diff --git a/.github/.sync-sha b/.github/.sync-sha index bf2dff56e..cde50debd 100644 --- a/.github/.sync-sha +++ b/.github/.sync-sha @@ -1 +1 @@ -560fc8afc9b55c70a8dd25d7b55335a4426fddef +4144addd759bfc0271f88b62c3f4c945bebbc604 diff --git a/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/README.md b/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/README.md index 01c6f170f..e991da327 100644 --- a/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/README.md +++ b/infrastructure/infrastructure-setup-bicep/31-customer-managed-keys-standard-agent/README.md @@ -26,7 +26,7 @@ This Azure AI Foundry template demonstrates how to deploy AI Foundry with Agents Steps: 1. Run the command above once to create the account and project without CMK. ```bash - az deployment group create --name "{DEPLOYMENT_NAME}" --resource-group "{RESOURCE_GROUP_NAME}" --template-file ./main.bicep --parameters azureKeyVaultName="{KEY_VAULT_NAME}" azureKeyName="{KEY_NAME}" azureKeyVersion="{KEY_VERSION}" + az deployment group create --name "{DEPLOYMENT_NAME}" --resource-group "{RESOURCE_GROUP_NAME}" --template-file ./main.bicep --parameters keyVaultName="{KEY_VAULT_NAME}" keyName="{KEY_NAME}" keyVersion="{KEY_VERSION}" ``` 1. Give account resource Key Vault Admin role, or more restricted get/wrap/unwrap key role assignments, on the Azure Key Vault. 1. Uncomment out the encryption section in the main.bicep file to update with CMK. diff --git a/infrastructure/infrastructure-setup-terraform/15a-private-network-standard-agent-setup/code/main.tf b/infrastructure/infrastructure-setup-terraform/15a-private-network-standard-agent-setup/code/main.tf index 50f45db9d..49a2a8538 100644 --- a/infrastructure/infrastructure-setup-terraform/15a-private-network-standard-agent-setup/code/main.tf +++ b/infrastructure/infrastructure-setup-terraform/15a-private-network-standard-agent-setup/code/main.tf @@ -707,40 +707,16 @@ resource "azapi_resource" "ai_foundry_project_capability_host" { } } -## Create the necessary data plane role assignments to the CosmosDb databases created by the AI Foundry Project +## Create the necessary data plane role assignments to the CosmosDb account created by the AI Foundry Project ## -resource "azurerm_cosmosdb_sql_role_assignment" "cosmosdb_db_sql_role_aifp_user_thread_message_store" { +resource "azurerm_cosmosdb_sql_role_assignment" "cosmosdb_db_sql_role_aifp" { depends_on = [ azapi_resource.ai_foundry_project_capability_host ] - name = uuidv5("dns", "${azapi_resource.ai_foundry_project.name}${azapi_resource.ai_foundry_project.output.identity.principalId}userthreadmessage_dbsqlrole") + name = uuidv5("dns", "${azapi_resource.ai_foundry_project.name}${azapi_resource.ai_foundry_project.output.identity.principalId}cosmosdb_dbsqlrole") resource_group_name = azurerm_resource_group.rg.name account_name = azurerm_cosmosdb_account.cosmosdb.name - scope = "${azurerm_cosmosdb_account.cosmosdb.id}/dbs/enterprise_memory/colls/${local.project_id_guid}-thread-message-store" - role_definition_id = "${azurerm_cosmosdb_account.cosmosdb.id}/sqlRoleDefinitions/00000000-0000-0000-0000-000000000002" - principal_id = azapi_resource.ai_foundry_project.output.identity.principalId -} - -resource "azurerm_cosmosdb_sql_role_assignment" "cosmosdb_db_sql_role_aifp_system_thread_name" { - depends_on = [ - azurerm_cosmosdb_sql_role_assignment.cosmosdb_db_sql_role_aifp_user_thread_message_store - ] - name = uuidv5("dns", "${azapi_resource.ai_foundry_project.name}${azapi_resource.ai_foundry_project.output.identity.principalId}systemthread_dbsqlrole") - resource_group_name = azurerm_resource_group.rg.name - account_name = azurerm_cosmosdb_account.cosmosdb.name - scope = "${azurerm_cosmosdb_account.cosmosdb.id}/dbs/enterprise_memory/colls/${local.project_id_guid}-system-thread-message-store" - role_definition_id = "${azurerm_cosmosdb_account.cosmosdb.id}/sqlRoleDefinitions/00000000-0000-0000-0000-000000000002" - principal_id = azapi_resource.ai_foundry_project.output.identity.principalId -} - -resource "azurerm_cosmosdb_sql_role_assignment" "cosmosdb_db_sql_role_aifp_entity_store_name" { - depends_on = [ - azurerm_cosmosdb_sql_role_assignment.cosmosdb_db_sql_role_aifp_system_thread_name - ] - name = uuidv5("dns", "${azapi_resource.ai_foundry_project.name}${azapi_resource.ai_foundry_project.output.identity.principalId}entitystore_dbsqlrole") - resource_group_name = azurerm_resource_group.rg.name - account_name = azurerm_cosmosdb_account.cosmosdb.name - scope = "${azurerm_cosmosdb_account.cosmosdb.id}/dbs/enterprise_memory/colls/${local.project_id_guid}-agent-entity-store" + scope = azurerm_cosmosdb_account.cosmosdb.id role_definition_id = "${azurerm_cosmosdb_account.cosmosdb.id}/sqlRoleDefinitions/00000000-0000-0000-0000-000000000002" principal_id = azapi_resource.ai_foundry_project.output.identity.principalId } diff --git a/infrastructure/infrastructure-setup-terraform/15b-private-network-standard-agent-setup-byovnet/code/main.tf b/infrastructure/infrastructure-setup-terraform/15b-private-network-standard-agent-setup-byovnet/code/main.tf index e6b12f2fb..ec160098d 100644 --- a/infrastructure/infrastructure-setup-terraform/15b-private-network-standard-agent-setup-byovnet/code/main.tf +++ b/infrastructure/infrastructure-setup-terraform/15b-private-network-standard-agent-setup-byovnet/code/main.tf @@ -563,46 +563,18 @@ resource "azapi_resource" "ai_foundry_project_capability_host" { } } -## Create the necessary data plane role assignments to the CosmosDb databases created by the AI Foundry Project +## Create the necessary data plane role assignments to the CosmosDb account created by the AI Foundry Project ## -resource "azurerm_cosmosdb_sql_role_assignment" "cosmosdb_db_sql_role_aifp_user_thread_message_store" { +resource "azurerm_cosmosdb_sql_role_assignment" "cosmosdb_db_sql_role_aifp" { provider = azurerm.workload_subscription depends_on = [ azapi_resource.ai_foundry_project_capability_host ] - name = uuidv5("dns", "${azapi_resource.ai_foundry_project.name}${azapi_resource.ai_foundry_project.output.identity.principalId}userthreadmessage_dbsqlrole") + name = uuidv5("dns", "${azapi_resource.ai_foundry_project.name}${azapi_resource.ai_foundry_project.output.identity.principalId}cosmosdb_dbsqlrole") resource_group_name = var.resource_group_name_resources account_name = azurerm_cosmosdb_account.cosmosdb.name - scope = "${azurerm_cosmosdb_account.cosmosdb.id}/dbs/enterprise_memory/colls/${local.project_id_guid}-thread-message-store" - role_definition_id = "${azurerm_cosmosdb_account.cosmosdb.id}/sqlRoleDefinitions/00000000-0000-0000-0000-000000000002" - principal_id = azapi_resource.ai_foundry_project.output.identity.principalId -} - -resource "azurerm_cosmosdb_sql_role_assignment" "cosmosdb_db_sql_role_aifp_system_thread_name" { - provider = azurerm.workload_subscription - - depends_on = [ - azurerm_cosmosdb_sql_role_assignment.cosmosdb_db_sql_role_aifp_user_thread_message_store - ] - name = uuidv5("dns", "${azapi_resource.ai_foundry_project.name}${azapi_resource.ai_foundry_project.output.identity.principalId}systemthread_dbsqlrole") - resource_group_name = var.resource_group_name_resources - account_name = azurerm_cosmosdb_account.cosmosdb.name - scope = "${azurerm_cosmosdb_account.cosmosdb.id}/dbs/enterprise_memory/colls/${local.project_id_guid}-system-thread-message-store" - role_definition_id = "${azurerm_cosmosdb_account.cosmosdb.id}/sqlRoleDefinitions/00000000-0000-0000-0000-000000000002" - principal_id = azapi_resource.ai_foundry_project.output.identity.principalId -} - -resource "azurerm_cosmosdb_sql_role_assignment" "cosmosdb_db_sql_role_aifp_entity_store_name" { - provider = azurerm.workload_subscription - - depends_on = [ - azurerm_cosmosdb_sql_role_assignment.cosmosdb_db_sql_role_aifp_system_thread_name - ] - name = uuidv5("dns", "${azapi_resource.ai_foundry_project.name}${azapi_resource.ai_foundry_project.output.identity.principalId}entitystore_dbsqlrole") - resource_group_name = var.resource_group_name_resources - account_name = azurerm_cosmosdb_account.cosmosdb.name - scope = "${azurerm_cosmosdb_account.cosmosdb.id}/dbs/enterprise_memory/colls/${local.project_id_guid}-agent-entity-store" + scope = azurerm_cosmosdb_account.cosmosdb.id role_definition_id = "${azurerm_cosmosdb_account.cosmosdb.id}/sqlRoleDefinitions/00000000-0000-0000-0000-000000000002" principal_id = azapi_resource.ai_foundry_project.output.identity.principalId } diff --git a/samples/python/quickstart/chat-with-agent/quickstart-chat-with-agent.py b/samples/python/quickstart/chat-with-agent/quickstart-chat-with-agent.py index 46a68a2bb..521d914e2 100644 --- a/samples/python/quickstart/chat-with-agent/quickstart-chat-with-agent.py +++ b/samples/python/quickstart/chat-with-agent/quickstart-chat-with-agent.py @@ -7,7 +7,7 @@ # Create project and openai clients to call Foundry API project = AIProjectClient( - endpoint=FOUNDRY_PROJECT_ENDPOINT, + endpoint=PROJECT_ENDPOINT, credential=DefaultAzureCredential(), ) openai = project.get_openai_client() @@ -18,7 +18,7 @@ # Chat with the agent to answer questions response = openai.responses.create( conversation=conversation.id, - extra_body={"agent_reference": {"name": FOUNDRY_AGENT_NAME, "type": "agent_reference"}}, + extra_body={"agent_reference": {"name": AGENT_NAME, "type": "agent_reference"}}, input="What is the size of France in square miles?", ) print(response.output_text) @@ -26,7 +26,7 @@ # Ask a follow-up question in the same conversation response = openai.responses.create( conversation=conversation.id, - extra_body={"agent_reference": {"name": FOUNDRY_AGENT_NAME, "type": "agent_reference"}}, + extra_body={"agent_reference": {"name": AGENT_NAME, "type": "agent_reference"}}, input="And what is the capital city?", ) print(response.output_text) diff --git a/samples/python/quickstart/chat-with-agent/requirements.txt b/samples/python/quickstart/chat-with-agent/requirements.txt index ded0685c4..241064aa0 100644 --- a/samples/python/quickstart/chat-with-agent/requirements.txt +++ b/samples/python/quickstart/chat-with-agent/requirements.txt @@ -1,4 +1,4 @@ azure-ai-projects>=2.0.0a20250915020 azure-identity python-dotenv -openai +openai \ No newline at end of file diff --git a/samples/python/quickstart/create-agent/quickstart-create-agent.py b/samples/python/quickstart/create-agent/quickstart-create-agent.py index 6d947125f..9243a734b 100644 --- a/samples/python/quickstart/create-agent/quickstart-create-agent.py +++ b/samples/python/quickstart/create-agent/quickstart-create-agent.py @@ -20,4 +20,4 @@ instructions="You are a helpful assistant that answers general questions", ), ) -print(f"Agent created (id: {agent.id}, name: {agent.name}, version: {agent.version})") +print(f"Agent created (id: {agent.id}, name: {agent.name}, version: {agent.version})") \ No newline at end of file diff --git a/samples/python/quickstart/create-agent/requirements.txt b/samples/python/quickstart/create-agent/requirements.txt index ded0685c4..241064aa0 100644 --- a/samples/python/quickstart/create-agent/requirements.txt +++ b/samples/python/quickstart/create-agent/requirements.txt @@ -1,4 +1,4 @@ azure-ai-projects>=2.0.0a20250915020 azure-identity python-dotenv -openai +openai \ No newline at end of file diff --git a/samples/python/quickstart/responses/quickstart-responses.py b/samples/python/quickstart/responses/quickstart-responses.py index 66f2db33b..16148ac51 100644 --- a/samples/python/quickstart/responses/quickstart-responses.py +++ b/samples/python/quickstart/responses/quickstart-responses.py @@ -16,4 +16,4 @@ model="gpt-5-mini", # supports all Foundry direct models input="What is the size of France in square miles?", ) -print(f"Response output: {response.output_text}") +print(f"Response output: {response.output_text}") \ No newline at end of file diff --git a/samples/python/quickstart/responses/requirements.txt b/samples/python/quickstart/responses/requirements.txt index ded0685c4..241064aa0 100644 --- a/samples/python/quickstart/responses/requirements.txt +++ b/samples/python/quickstart/responses/requirements.txt @@ -1,4 +1,4 @@ azure-ai-projects>=2.0.0a20250915020 azure-identity python-dotenv -openai +openai \ No newline at end of file