update mod

Pwd9000-ML · Aug 6, 2023 · 572236a · 572236a
1 parent 7195db3
commit 572236a
Show file tree

Hide file tree

Showing 26 changed files with 865 additions and 15 deletions.
diff --git a/assets/Deployments.png b/assets/Deployments.png
diff --git a/assets/Example1.png b/assets/Example1.png
diff --git a/assets/Example2.png b/assets/Example2.png
diff --git a/assets/Example3.png b/assets/Example3.png
diff --git a/assets/Resources.png b/assets/Resources.png
diff --git a/assets/openai.png b/assets/openai.png
diff --git a/assets/screenshot.png b/assets/screenshot.png
diff --git a/assets/var-secrets.png b/assets/var-secrets.png
diff --git a/examples/Create_Models_existing_OpenAI_Service/README.md b/examples/Create_Models_existing_OpenAI_Service/README.md
@@ -0,0 +1,7 @@
+# Automated Test 1
+
+This automated test will create a new resource group, cognitive OpenAI service, and two model deployment. It will then run a test to ensure the model deployment is working as expected and save the OpenAI Account details and deployments into an Azure Key Vault ready for consumption by other services.
+
+<!-- BEGIN_TF_DOCS -->
+
+<!-- END_TF_DOCS -->
diff --git a/examples/Create_Models_existing_OpenAI_Service/main.tf b/examples/Create_Models_existing_OpenAI_Service/main.tf
@@ -0,0 +1,57 @@
+terraform {
+  #backend "azurerm" {}
+  backend "local" { path = "terraform-test1.tfstate" }
+}
+
+provider "azurerm" {
+  features {
+    key_vault {
+      purge_soft_delete_on_destroy = true
+    }
+  }
+}
+
+#################################################
+# PRE-REQS                                      #
+#################################################
+### Resource group to deploy the Key Vault into
+resource "azurerm_resource_group" "rg" {
+  name     = var.resource_group_name
+  location = var.location
+  tags     = var.tags
+}
+
+##################################################
+# MODULE TO TEST                                 #
+##################################################
+module "openai" {
+  source                   = "Pwd9000-ML/openai-service/azurerm"
+  version                  = ">= 0.1.0"
+
+  #common
+  location = var.location
+  tags     = var.tags
+
+  #keyvault (To store OpenAI Account and model details, if the KV needs to be created in a different resource group, create it first and pass the resource group name to the module)
+  keyvault_resource_group_name                 = azurerm_resource_group.rg.name
+  kv_config                                    = var.kv_config
+  keyvault_firewall_default_action             = var.keyvault_firewall_default_action
+  keyvault_firewall_bypass                     = var.keyvault_firewall_bypass
+  keyvault_firewall_allowed_ips                = var.keyvault_firewall_allowed_ips
+  keyvault_firewall_virtual_network_subnet_ids = var.keyvault_firewall_virtual_network_subnet_ids
+
+  #Create OpenAI Service?
+  create_openai_service                     = var.create_openai_service
+  openai_resource_group_name                = azurerm_resource_group.rg.name
+  openai_account_name                       = var.openai_account_name
+  openai_custom_subdomain_name              = var.openai_custom_subdomain_name
+  openai_sku_name                           = var.openai_sku_name
+  openai_local_auth_enabled                 = var.openai_local_auth_enabled
+  openai_outbound_network_access_restricted = var.openai_outbound_network_access_restricted
+  openai_public_network_access_enabled      = var.openai_public_network_access_enabled
+  openai_identity                           = var.openai_identity
+
+  #Create Model Deployment?
+  create_model_deployment = var.create_model_deployment
+  model_deployment        = var.model_deployment
+}
diff --git a/examples/Create_Models_existing_OpenAI_Service/testing.auto.tfvars b/examples/Create_Models_existing_OpenAI_Service/testing.auto.tfvars
@@ -0,0 +1,54 @@
+### Common Variables ###
+resource_group_name = "Terraform-Cognitive-Services-Test"
+location            = "eastus"
+tags = {
+  Terraform   = "True"
+  Description = "Azure OpenAI Service"
+  Author      = "Marcel Lupo"
+  GitHub      = "https://github.com/Pwd9000-ML/terraform-azurerm-openai-service"
+}
+
+# solution specific variables
+kv_config = {
+  name = "openaikv9000"
+  sku  = "standard"
+}
+keyvault_firewall_default_action             = "Deny"
+keyvault_firewall_bypass                     = "AzureServices"
+keyvault_firewall_allowed_ips                = ["0.0.0.0/0"] #for testing purposes only - allow all IPs
+keyvault_firewall_virtual_network_subnet_ids = []
+
+### Create OpenAI Service ###
+create_openai_service                     = true
+openai_account_name                       = "pwd9000"
+openai_custom_subdomain_name              = "pwd9000" #translates to 'pwd9000.openai.azure.com'
+openai_sku_name                           = "S0"
+openai_local_auth_enabled                 = true
+openai_outbound_network_access_restricted = false
+openai_public_network_access_enabled      = true
+openai_identity = {
+  type = "SystemAssigned"
+}
+
+### Create Model deployment ###
+create_model_deployment = true
+model_deployment = [
+  {
+    deployment_no = 1
+    deployment_id = "pwd9000-gpt-35-turbo-16k"
+    api_type      = "azure"
+    model         = "gpt-35-turbo-16k"
+    model_format  = "OpenAI"
+    model_version = "0613"
+    scale_type    = "Standard"
+  },
+  {
+    deployment_no = 2
+    deployment_id = "pwd9000-gpt-35-turbo"
+    api_type      = "azure"
+    model         = "gpt-35-turbo"
+    model_format  = "OpenAI"
+    model_version = "0613"
+    scale_type    = "Standard"
+  }
+]
diff --git a/examples/Create_Models_existing_OpenAI_Service/variables.tf b/examples/Create_Models_existing_OpenAI_Service/variables.tf
@@ -0,0 +1,160 @@
+### common ###
+variable "location" {
+  type        = string
+  default     = "uksouth"
+  description = "Azure region where resources will be hosted."
+}
+
+variable "tags" {
+  type        = map(string)
+  default     = {}
+  description = "A map of key value pairs that is used to tag resources created."
+}
+
+### solution resource group ###
+variable "resource_group_name" {
+  type        = string
+  description = "Name of the resource group to create where resources will be hosted."
+  nullable    = false
+}
+### key vault ###
+variable "kv_config" {
+  type = object({
+    name = string
+    sku  = string
+  })
+  default = {
+    name = "openaikv9000"
+    sku  = "standard"
+  }
+  description = "Key Vault configuration object to create azure key vault to store openai account details."
+  nullable    = false
+}
+
+variable "keyvault_firewall_default_action" {
+  type        = string
+  default     = "Deny"
+  description = "Default action for keyvault firewall rules."
+}
+
+variable "keyvault_firewall_bypass" {
+  type        = string
+  default     = "AzureServices"
+  description = "List of keyvault firewall rules to bypass."
+}
+
+variable "keyvault_firewall_allowed_ips" {
+  type        = list(string)
+  default     = []
+  description = "value of keyvault firewall allowed ip rules."
+}
+
+variable "keyvault_firewall_virtual_network_subnet_ids" {
+  type        = list(string)
+  default     = []
+  description = "value of keyvault firewall allowed virtual network subnet ids."
+}
+
+### openai service ###
+variable "create_openai_service" {
+  type        = bool
+  description = "Create the OpenAI service."
+  default     = false
+}
+
+variable "openai_account_name" {
+  type        = string
+  description = "Name of the OpenAI service."
+  default     = "demo-account"
+}
+
+variable "openai_custom_subdomain_name" {
+  type        = string
+  description = "The subdomain name used for token-based authentication. Changing this forces a new resource to be created. (normally the same as the account name)"
+  default     = "demo-account"
+}
+
+variable "openai_sku_name" {
+  type        = string
+  description = "SKU name of the OpenAI service."
+  default     = "S0"
+}
+
+variable "openai_local_auth_enabled" {
+  type        = bool
+  default     = true
+  description = "Whether local authentication methods is enabled for the Cognitive Account. Defaults to `true`."
+}
+
+variable "openai_outbound_network_access_restricted" {
+  type        = bool
+  default     = false
+  description = "Whether or not outbound network access is restricted. Defaults to `false`."
+}
+
+variable "openai_public_network_access_enabled" {
+  type        = bool
+  default     = true
+  description = "Whether or not public network access is enabled. Defaults to `false`."
+}
+
+variable "openai_identity" {
+  type = object({
+    type = string
+  })
+  default = {
+    type = "SystemAssigned"
+  }
+  description = <<-DESCRIPTION
+    type = object({
+      type         = (Required) The type of the Identity. Possible values are `SystemAssigned`, `UserAssigned`, `SystemAssigned, UserAssigned`.
+      identity_ids = (Optional) Specifies a list of User Assigned Managed Identity IDs to be assigned to this OpenAI Account.
+    })
+  DESCRIPTION
+}
+
+### model deployment ###
+variable "create_model_deployment" {
+  type        = bool
+  description = "Create the model deployment."
+  default     = false
+}
+
+variable "model_deployment" {
+  type = list(object({
+    deployment_no   = number
+    deployment_id   = string
+    api_type        = string
+    model           = string
+    model_format    = string
+    model_version   = string
+    scale_type      = string
+    scale_tier      = optional(string)
+    scale_size      = optional(number)
+    scale_family    = optional(string)
+    scale_capacity  = optional(number)
+    rai_policy_name = optional(string)
+  }))
+  default     = []
+  description = <<-DESCRIPTION
+      type = list(object({
+        deployment_no   = (Required) The unique number of each model deployment (Numbered when saved in Azure KeyVault).
+        deployment_id   = (Required) The name of the Cognitive Services Account `Model Deployment`. Changing this forces a new resource to be created.
+        api_type        = (Required) The type of the Cognitive Services Account `Model Deployment`. Possible values are `azure`.
+        model = {
+          model_format  = (Required) The format of the Cognitive Services Account Deployment model. Changing this forces a new resource to be created. Possible value is OpenAI.
+          model         = (Required) The name of the Cognitive Services Account Deployment model. Changing this forces a new resource to be created.
+          model_version = (Required) The version of Cognitive Services Account Deployment model.
+        }
+        scale = {
+          scale_type     = (Required) Deployment scale type. Possible value is Standard. Changing this forces a new resource to be created.
+          scale_tier     = (Optional) Possible values are Free, Basic, Standard, Premium, Enterprise. Changing this forces a new resource to be created.
+          scale_size     = (Optional) The SKU size. When the name field is the combination of tier and some other value, this would be the standalone code. Changing this forces a new resource to be created.
+          scale_family   = (Optional) If the service has different generations of hardware, for the same SKU, then that can be captured here. Changing this forces a new resource to be created.
+          scale_capacity = (Optional) Tokens-per-Minute (TPM). If the SKU supports scale out/in then the capacity integer should be included. If scale out/in is not possible for the resource this may be omitted. Default value is 1. Changing this forces a new resource to be created.
+        }
+        rai_policy_name = (Optional) The name of RAI policy. Changing this forces a new resource to be created.
+      }))
+  DESCRIPTION
+  nullable    = false
+}
diff --git a/examples/Create_OpenAI_Service_and_Models/README.md b/examples/Create_OpenAI_Service_and_Models/README.md
@@ -0,0 +1,11 @@
+# Example: Create OpenAI Service and Models
+
+This example module creates a new resource group, new cognitive OpenAI service, and two model deployments. It will then run a test to ensure the model deployment is working as expected and save the OpenAI Account and Model deployment details into an Azure Key Vault ready for consumption by other services.
+
+![image.png]()
+
+![image.png]()
+
+<!-- BEGIN_TF_DOCS -->
+
+<!-- END_TF_DOCS -->
diff --git a/examples/Create_OpenAI_Service_and_Models/common.auto.tfvars b/examples/Create_OpenAI_Service_and_Models/common.auto.tfvars
@@ -0,0 +1,54 @@
+### Common Variables ###
+resource_group_name = "Terraform-Cognitive-Services-Example1"
+location            = "uksouth"
+tags = {
+  Terraform   = "True"
+  Description = "Azure OpenAI Service"
+  Author      = "Marcel Lupo"
+  GitHub      = "https://github.com/Pwd9000-ML/terraform-azurerm-openai-service"
+}
+
+# solution specific variables
+kv_config = {
+  name = "openaikv1001"
+  sku  = "standard"
+}
+keyvault_firewall_default_action             = "Deny"
+keyvault_firewall_bypass                     = "AzureServices"
+keyvault_firewall_allowed_ips                = ["0.0.0.0/0"] #for testing purposes only - allow all IPs
+keyvault_firewall_virtual_network_subnet_ids = []
+
+### Create OpenAI Service ###
+create_openai_service                     = true
+openai_account_name                       = "pwd1001"
+openai_custom_subdomain_name              = "pwd1001" #translates to 'pwd1001.openai.azure.com'
+openai_sku_name                           = "S0"
+openai_local_auth_enabled                 = true
+openai_outbound_network_access_restricted = false
+openai_public_network_access_enabled      = true
+openai_identity = {
+  type = "SystemAssigned"
+}
+
+### Create Model deployment ###
+create_model_deployment = true
+model_deployment = [
+  {
+    deployment_no = 1
+    deployment_id = "pwd1001-gpt-35-turbo-16k"
+    api_type      = "azure"
+    model         = "gpt-35-turbo-16k"
+    model_format  = "OpenAI"
+    model_version = "0613"
+    scale_type    = "Standard"
+  },
+  {
+    deployment_no = 2
+    deployment_id = "pwd1001-gpt-35-turbo"
+    api_type      = "azure"
+    model         = "gpt-35-turbo"
+    model_format  = "OpenAI"
+    model_version = "0613"
+    scale_type    = "Standard"
+  }
+]