зеркало из https://github.com/microsoft/AI.git
Create azuredeploy.json (#18)
* Create azuredeploy.json * Create azureML.json * Create cosmosdb.json * Create Identity.json * Update cosmosdb.json * Update cosmosdb.json * Update cosmosdb.json
This commit is contained in:
Родитель
2b27be382e
Коммит
533b7bdb6b
|
@ -0,0 +1,115 @@
|
|||
{
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "1.0.0.0",
|
||||
"parameters": {
|
||||
"azureMLName": {
|
||||
"type": "string"
|
||||
},
|
||||
"location": {
|
||||
"type": "string"
|
||||
},
|
||||
"uniqueKey": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"variables": {
|
||||
"azureMLSku": "basic",
|
||||
"appInsights": "[resourceId('Microsoft.Insights/components', variables('appInsightsName'))]",
|
||||
"appInsightsName": "[concat('appInsights-', parameters('uniqueKey'))]",
|
||||
"keyVault": "[resourceId('Microsoft.KeyVault/vaults', variables('keyVaultName'))]",
|
||||
"keyVaultName": "[concat('keyVault-', parameters('uniqueKey'))]",
|
||||
"dataAccount": "[resourceId('Microsoft.Storage/storageAccounts', variables('dataAccountName'))]",
|
||||
"dataAccountName": "[concat('storage', parameters('uniqueKey'))]",
|
||||
"dataAccountType": "Standard_LRS"
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"comments": "Application Insights for AzureML Workspace",
|
||||
"type": "Microsoft.Insights/components",
|
||||
"apiVersion": "2020-02-02-preview",
|
||||
"name": "[variables('appInsightsName')]",
|
||||
"location": "[if(or(equals(parameters('location'),'eastus2'), equals(parameters('location'),'westcentralus')),'southcentralus',parameters('location'))]",
|
||||
"kind": "web",
|
||||
"properties": {
|
||||
"Application_Type": "web"
|
||||
}
|
||||
},
|
||||
{
|
||||
"comments": "KeyVault for AzureML Workspace",
|
||||
"type": "Microsoft.KeyVault/vaults",
|
||||
"apiVersion": "2019-09-01",
|
||||
"name": "[variables('keyVaultName')]",
|
||||
"location": "[parameters('location')]",
|
||||
"properties": {
|
||||
"accessPolicies": [],
|
||||
"enableSoftDelete": true,
|
||||
"softDeleteRetentionInDays": 30,
|
||||
"sku": {
|
||||
"family": "A",
|
||||
"name": "standard"
|
||||
},
|
||||
"tenantId": "[subscription().tenantId]"
|
||||
}
|
||||
},
|
||||
{
|
||||
"comments": "Storage account for AzureML Workspace",
|
||||
"type": "Microsoft.Storage/storageAccounts",
|
||||
"apiVersion": "2019-06-01",
|
||||
"name": "[variables('dataAccountName')]",
|
||||
"location": "[parameters('location')]",
|
||||
"sku": {
|
||||
"name": "[variables('dataAccountType')]"
|
||||
},
|
||||
"kind": "StorageV2",
|
||||
"properties": {
|
||||
"encryption": {
|
||||
"keySource": "Microsoft.Storage",
|
||||
"services": {
|
||||
"blob": {
|
||||
"enabled": true
|
||||
},
|
||||
"file": {
|
||||
"enabled": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"supportsHttpsTrafficOnly": true
|
||||
}
|
||||
},
|
||||
{
|
||||
"comments": "AzureML Workspace",
|
||||
"type": "Microsoft.MachineLearningServices/workspaces",
|
||||
"apiVersion": "2020-06-01",
|
||||
"name": "[parameters('azureMLName')]",
|
||||
"location": "[parameters('location')]",
|
||||
"sku": {
|
||||
"name": "[variables('azureMLSku')]",
|
||||
"tier": "[variables('azureMLSku')]"
|
||||
},
|
||||
"dependsOn": [
|
||||
"[variables('appInsights')]",
|
||||
"[variables('dataAccount')]",
|
||||
"[variables('keyVault')]"
|
||||
],
|
||||
"properties": {
|
||||
"applicationInsights": "[variables('appInsights')]",
|
||||
"friendlyName": "[parameters('azureMLName')]",
|
||||
"keyVault": "[variables('keyVault')]",
|
||||
"storageAccount": "[variables('dataAccount')]"
|
||||
},
|
||||
"identity": {
|
||||
"type": "SystemAssigned"
|
||||
}
|
||||
}
|
||||
],
|
||||
"outputs": {
|
||||
"resourceId": {
|
||||
"type": "string",
|
||||
"value": "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('azureMLName'))]"
|
||||
},
|
||||
"keyVaultName": {
|
||||
"type": "string",
|
||||
"value": "[variables('keyVaultName')]"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,86 @@
|
|||
{
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "1.0.0.0",
|
||||
"parameters": {
|
||||
"accountName": {
|
||||
"type": "string"
|
||||
},
|
||||
"databaseName": {
|
||||
"type": "string"
|
||||
},
|
||||
"containerName": {
|
||||
"type": "string"
|
||||
},
|
||||
"partitionKey": {
|
||||
"type": "string"
|
||||
},
|
||||
"location": {
|
||||
"type": "string"
|
||||
},
|
||||
"keyVaultKeyUri": {
|
||||
"type": "string",
|
||||
"metadata": {
|
||||
"description": "The uri to a key in your Key Vault to add a second layer of encryption on top of what is provided by default"
|
||||
},
|
||||
"defaultValue": ""
|
||||
}
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"comments": "Create a Cosmos DB account, database and container.",
|
||||
"name": "[parameters('accountName')]",
|
||||
"type": "Microsoft.DocumentDB/databaseAccounts",
|
||||
"apiVersion": "2020-04-01",
|
||||
"location": "[parameters('location')]",
|
||||
"properties": {
|
||||
"locations": [
|
||||
{
|
||||
"locationName": "[parameters('location')]"
|
||||
}
|
||||
],
|
||||
"databaseAccountOfferType": "Standard",
|
||||
"keyVaultKeyUri": "[parameters('keyVaultKeyUri')]"
|
||||
},
|
||||
{
|
||||
"name": "[parameters('databaseName')]",
|
||||
"type": "Microsoft.DocumentDB/sqlDatabases",
|
||||
"apiVersion": "2020-04-01",
|
||||
"dependsOn": [
|
||||
"[parameters('accountName')]"
|
||||
],
|
||||
"properties": {
|
||||
"resource": {
|
||||
"id": "[parameters('databaseName')]"
|
||||
},
|
||||
"options": {
|
||||
"throughput": 400
|
||||
}
|
||||
}
|
||||
}
|
||||
{
|
||||
"name": "[parameters('containerName')]",
|
||||
"type": "Microsoft.DocumentDB/containers",
|
||||
"apiVersion": "2020-04-01",
|
||||
"dependsOn": [
|
||||
"[parameters('databaseName')]"
|
||||
],
|
||||
"properties": {
|
||||
"resource": {
|
||||
"id": "[parameters('containerName')]",
|
||||
"partitionKey": {
|
||||
"paths": [
|
||||
"[parameters('partitionKey')]"
|
||||
],
|
||||
"kind": "Hash"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
],
|
||||
"outputs": {
|
||||
"resourceId": {
|
||||
"type": "string",
|
||||
"value": "[resourceId('Microsoft.DocumentDB/databaseAccounts', parameters('accountName'))]"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,59 @@
|
|||
{
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "1.0.0.0",
|
||||
"parameters": {
|
||||
"name": {
|
||||
"type": "String"
|
||||
},
|
||||
"sqlAdministratorLogin": {
|
||||
"type": "String"
|
||||
},
|
||||
"sqlAdministratorPassword": {
|
||||
"type": "SecureString"
|
||||
},
|
||||
"tagValues": {
|
||||
"defaultValue": {"Created with":"Synapse Azure Resource Manager deploment template"},
|
||||
"type": "Object"
|
||||
}
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2018-05-01",
|
||||
"name": "storage",
|
||||
"properties": {
|
||||
"mode": "Incremental",
|
||||
"templateLink": {
|
||||
"uri": "https://raw.githubusercontent.com/Azure-Samples/Synapse/master/Manage/DeployWorkspace/storage/azuredeploy.json",
|
||||
"contentVersion": "1.0.0.0"
|
||||
},
|
||||
"parameters":{
|
||||
"storageAccount":{"value": "[parameters('name')]"}
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2018-05-01",
|
||||
"name": "workspace",
|
||||
"properties": {
|
||||
"mode": "Incremental",
|
||||
"templateLink": {
|
||||
"uri": "https://raw.githubusercontent.com/Azure-Samples/Synapse/master/Manage/DeployWorkspace/workspace/azuredeploy.json",
|
||||
"contentVersion": "1.0.0.0"
|
||||
},
|
||||
"parameters":{
|
||||
"name":{"value": "[parameters('name')]"},
|
||||
"sqlAdministratorLogin":{"value": "[parameters('sqlAdministratorLogin')]"},
|
||||
"sqlAdministratorPassword":{"value": "[parameters('sqlAdministratorPassword')]"},
|
||||
"defaultDataLakeStorageAccountName":{"value": "[parameters('name')]"},
|
||||
"tagValues":{"value": "[parameters('tagValues')]"}
|
||||
}
|
||||
},
|
||||
"dependsOn": [
|
||||
"storage"
|
||||
]
|
||||
}
|
||||
],
|
||||
"outputs": {}
|
||||
}
|
|
@ -0,0 +1,74 @@
|
|||
{
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "1.0.0.0",
|
||||
"parameters": {
|
||||
"delegateIdentity": {
|
||||
"type": "bool",
|
||||
"defaultValue": false
|
||||
},
|
||||
"identityName": {
|
||||
"type": "string"
|
||||
},
|
||||
"location": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"variables": {
|
||||
"contributor": "[concat(subscription().id, '/providers/Microsoft.Authorization/roleDefinitions/', 'b24988ac-6180-42a0-ab88-20f7382dd24c')]",
|
||||
"identity": "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('identityName'))]",
|
||||
"roleAssignmentName": "[guid(resourceGroup().id, parameters('identityName'))]",
|
||||
"delegatedRoleAssignmentName": "[guid(resourceGroup().id, parameters('identityName'), 'delegated')]"
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"comments": "User-assigned managed identity used by deployment script",
|
||||
"type": "Microsoft.ManagedIdentity/userAssignedIdentities",
|
||||
"apiVersion": "2018-11-30",
|
||||
"name": "[parameters('identityName')]",
|
||||
"location": "[parameters('location')]"
|
||||
},
|
||||
{
|
||||
"condition": "[not(parameters('delegateIdentity'))]",
|
||||
"comments": "Grant user-assigned managed identity permission on the scope of resource group",
|
||||
"type": "Microsoft.Authorization/roleAssignments",
|
||||
"apiVersion": "2020-04-01-preview",
|
||||
"name": "[variables('roleAssignmentName')]",
|
||||
"dependsOn": [
|
||||
"[variables('identity')]"
|
||||
],
|
||||
"properties": {
|
||||
"roleDefinitionId": "[variables('contributor')]",
|
||||
"principalId": "[reference(parameters('identityName')).principalId]",
|
||||
"principalType": "ServicePrincipal",
|
||||
"scope": "[resourceGroup().id]"
|
||||
}
|
||||
},
|
||||
{
|
||||
"condition": "[parameters('delegateIdentity')]",
|
||||
"comments": "Grant user-assigned managed identity permission on the scope of resource group",
|
||||
"type": "Microsoft.Authorization/roleAssignments",
|
||||
"apiVersion": "2020-04-01-preview",
|
||||
"name": "[variables('delegatedRoleAssignmentName')]",
|
||||
"dependsOn": [
|
||||
"[variables('identity')]"
|
||||
],
|
||||
"properties": {
|
||||
"roleDefinitionId": "[variables('contributor')]",
|
||||
"principalId": "[reference(parameters('identityName')).principalId]",
|
||||
"principalType": "ServicePrincipal",
|
||||
"scope": "[resourceGroup().id]",
|
||||
"delegatedManagedIdentityResourceId": "[variables('identity')]"
|
||||
}
|
||||
}
|
||||
],
|
||||
"outputs": {
|
||||
"resourceId": {
|
||||
"type": "string",
|
||||
"value": "[variables('identity')]"
|
||||
},
|
||||
"principalId": {
|
||||
"type": "string",
|
||||
"value": "[reference(parameters('identityName')).principalId]"
|
||||
}
|
||||
}
|
||||
}
|
Загрузка…
Ссылка в новой задаче