Modularize Bicep deployment
pauldotyu opened this issue · 0 comments
Is your feature request related to a problem? Please describe.
Currently the infrastructure as code is set to deploy all Azure resources as the default behavior. However, there may be scenarios where some of the Azure services are not needed for various demonstrations.
Describe the solution you'd like
In order to better support various demo scenarios, it would be best to modularize the deployment and deploy ancillary Azure services as needed based on Bicep input parameters. This is already being done with Azure Container Registry and we should look to take a similar approach with the other services.
We can start with the following boolean parameters:
DEPLOY_AZURE_CONTAINER_REGISTRY
deploys Azure Container RegistryDEPLOY_WORKLOAD_IDENTITY
deploys Azure Managed Identities for services that support it and enables workload identity and OIDC Issuer URL on AKSDEPLOY_AZURE_OPENAI
deploys Azure OpenAI, the ai-service microservice, and configures workload identity if that option is set to trueDEPLOY_AZURE_SERVICE_BUS
deploys Azure Service Bus and configures workload identity if that option is set to trueDEPLOY_AZURE_COSMOSDB
deploys Azure CosmosDB and configures workload identity if that option is set to true. This setting will also take into account theAZURE_COSMOSDB_ACCOUNT_KIND
parameter which is used to determine database API (either MongoDB or GlobalDocumentDB with MongoDB being the default)DEPLOY_OBSERVABILITY_TOOLS
deploys Azure Log Analytics workspace, Azure Monitor managed service for Promethues, Azure Managed Grafana, and enables monitoring on the AKS cluster with Container Insights
The only services that will be deployed by default at all times will be the AKS cluster and Azure Key Vault (with Secret Store CSI driver enabled on AKS)