Skip to content

Commit

Permalink
Added missing parameters: appType, UMSIName, UMSIResourceGroupName, a…
Browse files Browse the repository at this point in the history 
…nd tenantId to the ARM template for Python bot deployment. (#2191)
  • Loading branch information
@gandiddi
gandiddi authored Dec 2, 2024
1 parent 62d7366 commit 3a55f8a
Show file tree
Hide file tree
Showing 30 changed files with 1,115 additions and 164 deletions.
12 changes: 12 additions & 0 deletions ...oymentTemplates/deployUseExistResourceGroup/parameters-for-template-AzureBot-with-rg.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,20 @@
"botEndpoint": {
"value": ""
},
"appType": {
"value": "MultiTenant"
},
"appId": {
"value": ""
},
"UMSIName": {
"value": ""
},
"UMSIResourceGroupName": {
"value": ""
},
"tenantId": {
"value": ""
}
}
}
14 changes: 13 additions & 1 deletion ...ploymentTemplates/deployUseExistResourceGroup/parameters-for-template-BotApp-with-rg.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
"value": ""
},
"newAppServicePlanLocation": {
"value": ""
"value": "West US"
},
"newAppServicePlanSku": {
"value": {
Expand All @@ -26,11 +26,23 @@
"capacity": 1
}
},
"appType": {
"value": "MultiTenant"
},
"appId": {
"value": ""
},
"appSecret": {
"value": ""
},
"tenantId": {
"value": ""
},
"UMSIName": {
"value": ""
},
"UMSIResourceGroupName": {
"value": ""
}
}
}
58 changes: 39 additions & 19 deletions ...okiecutter.bot_name}}/deploymentTemplates/deployUseExistResourceGroup/readme.md
View file
Original file line number Diff line number Diff line change
@@ -1,28 +1,48 @@
Need deploy BotAppService before AzureBot
---
az login
az deployment group create --resource-group <group-name> --template-file <template-file> --parameters @<parameters-file>
---
# Usage
BotApp must be deployed prior to AzureBot.

### Command line:
`az login`<br>
`az deployment group create --resource-group <group-name> --template-file <template-file> --parameters @<parameters-file>`

# parameters-for-template-BotApp-with-rg:

**appServiceName**:(required) The Name of the Bot App Service.
- **appServiceName**:(required) The Name of the Bot App Service.

- (choose an existingAppServicePlan or create a new AppServicePlan)
- **existingAppServicePlanName**: The name of the App Service Plan.
- **existingAppServicePlanLocation**: The location of the App Service Plan.
- **newAppServicePlanName**: The name of the App Service Plan.
- **newAppServicePlanLocation**: The location of the App Service Plan.
- **newAppServicePlanSku**: The SKU of the App Service Plan. Defaults to Standard values.

- **appType**: Type of Bot Authentication. set as MicrosoftAppType in the Web App's Application Settings. **Allowed values are: MultiTenant(default), SingleTenant, UserAssignedMSI.**

- **appId**:(required) Active Directory App ID or User-Assigned Managed Identity Client ID, set as MicrosoftAppId in the Web App's Application Settings.

- **appSecret**:(required for MultiTenant and SingleTenant) Active Directory App Password, set as MicrosoftAppPassword in the Web App's Application Settings.

- **UMSIName**:(required for UserAssignedMSI) The User-Assigned Managed Identity Resource used for the Bot's Authentication.

- **UMSIResourceGroupName**:(required for UserAssignedMSI) The User-Assigned Managed Identity Resource Group used for the Bot's Authentication.

- **tenantId**: The Azure AD Tenant ID to use as part of the Bot's Authentication. Only used for SingleTenant and UserAssignedMSI app types. Defaults to <Subscription Tenant ID>.

MoreInfo: https://docs.microsoft.com/en-us/azure/bot-service/tutorial-provision-a-bot?view=azure-bot-service-4.0&tabs=userassigned%2Cnewgroup#create-an-identity-resource

(choose an existingAppServicePlan or create a new AppServicePlan)
**existingAppServicePlanName**: The name of the App Service Plan.
**existingAppServicePlanLocation**: The location of the App Service Plan.
**newAppServicePlanName**: The name of the App Service Plan.
**newAppServicePlanLocation**: The location of the App Service Plan.
**newAppServicePlanSku**: The SKU of the App Service Plan. Defaults to Standard values.

**appId**:(required) Active Directory App ID or User-Assigned Managed Identity Client ID, set as MicrosoftAppId in the Web App's Application Settings.
**appSecret**:(required) Active Directory App Password, set as MicrosoftAppPassword in the Web App's Application Settings.

# parameters-for-template-AzureBot-with-rg:

**azureBotId**:(required) The globally unique and immutable bot ID.
**azureBotSku**: The pricing tier of the Bot Service Registration. **Allowed values are: F0, S1(default)**.
**azureBotRegion**: Specifies the location of the new AzureBot. **Allowed values are: global(default), westeurope**.
**botEndpoint**: Use to handle client messages, Such as https://<botappServiceName>.azurewebsites.net/api/messages.
- **azureBotId**:(required) The globally unique and immutable bot ID.
- **azureBotSku**: The pricing tier of the Bot Service Registration. **Allowed values are: F0, S1(default)**.
- **azureBotRegion**: Specifies the location of the new AzureBot. **Allowed values are: global(default), westeurope**.
- **botEndpoint**: Use to handle client messages, Such as https://<botappServiceName>.azurewebsites.net/api/messages.

- **appType**: Type of Bot Authentication. set as MicrosoftAppType in the Web App's Application Settings. **Allowed values are: MultiTenant(default), SingleTenant, UserAssignedMSI.**
- **appId**:(required) Active Directory App ID or User-Assigned Managed Identity Client ID, set as MicrosoftAppId in the Web App's Application Settings.
- **UMSIName**:(required for UserAssignedMSI) The User-Assigned Managed Identity Resource used for the Bot's Authentication.
- **UMSIResourceGroupName**:(required for UserAssignedMSI) The User-Assigned Managed Identity Resource Group used for the Bot's Authentication.
- **tenantId**: The Azure AD Tenant ID to use as part of the Bot's Authentication. Only used for SingleTenant and UserAssignedMSI app types. Defaults to <Subscription Tenant ID>.

**appId**:(required) Active Directory App ID or User-Assigned Managed Identity Client ID, set as MicrosoftAppId in the Web App's Application Settings.
MoreInfo: https://docs.microsoft.com/en-us/azure/bot-service/tutorial-provision-a-bot?view=azure-bot-service-4.0&tabs=userassigned%2Cnewgroup#create-an-identity-resource
64 changes: 62 additions & 2 deletions ...bot_name}}/deploymentTemplates/deployUseExistResourceGroup/template-AzureBot-with-rg.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@
}
},
"azureBotSku": {
"defaultValue": "S1",
"type": "string",
"defaultValue": "S1",
"metadata": {
"description": "The pricing tier of the Bot Service Registration. Allowed values are: F0, S1(default)."
}
Expand All @@ -24,15 +24,72 @@
},
"botEndpoint": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Use to handle client messages, Such as https://<botappServiceName>.azurewebsites.net/api/messages."
}
},
"appType": {
"type": "string",
"defaultValue": "MultiTenant",
"allowedValues": [
"MultiTenant",
"SingleTenant",
"UserAssignedMSI"
],
"metadata": {
"description": "Type of Bot Authentication. set as MicrosoftAppType in the Web App's Application Settings. Allowed values are: MultiTenant, SingleTenant, UserAssignedMSI. Defaults to \"MultiTenant\"."
}
},
"appId": {
"type": "string",
"metadata": {
"description": "Active Directory App ID or User-Assigned Managed Identity Client ID, set as MicrosoftAppId in the Web App's Application Settings."
}
},
"UMSIName": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The User-Assigned Managed Identity Resource used for the Bot's Authentication."
}
},
"UMSIResourceGroupName": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The User-Assigned Managed Identity Resource Group used for the Bot's Authentication."
}
},
"tenantId": {
"type": "string",
"defaultValue": "[subscription().tenantId]",
"metadata": {
"description": "The Azure AD Tenant ID to use as part of the Bot's Authentication. Only used for SingleTenant and UserAssignedMSI app types. Defaults to \"Subscription Tenant ID\"."
}
}
},
"variables": {
"botEndpoint": "[if(empty(parameters('botEndpoint')), concat('https://', parameters('azureBotId'), '.azurewebsites.net/api/messages'), parameters('botEndpoint'))]",
"tenantId": "[if(empty(parameters('tenantId')), subscription().tenantId, parameters('tenantId'))]",
"msiResourceId": "[if(empty(parameters('UMSIName')), '', concat(subscription().id, '/resourceGroups/', parameters('UMSIResourceGroupName'), '/providers/', 'Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('UMSIName')))]",
"appTypeDef": {
"MultiTenant": {
"tenantId": "",
"msiResourceId": ""
},
"SingleTenant": {
"tenantId": "[variables('tenantId')]",
"msiResourceId": ""
},
"UserAssignedMSI": {
"tenantId": "[variables('tenantId')]",
"msiResourceId": "[variables('msiResourceId')]"
}
},
"appType": {
"tenantId": "[variables('appTypeDef')[parameters('appType')].tenantId]",
"msiResourceId": "[variables('appTypeDef')[parameters('appType')].msiResourceId]"
}
},
"resources": [
Expand All @@ -49,8 +106,11 @@
"name": "[parameters('azureBotId')]",
"displayName": "[parameters('azureBotId')]",
"iconUrl": "https://docs.botframework.com/static/devportal/client/images/bot-framework-default.png",
"endpoint": "[parameters('botEndpoint')]",
"endpoint": "[variables('botEndpoint')]",
"msaAppId": "[parameters('appId')]",
"msaAppTenantId": "[variables('appType').tenantId]",
"msaAppMSIResourceId": "[variables('appType').msiResourceId]",
"msaAppType": "[parameters('appType')]",
"luisAppIds": [],
"schemaTransformationVersion": "1.3",
"isCmekEnabled": false,
Expand Down
85 changes: 77 additions & 8 deletions ...r.bot_name}}/deploymentTemplates/deployUseExistResourceGroup/template-BotApp-with-rg.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@
"parameters": {
"appServiceName": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The globally unique name of the Web App."
}
Expand All @@ -18,18 +17,21 @@
},
"existingAppServicePlanLocation": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The location of the App Service Plan."
}
},
"newAppServicePlanName": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The name of the new App Service Plan."
}
},
"newAppServicePlanLocation": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The location of the App Service Plan."
}
Expand All @@ -47,6 +49,18 @@
"description": "The SKU of the App Service Plan. Defaults to Standard values."
}
},
"appType": {
"type": "string",
"defaultValue": "MultiTenant",
"allowedValues": [
"MultiTenant",
"SingleTenant",
"UserAssignedMSI"
],
"metadata": {
"description": "Type of Bot Authentication. set as MicrosoftAppType in the Web App's Application Settings. Allowed values are: MultiTenant, SingleTenant, UserAssignedMSI. Defaults to \"MultiTenant\"."
}
},
"appId": {
"type": "string",
"metadata": {
Expand All @@ -59,13 +73,58 @@
"metadata": {
"description": "Active Directory App Password, set as MicrosoftAppPassword in the Web App's Application Settings. Required for MultiTenant and SingleTenant app types. Defaults to \"\"."
}
},
"UMSIName": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The User-Assigned Managed Identity Resource used for the Bot's Authentication. Defaults to \"\"."
}
},
"UMSIResourceGroupName": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The User-Assigned Managed Identity Resource Group used for the Bot's Authentication. Defaults to \"\"."
}
},
"tenantId": {
"type": "string",
"defaultValue": "[subscription().tenantId]",
"metadata": {
"description": "The Azure AD Tenant ID to use as part of the Bot's Authentication. Only used for SingleTenant and UserAssignedMSI app types. Defaults to \"Subscription Tenant ID\"."
}
}
},
"variables": {
"defaultAppServicePlanName": "[if(empty(parameters('existingAppServicePlanName')), 'createNewAppServicePlan', parameters('existingAppServicePlanName'))]",
"useExistingServicePlan": "[not(equals(variables('defaultAppServicePlanName'), 'createNewAppServicePlan'))]",
"tenantId": "[if(empty(parameters('tenantId')), subscription().tenantId, parameters('tenantId'))]",
"useExistingServicePlan": "[not(empty(parameters('existingAppServicePlanName')))]",
"servicePlanName": "[if(variables('useExistingServicePlan'), parameters('existingAppServicePlanName'), parameters('newAppServicePlanName'))]",
"servicePlanLocation": "[if(variables('useExistingServicePlan'), parameters('existingAppServicePlanLocation'), parameters('newAppServicePlanLocation'))]"
"servicePlanLocation": "[if(variables('useExistingServicePlan'), parameters('existingAppServicePlanLocation'), parameters('newAppServicePlanLocation'))]",
"msiResourceId": "[if(empty(parameters('UMSIName')), '', concat(subscription().id, '/resourceGroups/', parameters('UMSIResourceGroupName'), '/providers/', 'Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('UMSIName')))]",
"appTypeDef": {
"MultiTenant": {
"tenantId": "",
"identity": { "type": "None" }
},
"SingleTenant": {
"tenantId": "[variables('tenantId')]",
"identity": { "type": "None" }
},
"UserAssignedMSI": {
"tenantId": "[variables('tenantId')]",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"[variables('msiResourceId')]": {}
}
}
}
},
"appType": {
"tenantId": "[variables('appTypeDef')[parameters('appType')].tenantId]",
"identity": "[variables('appTypeDef')[parameters('appType')].identity]"
}
},
"resources": [
{
Expand All @@ -89,13 +148,15 @@
"comments": "Create a Web App using an App Service Plan",
"type": "Microsoft.Web/sites",
"apiVersion": "2015-08-01",
"name": "[parameters('appServiceName')]",
"location": "[variables('servicePlanLocation')]",
"kind": "app,linux",
"dependsOn": [
"[resourceId('Microsoft.Web/serverfarms', variables('servicePlanName'))]"
"[resourceId('Microsoft.Web/serverfarms', variables('servicePlanName'))]"
],
"name": "[parameters('appServiceName')]",
"identity": "[variables('appType').identity]",
"properties": {
"name": "[parameters('appServiceName')]",
"enabled": true,
"hostNameSslStates": [
{
Expand Down Expand Up @@ -124,13 +185,21 @@
"name": "SCM_DO_BUILD_DURING_DEPLOYMENT",
"value": "true"
},
{
"name": "MicrosoftAppType",
"value": "[parameters('appType')]"
},
{
"name": "MicrosoftAppId",
"value": "[parameters('appId')]"
},
{
"name": "MicrosoftAppPassword",
"value": "[parameters('appSecret')]"
},
{
"name": "MicrosoftAppTenantId",
"value": "[variables('appType').tenantId]"
}
],
"cors": {
Expand Down Expand Up @@ -167,7 +236,7 @@
"phpVersion": "",
"pythonVersion": "",
"nodeVersion": "",
"linuxFxVersion": "PYTHON|3.7",
"linuxFxVersion": "PYTHON|3.9",
"requestTracingEnabled": false,
"remoteDebuggingEnabled": false,
"remoteDebuggingVersion": "VS2017",
Expand Down Expand Up @@ -201,7 +270,7 @@
"autoHealEnabled": false,
"vnetName": "",
"minTlsVersion": "1.2",
"ftpsState": "AllAllowed",
"ftpsState": "Disabled",
"reservedInstanceCount": 0
}
}
Expand Down
Loading

0 comments on commit 3a55f8a

Please sign in to comment.