openai);
+
+        var manifest = await AzureManifestUtils.GetManifestWithBicep(openai.Resource);
+
+        await Verify(manifest.BicepText, extension: "bicep");
+    }
+
+    [Fact]
+    public async Task AddFoundry_WithPrivateEndpoint_GeneratesCorrectBicep()
+    {
+        using var builder = TestDistributedApplicationBuilder.Create(DistributedApplicationOperation.Publish);
+
+        var vnet = builder.AddAzureVirtualNetwork("myvnet");
+        var subnet = vnet.AddSubnet("pesubnet", "10.0.1.0/24");
+        var foundry = builder.AddFoundry("foundry");
+
+        subnet.AddPrivateEndpoint(foundry);
+
+        var manifest = await AzureManifestUtils.GetManifestWithBicep(foundry.Resource);
+
+        await Verify(manifest.BicepText, extension: "bicep");
+    }
 }

tests/Aspire.Hosting.Azure.Tests/Snapshots/AzurePrivateEndpointLockdownTests.AddAzureOpenAI_WithPrivateEndpoint_GeneratesCorrectBicep.verified.bicep

@@ -0,0 +1,27 @@
+@description('The location for the resource(s) to be deployed.')
+param location string = resourceGroup().location
+
+resource openai 'Microsoft.CognitiveServices/accounts@2025-09-01' = {
+  name: take('openai-${uniqueString(resourceGroup().id)}', 64)
+  location: location
+  kind: 'OpenAI'
+  properties: {
+    customSubDomainName: toLower(take(concat('openai', uniqueString(resourceGroup().id)), 24))
+    publicNetworkAccess: 'Disabled'
+    disableLocalAuth: true
+  }
+  sku: {
+    name: 'S0'
+  }
+  tags: {
+    'aspire-resource-name': 'openai'
+  }
+}
+
+output connectionString string = 'Endpoint=${openai.properties.endpoint}'
+
+output endpoint string = openai.properties.endpoint
+
+output name string = openai.name
+
+output id string = openai.id

tests/Aspire.Hosting.Azure.Tests/Snapshots/AzurePrivateEndpointLockdownTests.AddFoundry_WithPrivateEndpoint_GeneratesCorrectBicep.verified.bicep

@@ -0,0 +1,40 @@
+@description('The location for the resource(s) to be deployed.')
+param location string = resourceGroup().location
+
+resource foundry 'Microsoft.CognitiveServices/accounts@2025-09-01' = {
+  name: take('foundry-${uniqueString(resourceGroup().id)}', 64)
+  location: location
+  identity: {
+    type: 'SystemAssigned'
+  }
+  kind: 'AIServices'
+  properties: {
+    customSubDomainName: toLower(take(concat('foundry', uniqueString(resourceGroup().id)), 24))
+    publicNetworkAccess: 'Disabled'
+    disableLocalAuth: true
+    allowProjectManagement: true
+  }
+  sku: {
+    name: 'S0'
+  }
+  tags: {
+    'aspire-resource-name': 'foundry'
+  }
+}
+
+resource foundry_caphost 'Microsoft.CognitiveServices/accounts/capabilityHosts@2025-10-01-preview' = {
+  name: 'foundry-caphost'
+  properties: {
+    capabilityHostKind: 'Agents'
+    enablePublicHostingEnvironment: true
+  }
+  parent: foundry
+}
+
+output aiFoundryApiEndpoint string = foundry.properties.endpoints['AI Foundry API']
+
+output endpoint string = foundry.properties.endpoint
+
+output name string = foundry.name
+
+output id string = foundry.id