diff options
Diffstat (limited to '.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments')
17 files changed, 2831 insertions, 0 deletions
diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/__init__.py b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/__init__.py new file mode 100644 index 00000000..b7dab6c2 --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/__init__.py @@ -0,0 +1,10 @@ +# --------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# --------------------------------------------------------- + +__path__ = __import__("pkgutil").extend_path(__path__, __name__) # type: ignore + + +from .arm_deployment_executor import ArmDeploymentExecutor + +__all__ = ["ArmDeploymentExecutor"] diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_deployment_executor.py b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_deployment_executor.py new file mode 100644 index 00000000..a6089ad3 --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_deployment_executor.py @@ -0,0 +1,267 @@ +# --------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# --------------------------------------------------------- + +# pylint: disable=protected-access + +import logging +import time +from typing import Any, Dict, Optional + +from azure.ai.ml._arm_deployments.arm_helper import deployment_message_mapping +from azure.ai.ml._azure_environments import ( + _get_azure_portal_id_from_metadata, + _get_base_url_from_metadata, + _get_cloud_details, + _resource_to_scopes, +) +from azure.ai.ml._utils._arm_id_utils import AzureResourceId, get_arm_id_object_from_id +from azure.ai.ml._utils._logger_utils import initialize_logger_info +from azure.ai.ml._utils.utils import from_iso_duration_format_min_sec +from azure.ai.ml._vendor.azure_resources._resource_management_client import ResourceManagementClient +from azure.ai.ml._vendor.azure_resources.models import Deployment, DeploymentProperties +from azure.ai.ml.constants._common import ( + ENDPOINT_DEPLOYMENT_START_MSG, + ArmConstants, + LROConfigurations, + OperationStatus, +) +from azure.ai.ml.exceptions import ErrorCategory, ErrorTarget, ValidationException +from azure.core.credentials import TokenCredential +from azure.core.polling import LROPoller + +module_logger = logging.getLogger(__name__) +initialize_logger_info(module_logger, terminator="") + + +# pylint: disable=too-many-instance-attributes +class ArmDeploymentExecutor(object): + def __init__( + self, + credentials: TokenCredential, + resource_group_name: str, + subscription_id: str, + deployment_name: str, + **kwargs, + ): + self._credentials = credentials + self._subscription_id = subscription_id + self._resource_group_name = resource_group_name + self._deployment_name = deployment_name + self._cloud = _get_cloud_details() + management_hostname = _get_base_url_from_metadata() + credential_scopes = _resource_to_scopes(management_hostname) + kwargs.pop("base_url", None) + if credential_scopes is not None: + kwargs["credential_scopes"] = credential_scopes + self._client = ResourceManagementClient( + credential=self._credentials, + subscription_id=self._subscription_id, + api_version=ArmConstants.AZURE_MGMT_RESOURCE_API_VERSION, + base_url=management_hostname, + **kwargs, + ) + self._deployment_operations_client = self._client.deployment_operations + self._deployments_client = self._client.deployments + self._deployment_tracking = [] + self._lock = None # To allow only one deployment to print + self._printed_set = set() # To prevent already printed deployment from re using the console + self._resources_being_deployed = {} + + def deploy_resource( + self, + template: str, + resources_being_deployed: Dict[str, Any], + parameters: Optional[Dict] = None, + wait: bool = True, + ) -> Optional[LROPoller]: + total_duration = None + if not resources_being_deployed: + msg = "No resource is being deployed. Please check the template again." + raise ValidationException( + message=msg, + no_personal_data_message=msg, + target=ErrorTarget.ARM_DEPLOYMENT, + error_category=ErrorCategory.USER_ERROR, + ) + error = None + try: + poller = self._get_poller(template=template, parameters=parameters) + module_logger.info( + "The deployment request %s was accepted. ARM deployment URI for reference: \n", self._deployment_name + ) + endpoint_deployment_start_message = ENDPOINT_DEPLOYMENT_START_MSG.format( + _get_azure_portal_id_from_metadata(), + self._subscription_id, + self._resource_group_name, + self._deployment_name, + ) + module_logger.info(endpoint_deployment_start_message) + if wait: + try: + while not poller.done(): + try: + time.sleep(LROConfigurations.SLEEP_TIME) + self._check_deployment_status() + except KeyboardInterrupt as e: + self._client.close() + error = e + raise + + if poller._exception is not None: + error = poller._exception + except Exception as e: # pylint: disable=W0718 + error = e + finally: + # one last check to make sure all print statements make it + if not isinstance(error, KeyboardInterrupt): + self._check_deployment_status() + total_duration = poller.result().properties.duration + else: + return poller + except Exception as ex: + module_logger.debug("Polling hit the exception %s\n", ex) + raise ex + + if error is not None: + error_msg = f"Unable to create resource. \n {error}\n" + module_logger.error(error_msg) + raise error + if len(resources_being_deployed) > 1 and total_duration: + module_logger.info("Total time : %s\n", from_iso_duration_format_min_sec(total_duration)) + return None + + def _get_poller(self, template: str, parameters: Optional[Dict] = None, wait: bool = True) -> None: + # deploy the template + properties = DeploymentProperties(template=template, parameters=parameters, mode="incremental") + return self._deployments_client.begin_create_or_update( + resource_group_name=self._resource_group_name, + deployment_name=self._deployment_name, + parameters=Deployment(properties=properties), + polling=wait, + polling_interval=LROConfigurations.POLL_INTERVAL, + ) + + # pylint: disable=too-many-statements + def _check_deployment_status(self) -> None: + deployment_operations = self._deployment_operations_client.list( + resource_group_name=self._resource_group_name, + deployment_name=self._deployment_name, + ) + + for deployment_operation in deployment_operations: + operation_id = deployment_operation.operation_id + properties = deployment_operation.properties + target_resource = properties.target_resource + + module_logger.debug( + "\n Received deployment operation: %s, with status %s\n\n", + target_resource, + properties.provisioning_state, + ) + + if properties.provisioning_operation == "EvaluateDeploymentOutput": + continue + + arm_id_obj = get_arm_id_object_from_id(target_resource.id) + + resource_name = ( + f"{arm_id_obj.asset_name} {arm_id_obj.asset_version if hasattr(arm_id_obj,'asset_version') else ''}" + ) + # do swap on asset_type to avoid collision with workspaces asset_type in arm id + if isinstance(arm_id_obj, AzureResourceId): + arm_id_obj.asset_type = ( + arm_id_obj.asset_type + if not arm_id_obj.provider_namespace_with_type == "OperationalInsightsworkspaces" + else "LogAnalytics" + ) + deployment_message = deployment_message_mapping[arm_id_obj.asset_type].format(f"{resource_name} ") + if target_resource.resource_name not in self._resources_being_deployed: + self._resources_being_deployed[target_resource.resource_name] = ( + deployment_message, + None, + ) + + if ( + properties.provisioning_state + and (not self._lock or self._lock == target_resource.resource_name) + and target_resource.resource_name not in self._printed_set + ): + status_in_resource_dict = self._resources_being_deployed[target_resource.resource_name][1] + module_logger.debug( + ("\n LOCK STATUS : %s, Status in the resources dict : %s , Already in printed set: %s\n"), + self._lock, + status_in_resource_dict, + self._printed_set, + ) + module_logger.debug("Locking with the deployment : %s\n\n", target_resource.resource_name) + self._lock = target_resource.resource_name + provisioning_state = properties.provisioning_state + request_id = properties.service_request_id + + if target_resource is None: + continue + + resource_name = target_resource.resource_name + if resource_name not in self._resources_being_deployed: + resource_type, previous_state = resource_name, None + else: + resource_type, previous_state = self._resources_being_deployed[resource_name] + + duration = properties.duration + # duration comes in format: "PT1M56.3454108S" + try: + duration_in_min_sec = from_iso_duration_format_min_sec(duration) + except Exception: # pylint: disable=W0718 + duration_in_min_sec = "" + + self._resources_being_deployed[resource_name] = ( + resource_type, + provisioning_state, + ) + + if provisioning_state == OperationStatus.FAILED and previous_state != OperationStatus.FAILED: + status_code = properties.status_code + status_message = properties.status_message + module_logger.debug( + ( + "%s: Failed with operation id= %s, " + "service request id=%s, status=%s, " + "error message = %s.\n" + ), + resource_type, + operation_id, + request_id, + status_code, + status_message.error, + ) + module_logger.debug( + "More details: %s\n", + status_message.error.details[0].message if status_message.error.details else None, + ) + # self._lock = None + # First time we're seeing this so let the user know it's being deployed + elif properties.provisioning_state == OperationStatus.RUNNING and previous_state is None: + module_logger.info("%s ", resource_type) + elif ( + properties.provisioning_state == OperationStatus.RUNNING + and previous_state == OperationStatus.RUNNING + ): + module_logger.info(".") + # If the provisioning has already succeeded but we hadn't seen it Running before + # (really quick deployment - so probably never happening) let user know resource + # is being deployed and then let user know it has been deployed + elif properties.provisioning_state == OperationStatus.SUCCEEDED and previous_state is None: + module_logger.info("%s Done (%s)\n", resource_type, duration_in_min_sec) + self._lock = None + self._printed_set.add(resource_name) + module_logger.debug("Releasing lock for deployment: %s\n\n", target_resource.resource_name) + # Finally, deployment has succeeded and was previously running, so mark it as finished + elif ( + properties.provisioning_state == OperationStatus.SUCCEEDED + and previous_state != OperationStatus.SUCCEEDED + ): + module_logger.info(" Done (%s)\n", duration_in_min_sec) + self._lock = None + self._printed_set.add(resource_name) + module_logger.debug("Releasing lock for deployment: %s\n\n", target_resource.resource_name) diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_helper.py b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_helper.py new file mode 100644 index 00000000..14070db7 --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_helper.py @@ -0,0 +1,61 @@ +# --------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# --------------------------------------------------------- + +from os import path +from typing import Any, Dict + +from azure.ai.ml._utils.utils import load_json +from azure.ai.ml.constants._common import ArmConstants, AzureMLResourceType +from azure.ai.ml.exceptions import ErrorTarget, ValidationException + +template_mapping = { + ArmConstants.BASE_TYPE: "base_template.json", + ArmConstants.CODE_TYPE: "code.json", + ArmConstants.CODE_VERSION_TYPE: "code_version.json", + ArmConstants.ENVIRONMENT_VERSION_TYPE: "environment_version.json", + ArmConstants.MODEL_VERSION_TYPE: "model_version.json", + ArmConstants.MODEL_TYPE: "model.json", + ArmConstants.ONLINE_ENDPOINT_TYPE: "online_endpoint.json", + ArmConstants.ONLINE_DEPLOYMENT_TYPE: "online_deployment.json", + ArmConstants.UPDATE_ONLINE_ENDPOINT_TYPE: "update_online_endpoint.json", + ArmConstants.WORKSPACE_BASE: "workspace_base.json", + ArmConstants.WORKSPACE_PARAM: "workspace_param.json", + ArmConstants.FEATURE_STORE_ROLE_ASSIGNMENTS: "feature_store_role_assignments.json", + ArmConstants.FEATURE_STORE_ROLE_ASSIGNMENTS_PARAM: "feature_store_role_assignments_param.json", + ArmConstants.WORKSPACE_PROJECT: "workspace_project.json", +} + + +deployment_message_mapping = { + ArmConstants.CODE_TYPE: "Registering code: ({0})", + AzureMLResourceType.CODE: "Registering code version: ({0})", + ArmConstants.CODE_VERSION_TYPE: "Registering code version: ({0})", + ArmConstants.ENVIRONMENT_VERSION_TYPE: "Registering environment version: ({0})", + AzureMLResourceType.ENVIRONMENT: "Registering environment version: ({0})", + ArmConstants.MODEL_VERSION_TYPE: "Registering model version: ({0})", + ArmConstants.MODEL_TYPE: "Registering model: ({0})", + AzureMLResourceType.MODEL: "Registering model version: ({0})", + ArmConstants.ONLINE_ENDPOINT_TYPE: "Creating endpoint: {0}", + ArmConstants.ONLINE_DEPLOYMENT_TYPE: "Creating or updating deployment: {0}", + AzureMLResourceType.DEPLOYMENT: "Creating or updating deployment: {0}", + ArmConstants.UPDATE_ONLINE_ENDPOINT_TYPE: "Updating traffic", + ArmConstants.KEY_VAULT_PARAMETER_NAME: "Creating Key Vault: ({0})", + ArmConstants.LOG_ANALYTICS: "Creating Log Analytics Workspace: ({0})", + ArmConstants.APP_INSIGHTS_PARAMETER_NAME: "Creating Application Insights: ({0})", + ArmConstants.CONTAINER_REGISTRY_PARAMETER_NAME: "Creating Container Registry: ({0})", + ArmConstants.STORAGE_ACCOUNT_PARAMETER_NAME: "Creating Storage Account: ({0})", + AzureMLResourceType.WORKSPACE: "Creating AzureML Workspace: ({0})", + AzureMLResourceType.CONNECTIONS: "Creating connection: ({0})", + ArmConstants.USER_ASSIGNED_IDENTITIES: "Creating User Assigned Identities: ({0})", + ArmConstants.ROLE_ASSIGNMENTS: "Creating Role Assignment: ({0})", + ArmConstants.MULTIPLE_ENDPOINTS_TYPE: "Creating endpoints: ({0})", +} + + +def get_template(resource_type: str) -> Dict[str, Any]: + if resource_type not in template_mapping: + msg = "can't find the template for the resource {}".format(resource_type) + raise ValidationException(message=msg, no_personal_data_message=msg, target=ErrorTarget.ARM_RESOURCE) + template_path = path.join(path.dirname(__file__), "arm_templates", template_mapping[resource_type]) + return load_json(file_path=template_path) diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/__init__.py b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/__init__.py new file mode 100644 index 00000000..29a4fcd3 --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/__init__.py @@ -0,0 +1,5 @@ +# --------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# --------------------------------------------------------- + +__path__ = __import__("pkgutil").extend_path(__path__, __name__) # type: ignore diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/base_template.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/base_template.json new file mode 100644 index 00000000..c57299eb --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/base_template.json @@ -0,0 +1,7 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": {}, + "variables": {}, + "resources": [] +} \ No newline at end of file diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/code_version.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/code_version.json new file mode 100644 index 00000000..0e9bd949 --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/code_version.json @@ -0,0 +1,11 @@ +{ + "type": "Microsoft.MachineLearningServices/workspaces/codes/versions", + "apiVersion": "2021-10-01", + "name": "[concat(parameters('workspaceName'), '/', parameters('code_version')[copyIndex()].name, '/', parameters('code_version')[copyIndex()].version)]", + "properties": "[parameters('code_version')[copyIndex()].properties]", + "copy": { + "name": "codeVersionDeploymentCopy", + "count": "[length(parameters('code_version'))]", + "mode": "serial" + } +} \ No newline at end of file diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/environment_version.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/environment_version.json new file mode 100644 index 00000000..86c4072e --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/environment_version.json @@ -0,0 +1,11 @@ +{ + "type": "Microsoft.MachineLearningServices/workspaces/environments/versions", + "apiVersion": "2021-10-01", + "name": "[concat(parameters('workspaceName'), '/', parameters('environment_version')[copyIndex()].name, '/', parameters('environment_version')[copyIndex()].version)]", + "properties": "[parameters('environment_version')[copyIndex()].properties]", + "copy": { + "name": "environmentVersionDeploymentCopy", + "count": "[length(parameters('environment_version'))]", + "mode": "serial" + } +} \ No newline at end of file diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/feature_store_role_assignments.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/feature_store_role_assignments.json new file mode 100644 index 00000000..bde437c9 --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/feature_store_role_assignments.json @@ -0,0 +1,194 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "materialization_identity_resource_id": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store materialization identity resource id" + } + }, + "offline_store_target": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "offline store resource id" + } + }, + "offline_store_resource_group_name": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store offline store resource group" + } + }, + "offline_store_subscription_id": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store offline store subscription id" + } + }, + "online_store_target": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "online store resource id" + } + }, + "online_store_resource_group_name": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store online store resource group" + } + }, + "online_store_subscription_id": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store online store subscription id" + } + }, + "workspace_name": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Specifies the name of the Azure Machine Learning workspace." + } + }, + "resource_group_name": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Specifies the name of the resource group." + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Specifies the location for all resources." + } + }, + "update_offline_store_role_assignment": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "Determines whether to update offline store role assignment" + } + }, + "update_online_store_role_assignment": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "Determines whether to update online store role assignment" + } + }, + "update_workspace_role_assignment": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "Determines whether to update workspace role assignment" + } + } + }, + "resources": [ + { + "condition": "[and(not(empty(parameters('materialization_identity_resource_id'))), equals(parameters('update_workspace_role_assignment'), 'true'))]", + "type": "Microsoft.Resources/deployments", + "name": "[concat('workspace-role-assign-', guid(parameters('materialization_identity_resource_id'), parameters('resource_group_name'), parameters('workspace_name'), 'azureml ds role'))]", + "apiVersion": "2020-06-01", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + { + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(parameters('materialization_identity_resource_id'), resourceId('Microsoft.MachineLearningServices/workspaces', parameters('workspace_name')), 'azureml ds role')]", + "scope": "[resourceId(parameters('resource_group_name'), 'Microsoft.MachineLearningServices/workspaces', parameters('workspace_name'))]", + "properties": { + "roleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'f6c7c914-8db3-469d-8ca1-694a8f32e121')]", + "principalId": "[reference(parameters('materialization_identity_resource_id'), '2018-11-30').principalId]", + "principalType": "ServicePrincipal" + } + } + ] + } + } + }, + { + "condition": "[and(not(empty(parameters('materialization_identity_resource_id'))), equals(parameters('update_offline_store_role_assignment'), 'true'), not(empty(parameters('offline_store_target'))))]", + "type": "Microsoft.Resources/deployments", + "name": "[concat('offline-store-role-assign-', guid(parameters('materialization_identity_resource_id'), parameters('offline_store_target'), 'storage blob data contributor'))]", + "apiVersion": "2020-06-01", + "resourceGroup": "[If(empty(parameters('offline_store_resource_group_name')), resourceGroup().name, parameters('offline_store_resource_group_name'))]", + "subscriptionId": "[If(empty(parameters('offline_store_subscription_id')), subscription().subscriptionId, parameters('offline_store_subscription_id'))]", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + { + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(parameters('materialization_identity_resource_id'), parameters('offline_store_target'), 'storage blob data contributor')]", + "scope": "[parameters('offline_store_target')]", + "location": "[parameters('location')]", + "properties": { + "roleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'ba92f5b4-2d11-453d-a403-e96b0029c9fe')]", + "principalId": "[reference(parameters('materialization_identity_resource_id'), '2023-01-31').principalId]", + "principalType": "ServicePrincipal" + } + } + ] + } + } + }, + { + "condition": "[and(not(empty(parameters('materialization_identity_resource_id'))), equals(parameters('update_online_store_role_assignment'), 'true'), not(empty(parameters('online_store_target'))))]", + "type": "Microsoft.Resources/deployments", + "name": "[concat('online-store-role-assign-', guid(parameters('materialization_identity_resource_id'), parameters('online_store_target'), 'contributor'))]", + "apiVersion": "2020-06-01", + "resourceGroup": "[If(empty(parameters('online_store_resource_group_name')), resourceGroup().name, parameters('online_store_resource_group_name'))]", + "subscriptionId": "[If(empty(parameters('online_store_subscription_id')), subscription().subscriptionId, parameters('online_store_subscription_id'))]", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + { + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(parameters('materialization_identity_resource_id'), parameters('online_store_target'), 'contributor')]", + "scope": "[parameters('online_store_target')]", + "location": "[parameters('location')]", + "properties": { + "roleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c')]", + "principalId": "[reference(parameters('materialization_identity_resource_id'), '2023-01-31').principalId]", + "principalType": "ServicePrincipal" + } + } + ] + } + } + } + ] +} \ No newline at end of file diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/feature_store_role_assignments_param.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/feature_store_role_assignments_param.json new file mode 100644 index 00000000..6f62c1a1 --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/feature_store_role_assignments_param.json @@ -0,0 +1,41 @@ +{ + "materialization_identity_resource_id": { + "value": null + }, + "offline_store_target": { + "value": null + }, + "offline_store_resource_group_name" : { + "value": null + }, + "offline_store_subscription_id" : { + "value": null + }, + "online_store_target": { + "value": null + }, + "online_store_resource_group_name" : { + "value": null + }, + "online_store_subscription_id" : { + "value": null + }, + "workspace_name": { + "value": null + }, + "resource_group_name": { + "value": null + }, + "location": { + "value": "" + }, + "update_offline_store_role_assignment": { + "value": "false" + }, + "update_online_store_role_assignment": { + "value": "false" + }, + "update_workspace_role_assignment": { + "value": "false" + } +} \ No newline at end of file diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/model.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/model.json new file mode 100644 index 00000000..27a92bdd --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/model.json @@ -0,0 +1,11 @@ +{ + "type": "Microsoft.MachineLearningServices/workspaces/models", + "apiVersion": "2021-10-01", + "name": "[concat(parameters('workspaceName'), '/', parameters('models')[copyIndex()].name)]", + "properties": "[parameters('models')[copyIndex()].properties]", + "copy": { + "name": "modelDeploymentCopy", + "count": "[length(parameters('models'))]", + "mode": "serial" + } +} \ No newline at end of file diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/model_version.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/model_version.json new file mode 100644 index 00000000..e9edc83e --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/model_version.json @@ -0,0 +1,11 @@ +{ + "type": "Microsoft.MachineLearningServices/workspaces/models/versions", + "apiVersion": "2021-10-01", + "name": "[concat(parameters('workspaceName'), '/', parameters('model_version')[copyIndex()].name, '/', parameters('model_version')[copyIndex()].version)]", + "properties": "[parameters('model_version')[copyIndex()].properties]", + "copy": { + "name": "modelVersionDeploymentCopy", + "count": "[length(parameters('model_version'))]", + "mode": "serial" + } +} \ No newline at end of file diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/online_deployment.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/online_deployment.json new file mode 100644 index 00000000..0bf51f61 --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/online_deployment.json @@ -0,0 +1,17 @@ +{ + "type": "Microsoft.MachineLearningServices/workspaces/onlineEndpoints/deployments", + "apiVersion": "2021-10-01", + "location": "[parameters('location')]", + "name": "[concat(parameters('workspaceName'), '/', parameters('onlineEndpointName'), '/', parameters('online_deployment')[copyIndex()].name)]", + "identity": { + "type": "None" + }, + "properties": "[parameters('online_deployment')[copyIndex()].properties]", + "tags": "[parameters('online_deployment')[copyIndex()].tags]", + "sku": "[parameters('online_deployment')[copyIndex()].sku]", + "copy": { + "name": "onlineDeploymentCopy", + "count": "[length(parameters('online_deployment'))]", + "mode": "serial" + } +} \ No newline at end of file diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/online_endpoint.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/online_endpoint.json new file mode 100644 index 00000000..ecafb25d --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/online_endpoint.json @@ -0,0 +1,15 @@ +{ + "condition": "[equals(parameters('endpointCreateOrUpdate'),'create')]", + "type": "Microsoft.MachineLearningServices/workspaces/onlineEndpoints", + "apiVersion": "2021-10-01", + "location": "[parameters('location')]", + "name": "[concat(parameters('workspaceName'), '/', parameters('onlineEndpointName'))]", + "identity": "[parameters('onlineEndpointIdentity')]", + "tags": "[parameters('onlineEndpointTags')]", + "properties": "[parameters('onlineEndpointProperties')]", + "copy": { + "name": "onlineEndpointCopy", + "count": 1, + "mode": "serial" + } +} \ No newline at end of file diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/update_online_endpoint.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/update_online_endpoint.json new file mode 100644 index 00000000..59a2b67a --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/update_online_endpoint.json @@ -0,0 +1,27 @@ +{ + "apiVersion": "2015-01-01", + "type": "Microsoft.Resources/deployments", + "name": "[concat('updateEndpointWithTraffic', '-', parameters('onlineEndpointName'))]", + "properties": { + "mode": "Incremental", + "parameters": {}, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": {}, + "variables": {}, + "resources": [ + { + "type": "Microsoft.MachineLearningServices/workspaces/onlineEndpoints", + "apiVersion": "2021-10-01", + "location": "[parameters('location')]", + "name": "[concat(parameters('workspaceName'), '/', parameters('onlineEndpointName'))]", + "identity": "[parameters('onlineEndpointIdentity')]", + "tags": "[parameters('onlineEndpointTags')]", + "properties": "[parameters('onlineEndpointPropertiesTrafficUpdate')]" + } + ], + "outputs": {} + } + } +} \ No newline at end of file diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/workspace_base.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/workspace_base.json new file mode 100644 index 00000000..c75daf50 --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/workspace_base.json @@ -0,0 +1,1194 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "workspaceName": { + "type": "string", + "metadata": { + "description": "Specifies the name of the Azure Machine Learning workspace." + } + }, + "description": { + "type": "string", + "metadata": { + "description": "Description string." + } + }, + "friendlyName": { + "type": "string", + "metadata": { + "description": "Friendly name." + } + }, + "kind": { + "type": "string", + "defaultValue": "Default", + "metadata": { + "description": "Specifies the Kind of the workspace." + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Specifies the location for all resources." + } + }, + "resourceGroupName": { + "type": "string", + "metadata": { + "description": "Specifies the resource group name of the Azure Machine Learning workspace." + } + }, + "associatedResourcePNA": { + "type": "string", + "defaultValue": "Enabled", + "allowedValues": [ + "Enabled", + "Disabled" + ], + "metadata": { + "description": "Determines the PublicNetworkAccess mode of new workspace-associated resources provisioned alongside with workspace." + } + }, + "storageAccountOption": { + "type": "string", + "defaultValue": "new", + "allowedValues": [ + "new", + "existing" + ], + "metadata": { + "description": "Determines whether or not a new storage should be provisioned." + } + }, + "storageAccountName": { + "type": "string", + "defaultValue": "[concat('sa', uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of the storage account." + } + }, + "storageAccountType": { + "type": "string", + "defaultValue": "Standard_LRS" + }, + "storageAccountBehindVNet": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "Determines whether or not to put the storage account behind VNet" + } + }, + "storageAccountSubscriptionId": { + "type": "string", + "defaultValue": "[subscription().subscriptionId]" + }, + "storageAccountResourceGroupName": { + "type": "string", + "defaultValue": "[parameters('resourceGroupName')]" + }, + "storageAccountLocation": { + "type": "string", + "defaultValue": "[parameters('location')]" + }, + "keyVaultOption": { + "type": "string", + "defaultValue": "new", + "allowedValues": [ + "new", + "existing" + ], + "metadata": { + "description": "Determines whether or not a new key vault should be provisioned." + } + }, + "keyVaultName": { + "type": "string", + "defaultValue": "[concat('kv', uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of the key vault." + } + }, + "keyVaultBehindVNet": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "Determines whether or not to put the storage account behind VNet" + } + }, + "keyVaultResourceGroupName": { + "type": "string", + "defaultValue": "[parameters('resourceGroupName')]" + }, + "keyVaultLocation": { + "type": "string", + "defaultValue": "[parameters('location')]" + }, + "applicationInsightsOption": { + "type": "string", + "defaultValue": "new", + "allowedValues": [ + "new", + "existing", + "none" + ], + "metadata": { + "description": "Determines whether or not new ApplicationInsights should be provisioned." + } + }, + "logAnalyticsName": { + "type": "string", + "defaultValue": "[concat('la', uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of LogAnalytics to be used by ApplicationInsights resource." + } + }, + "logAnalyticsArmId": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "ARM Id of LogAnalytics to be used by ApplicationInsights resource." + } + }, + "applicationInsightsName": { + "type": "string", + "defaultValue": "[concat('ai', uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of ApplicationInsights." + } + }, + "applicationInsightsResourceGroupName": { + "type": "string", + "defaultValue": "[parameters('resourceGroupName')]" + }, + "applicationInsightsLocation": { + "type": "string", + "defaultValue": "[parameters('location')]" + }, + "containerRegistryOption": { + "type": "string", + "defaultValue": "none", + "allowedValues": [ + "existing", + "none" + ], + "metadata": { + "description": "Determines whether or not a new container registry should be provisioned." + } + }, + "containerRegistryName": { + "type": "string", + "defaultValue": "[concat('cr', uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "The container registry bind to the workspace." + } + }, + "containerRegistrySku": { + "type": "string", + "defaultValue": "Standard", + "allowedValues": [ + "Basic", + "Standard", + "Premium" + ] + }, + "containerRegistryResourceGroupName": { + "type": "string", + "defaultValue": "[parameters('resourceGroupName')]" + }, + "containerRegistryBehindVNet": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "Determines whether or not to put container registry behind VNet." + } + }, + "containerRegistryLocation": { + "type": "string", + "defaultValue": "[parameters('location')]" + }, + "vnetOption": { + "type": "string", + "defaultValue": "[if(equals(parameters('privateEndpointType'), 'none'), 'none', 'new')]", + "allowedValues": [ + "new", + "existing", + "none" + ], + "metadata": { + "description": "Determines whether or not a new VNet should be provisioned." + } + }, + "vnetName": { + "type": "string", + "defaultValue": "[concat('vn',uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of the VNet" + } + }, + "vnetResourceGroupName": { + "type": "string", + "defaultValue": "[parameters('resourceGroupName')]" + }, + "addressPrefixes": { + "type": "array", + "defaultValue": [ + "10.0.0.0/16" + ], + "metadata": { + "description": "Address prefix of the virtual network" + } + }, + "subnetOption": { + "type": "string", + "defaultValue": "[if(or(not(equals(parameters('privateEndpointType'), 'none')), equals(parameters('vnetOption'), 'new')), 'new', 'none')]", + "allowedValues": [ + "new", + "existing", + "none" + ], + "metadata": { + "description": "Determines whether or not a new subnet should be provisioned." + } + }, + "subnetName": { + "type": "string", + "defaultValue": "[concat('sn',uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of the subnet" + } + }, + "subnetPrefix": { + "type": "string", + "defaultValue": "10.0.0.0/24", + "metadata": { + "description": "Subnet prefix of the virtual network" + } + }, + "adbWorkspace": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Azure Databrick workspace to be linked to the workspace" + } + }, + "confidential_data": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "false", + "true" + ], + "metadata": { + "description": "Specifies that the Azure Machine Learning workspace holds highly confidential data." + } + }, + "encryption_status": { + "type": "string", + "defaultValue": "Disabled", + "allowedValues": [ + "Enabled", + "Disabled" + ], + "metadata": { + "description": "Specifies if the Azure Machine Learning workspace should be encrypted with customer managed key." + } + }, + "cmk_keyvault": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Specifies the customer managed keyVault arm id." + } + }, + "resource_cmk_uri": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Specifies if the customer managed keyvault key uri." + } + }, + "privateEndpointType": { + "type": "string", + "defaultValue": "none", + "allowedValues": [ + "AutoApproval", + "ManualApproval", + "none" + ] + }, + "tagValues": { + "type": "object" + }, + "privateEndpointName": { + "type": "string", + "defaultValue": "pe", + "metadata": { + "description": "Name of the private end point added to the workspace" + } + }, + "privateEndpointResourceGroupName": { + "type": "string", + "defaultValue": "[parameters('resourceGroupName')]", + "metadata": { + "description": "Name of the resource group where the private end point is added to" + } + }, + "imageBuildCompute": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The name of the compute target to use for building environment Docker images with the container registry is behind a VNet." + } + }, + "publicNetworkAccess": { + "type": "string", + "defaultValue": "Enabled", + "allowedValues": [ + "Disabled", + "Enabled" + ], + "metadata": { + "description": "Whether to allow public endpoint connectivity when a workspace is private link enabled." + } + }, + "soft_delete_enabled": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "false", + "true" + ], + "metadata": { + "description": "Whether to create a workspace with soft delete capability" + } + }, + "allow_recover_softdeleted_workspace": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "false", + "true" + ], + "metadata": { + "description": "Whether to allow an existing soft-deleted workspace to be recovered" + } + }, + "encryption_cosmosdb_resourceid": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The Bring-Your-Own cosmosdb account that customer brings to store data" + } + }, + "encryption_storage_resourceid": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The Bring-Your-Own storage account that customer brings to store data" + } + }, + "encryption_search_resourceid": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The Bring-Your-Own search account that customer brings to store data" + } + }, + "identity": { + "type": "object", + "defaultValue": { + "type": "systemAssigned" + }, + "metadata": { + "description": "Managed identities assigned to workspace. If not specificed, SystemAssigned managed identity is the default." + } + }, + "primaryUserAssignedIdentity": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "ARM identifier of primary user assigned managed identity, in case multiple ones are specified. Also the default managed identity for clusterless compute." + } + }, + "managedNetwork": { + "type": "object", + "defaultValue": { + "isolationMode": "Disabled" + }, + "metadata": { + "description": "Managed network settings to be used for the workspace. If not specified, isolation mode Disabled is the default" + } + }, + "provisionNetworkNow": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "Set to provision the managed VNet with the default Options when creating a Workspace with the managed VNet enabled" + } + }, + "allowRoleAssignmentOnRG": { + "type": "string", + "defaultValue": "true", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "A flag to determine if workspace should be created/update with allow role assignment on resource group level." + } + }, + "spark_runtime_version": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "spark version to be used by all feature sets" + } + }, + "offlineStoreStorageAccountOption": { + "type": "string", + "defaultValue": "none", + "allowedValues": [ + "new", + "existing", + "none" + ], + "metadata": { + "description": "Determines whether or not to provision a feature store offline store storage account" + } + }, + "offline_store_storage_account_name": { + "type": "string", + "defaultValue": "[concat('sa', uniqueString('featurestore', parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of the feature store offline store storage account." + } + }, + "offline_store_container_name": { + "type": "string", + "defaultValue": "[concat('offlinestore', newGuid())]", + "metadata": { + "description": "Feature store offline store container" + } + }, + "offline_store_resource_group_name": { + "type": "string", + "defaultValue": "[resourceGroup().name]", + "metadata": { + "description": "Feature store offline store resource group" + } + }, + "offline_store_subscription_id": { + "type": "string", + "defaultValue": "[subscription().subscriptionId]", + "metadata": { + "description": "Feature store offline store subscription id" + } + }, + "offline_store_connection_name": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store offline store config" + } + }, + "online_store_resource_id": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store online store resource id" + } + }, + "online_store_resource_group_name": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store online store resource group" + } + }, + "online_store_subscription_id": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store online store subscription id" + } + }, + "online_store_connection_name": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store online store config" + } + }, + "materializationIdentityOption": { + "type": "string", + "defaultValue": "none", + "allowedValues": [ + "new", + "existing", + "none" + ], + "metadata": { + "description": "Determines whether or not to provision a materialization identity" + } + }, + "materialization_identity_name": { + "type": "string", + "defaultValue": "empty", + "metadata": { + "description": "Feature store materialization identity name" + } + }, + "materialization_identity_subscription_id": { + "type": "string", + "defaultValue": "[subscription().subscriptionId]", + "metadata": { + "description": "Feature store materialization identity subscription id" + } + }, + "materialization_identity_resource_group_name": { + "type": "string", + "defaultValue": "[resourceGroup().name]", + "metadata": { + "description": "Feature store materialization identity resource group name" + } + }, + "grant_materialization_permissions": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "false", + "true" + ], + "metadata": { + "description": "Whether to grant materialization identity permissions" + } + }, + "enable_data_isolation": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "false", + "true" + ], + "metadata": { + "description": "A flag to determine if workspace has data isolation enabled. The flag can only be set at the creation phase, it can't be updated." + } + }, + "workspace_hub_config" : { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "Additional configuration for WorkspaceHub." + } + }, + "existing_workspaces" : { + "type": "array", + "defaultValue": [], + "metadata": { + "description": "A list of existing workspaces used by Hub to perform convert." + } + }, + "workspace_hub" : { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Resource Id of Hub used for lean workspace." + } + }, + "serverless_compute_settings": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "Serverless compute settings to be used for the workspace." + } + }, + "systemDatastoresAuthMode": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The authentication mode for system datastores" + } + }, + "endpoint_resource_id": { + "type": "string", + "defaultValue": "null", + "metadata": { + "description": "The resource id that this workspace hub's endpoints should reference." + } + }, + "endpoint_kind": { + "type": "string", + "defaultValue": "AIServices", + "metadata": { + "description": "The kind of endpoints this workspace hub ought to contain." + } + }, + "endpoint_option": { + "type": "string", + "defaultValue": "new", + "metadata": { + "description": "Testing value. Do not touch." + } + } + }, + "variables": { + "tenantId": "[subscription().tenantId]", + "storageAccount": "[resourceId(parameters('storageAccountSubscriptionId'), parameters('storageAccountResourceGroupName'), 'Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]", + "keyVault": "[resourceId(parameters('keyVaultResourceGroupName'), 'Microsoft.KeyVault/vaults', parameters('keyVaultName'))]", + "containerRegistry": "[resourceId(parameters('containerRegistryResourceGroupName'), 'Microsoft.ContainerRegistry/registries', parameters('containerRegistryName'))]", + "applicationInsights": "[resourceId(parameters('applicationInsightsResourceGroupName'), 'Microsoft.Insights/components', parameters('applicationInsightsName'))]", + "vnet": "[resourceId(parameters('vnetResourceGroupName'), 'Microsoft.Network/virtualNetworks', parameters('vnetName'))]", + "subnet": "[resourceId(parameters('vnetResourceGroupName'), 'Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('subnetName'))]", + "enablePE": true, + "networkRuleSetBehindVNet": { + "defaultAction": "deny", + "virtualNetworkRules": [ + { + "action": "Allow", + "id": "[variables('subnet')]" + } + ] + }, + "networkAclsForManagedNetworkDependencies": { + "defaultAction": "deny", + "bypass": "AzureServices" + }, + "privateEndpointSettings": { + "name": "[concat(parameters('workspaceName'), '-PrivateEndpoint')]", + "properties": { + "privateLinkServiceId": "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('workspaceName'))]", + "groupIds": [ + "amlworkspace" + ] + } + }, + "defaultPEConnections": "[array(variables('privateEndpointSettings'))]", + "privateEndpointDeploymentName": "[concat('DeployPrivateEndpoint-', uniqueString(parameters('privateEndpointName')))]", + "materializationIdentity": "[resourceId(parameters('materialization_identity_subscription_id'), parameters('materialization_identity_resource_group_name'), 'Microsoft.ManagedIdentity/userAssignedIdentities', parameters('materialization_identity_name'))]", + "offlineStore": "[resourceId(parameters('offline_store_subscription_id'), parameters('offline_store_resource_group_name'), 'Microsoft.Storage/storageAccounts/blobServices/containers', parameters('offline_store_storage_account_name'), 'default', parameters('offline_store_container_name'))]", + "isWorkspaceHub": "[equals(parameters('kind'), 'hub')]" + }, + "resources": [ + { + "condition": "[and(variables('enablePE'), equals(parameters('vnetOption'), 'new'))]", + "type": "Microsoft.Network/virtualNetworks", + "apiVersion": "2019-09-01", + "name": "[parameters('vnetName')]", + "location": "[parameters('location')]", + "tags": "[parameters('tagValues')]", + "properties": { + "addressSpace": { + "addressPrefixes": "[parameters('addressPrefixes')]" + }, + "enableDdosProtection": false, + "enableVmProtection": false + } + }, + { + "condition": "[and(variables('enablePE'), equals(parameters('subnetOption'), 'new'))]", + "type": "Microsoft.Network/virtualNetworks/subnets", + "apiVersion": "2019-09-01", + "name": "[concat(parameters('vnetName'), '/', parameters('subnetName'))]", + "dependsOn": [ + "[resourceId('Microsoft.Network/virtualNetworks', parameters('vnetName'))]" + ], + "properties": { + "addressPrefix": "[parameters('subnetPrefix')]", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Enabled", + "serviceEndpoints": [ + { + "service": "Microsoft.Storage" + }, + { + "service": "Microsoft.KeyVault" + }, + { + "service": "Microsoft.ContainerRegistry" + } + ] + } + }, + { + "condition": "[and(equals(parameters('kind'), 'featurestore'), equals(parameters('materializationIdentityOption'), 'new'))]", + "type": "Microsoft.ManagedIdentity/userAssignedIdentities", + "apiVersion": "2018-11-30", + "name": "[parameters('materialization_identity_name')]", + "location": "[parameters('location')]" + }, + { + "condition": "[and(variables('enablePE'), equals(parameters('storageAccountOption'), 'new'))]", + "type": "Microsoft.Storage/storageAccounts", + "apiVersion": "2023-04-01", + "name": "[parameters('storageAccountName')]", + "tags": "[parameters('tagValues')]", + "dependsOn": [ + "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('subnetName'))]" + ], + "location": "[parameters('storageAccountLocation')]", + "sku": { + "name": "[parameters('storageAccountType')]" + }, + "kind": "StorageV2", + "properties": { + "encryption": { + "services": { + "blob": { + "enabled": true + }, + "file": { + "enabled": true + } + }, + "keySource": "Microsoft.Storage" + }, + "supportsHttpsTrafficOnly": true, + "allowBlobPublicAccess": false, + "networkAcls": "[if(equals(parameters('associatedResourcePNA'), 'Disabled'), variables('networkAclsForManagedNetworkDependencies'), if(equals(parameters('storageAccountBehindVNet'), 'true'), variables('networkRuleSetBehindVNet'), json('null')))]", + "publicNetworkAccess": "[parameters('associatedResourcePNA')]", + "isHnsEnabled": "[equals(parameters('kind'), 'featurestore')]", + "minimumTlsVersion": "TLS1_2" + } + }, + { + "condition": "[and(variables('enablePE'), equals(parameters('kind'), 'featurestore'), equals(parameters('storageAccountOption'), 'existing'), equals(parameters('offlineStoreStorageAccountOption'), 'new'))]", + "type": "Microsoft.Storage/storageAccounts", + "apiVersion": "2019-04-01", + "name": "[parameters('offline_store_storage_account_name')]", + "tags": "[parameters('tagValues')]", + "location": "[parameters('location')]", + "sku": { + "name": "Standard_LRS" + }, + "kind": "StorageV2", + "properties": { + "encryption": { + "services": { + "blob": { + "enabled": true + }, + "file": { + "enabled": true + } + }, + "keySource": "Microsoft.Storage" + }, + "supportsHttpsTrafficOnly": true, + "allowBlobPublicAccess": false, + "networkAcls": "[json('null')]", + "isHnsEnabled": true, + "minimumTlsVersion": "TLS1_2" + } + }, + { + "condition": "[and(variables('enablePE'), equals(parameters('kind'), 'featurestore'), equals(parameters('offlineStoreStorageAccountOption'), 'new'))]", + "type": "Microsoft.Storage/storageAccounts/blobServices/containers", + "apiVersion": "2021-04-01", + "name": "[concat(parameters('offline_store_storage_account_name'), '/default/', parameters('offline_store_container_name'))]", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', parameters('offline_store_storage_account_name'))]" + ] + }, + { + "condition": "[and(variables('enablePE'), equals(parameters('keyVaultOption'), 'new'))]", + "type": "Microsoft.KeyVault/vaults", + "apiVersion": "2023-07-01", + "tags": "[parameters('tagValues')]", + "dependsOn": [ + "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('subnetName'))]" + ], + "name": "[parameters('keyVaultName')]", + "location": "[parameters('keyVaultLocation')]", + "properties": { + "tenantId": "[variables('tenantId')]", + "sku": { + "name": "standard", + "family": "A" + }, + "accessPolicies": [], + "enableRbacAuthorization": true, + "networkAcls": "[if(equals(parameters('associatedResourcePNA'), 'Disabled'), variables('networkAclsForManagedNetworkDependencies'), if(equals(parameters('keyVaultBehindVNet'), 'true'), variables('networkRuleSetBehindVNet'), json('null')))]", + "publicNetworkAccess": "[parameters('associatedResourcePNA')]" + } + }, + { + "condition": "[and(variables('enablePE'), equals(parameters('applicationInsightsOption'), 'new'))]", + "type": "Microsoft.OperationalInsights/workspaces", + "tags": "[parameters('tagValues')]", + "apiVersion": "2020-08-01", + "name": "[parameters('logAnalyticsName')]", + "location": "[if(or(equals(toLower(parameters('applicationInsightsLocation')),'westcentralus'), equals(toLower(parameters('applicationInsightsLocation')),'eastus2euap'), equals(toLower(parameters('applicationInsightsLocation')),'centraluseuap')),'southcentralus', parameters('applicationInsightsLocation'))]", + "kind": "web", + "properties": { + "Application_Type": "web" + } + }, + { + "condition": "[and(variables('enablePE'), equals(parameters('applicationInsightsOption'), 'new'))]", + "type": "Microsoft.Insights/components", + "tags": "[parameters('tagValues')]", + "apiVersion": "2020-02-02-preview", + "name": "[parameters('applicationInsightsName')]", + "location": "[if(or(equals(toLower(parameters('applicationInsightsLocation')),'westcentralus'), equals(toLower(parameters('applicationInsightsLocation')),'eastus2euap'), equals(toLower(parameters('applicationInsightsLocation')),'centraluseuap')),'southcentralus', parameters('applicationInsightsLocation'))]", + "kind": "web", + "dependsOn": [ + "[resourceId('Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsName'))]" + ], + "properties": { + "Application_Type": "web", + "WorkspaceResourceId": "[parameters('logAnalyticsArmId')]" + } + }, + { + "condition": "[variables('enablePE')]", + "type": "Microsoft.MachineLearningServices/workspaces", + "apiVersion": "2023-08-01-preview", + "tags": "[parameters('tagValues')]", + "name": "[parameters('workspaceName')]", + "kind": "[parameters('kind')]", + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]", + "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]", + "[resourceId('Microsoft.Insights/components', parameters('applicationInsightsName'))]" + ], + "identity": "[parameters('identity')]", + "properties": { + "friendlyName": "[parameters('friendlyName')]", + "description": "[parameters('description')]", + "storageAccount": "[variables('storageAccount')]", + "keyVault": "[variables('keyVault')]", + "containerRegistry": "[if(not(equals(parameters('containerRegistryOption'), 'none')), variables('containerRegistry'), json('null'))]", + "applicationInsights": "[if(not(equals(parameters('applicationInsightsOption'), 'none')), variables('applicationInsights'), json('null'))]", + "hbiWorkspace": "[parameters('confidential_data')]", + "imageBuildCompute": "[parameters('imageBuildCompute')]", + "publicNetworkAccess": "[parameters('publicNetworkAccess')]", + "softDeleteEnabled": "[parameters('soft_delete_enabled')]", + "allowRecoverSoftDeletedWorkspace": "[parameters('allow_recover_softdeleted_workspace')]", + "encryption": { + "status": "[parameters('encryption_status')]", + "keyVaultProperties": { + "keyVaultArmId": "[parameters('cmk_keyvault')]", + "keyIdentifier": "[parameters('resource_cmk_uri')]" + }, + "cosmosDbArmId": "[parameters('encryption_cosmosdb_resourceid')]", + "storageAccountArmId": "[parameters('encryption_storage_resourceid')]", + "SearchAccountArmId": "[parameters('encryption_search_resourceid')]" + }, + "primaryUserAssignedIdentity": "[parameters('primaryUserAssignedIdentity')]", + "systemDatastoresAuthMode": "[parameters('systemDatastoresAuthMode')]", + "allowRoleAssignmentOnRG": "[parameters('allowRoleAssignmentOnRG')]", + "managedNetwork": "[parameters('managedNetwork')]", + "provisionNetworkNow": "[parameters('provisionNetworkNow')]", + "featureStoreSettings": { + "computeruntime": { + "SparkRuntimeVersion": "[parameters('spark_runtime_version')]" + } + }, + "enableDataIsolation": "[parameters('enable_data_isolation')]", + "workspaceHubConfig": "[parameters('workspace_hub_config')]", + "existingWorkspaces": "[parameters('existing_workspaces')]", + "serverlessComputeSettings": "[parameters('serverless_compute_settings')]" + }, + "resources":[ + { + "condition": "[equals(parameters('kind'), 'featurestore')]", + "type": "connections", + "apiVersion": "2022-05-01", + "name": "[if(empty(parameters('offline_store_connection_name')), 'empty', parameters('offline_store_connection_name'))]", + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('workspaceName'))]", + "[resourceId('Microsoft.Storage/storageAccounts/blobServices/containers', parameters('offline_store_storage_account_name'), 'default', parameters('offline_store_container_name'))]", + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('materialization_identity_name'))]" + ], + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "category": "AzureDataLakeGen2", + "target": "[variables('offlineStore')]", + "authType": "ManagedIdentity", + "credentials": { + "clientid": "[if(not(equals(parameters('materializationIdentityOption'), 'none')), reference(variables('materializationIdentity'), '2018-11-30').clientId, '')]", + "resourceid": "[variables('materializationIdentity')]" + } + } + }, + { + "condition": "[and(equals(parameters('kind'), 'featurestore'), not(empty(parameters('online_store_resource_id'))))]", + "type": "connections", + "apiVersion": "2022-05-01", + "name": "[if(empty(parameters('online_store_connection_name')), 'empty', parameters('online_store_connection_name'))]", + "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('workspaceName'))]", + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('materialization_identity_name'))]" + ], + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "category": "Redis", + "target": "[parameters('online_store_resource_id')]", + "authType": "ManagedIdentity", + "credentials": { + "clientid": "[if(not(equals(parameters('materializationIdentityOption'), 'none')), reference(variables('materializationIdentity'), '2018-11-30').clientId, '')]", + "resourceid": "[variables('materializationIdentity')]" + } + } + } + ] + }, + { + "condition":"[equals(parameters('kind'), 'featurestore')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2024-03-01", + "name": "[concat(parameters('workspaceName'), '-deploy-feature-store')]", + "dependsOn": [ + "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('workspaceName'))]", + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('materialization_identity_name'))]", + "[resourceId('Microsoft.MachineLearningServices/workspaces/connections', parameters('workspaceName'), parameters('offline_store_connection_name'))]", + "[resourceId('Microsoft.MachineLearningServices/workspaces/connections', parameters('workspaceName'), parameters('online_store_connection_name'))]" + ], + "properties": { + "mode": "Incremental", + "parameters": {}, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.1", + "resources": [ + { + "apiVersion": "2022-12-01-preview", + "name": "[parameters('workspaceName')]", + "location": "[parameters('location')]", + "kind": "featurestore", + "type": "Microsoft.MachineLearningServices/workspaces", + "identity": { + "type": "SystemAssigned,UserAssigned", + "userAssignedIdentities": { + "[variables('materializationIdentity')]": {} + } + }, + "properties": { + "friendlyName": "[parameters('friendlyName')]", + "description": "[parameters('description')]", + "storageAccount": "[variables('storageAccount')]", + "keyVault": "[variables('keyVault')]", + "applicationInsights": "[if(not(equals(parameters('applicationInsightsOption'), 'none')), variables('applicationInsights'), json('null'))]", + "containerRegistry": "[if(not(equals(parameters('containerRegistryOption'), 'none')), variables('containerRegistry'), json('null'))]", + "hbiWorkspace": "[parameters('confidential_data')]", + "imageBuildCompute": "[parameters('imageBuildCompute')]", + "publicNetworkAccess": "[parameters('publicNetworkAccess')]", + "softDeleteEnabled": "[parameters('soft_delete_enabled')]", + "allowRecoverSoftDeletedWorkspace": "[parameters('allow_recover_softdeleted_workspace')]", + "encryption": { + "status": "[parameters('encryption_status')]", + "keyVaultProperties": { + "keyVaultArmId": "[parameters('cmk_keyvault')]", + "keyIdentifier": "[parameters('resource_cmk_uri')]" + }, + "cosmosDbArmId": "[parameters('encryption_cosmosdb_resourceid')]", + "storageAccountArmId": "[parameters('encryption_storage_resourceid')]", + "SearchAccountArmId": "[parameters('encryption_search_resourceid')]" + }, + "primaryUserAssignedIdentity": "[parameters('primaryUserAssignedIdentity')]", + "systemDatastoresAuthMode": "[parameters('systemDatastoresAuthMode')]", + "allowRoleAssignmentOnRG": "[parameters('allowRoleAssignmentOnRG')]", + "managedNetwork": "[parameters('managedNetwork')]", + "provisionNetworkNow": "[parameters('provisionNetworkNow')]", + "featureStoreSettings": { + "computeruntime": { + "SparkRuntimeVersion": "[parameters('spark_runtime_version')]" + }, + "offlinestoreconnectionname": "[parameters('offline_store_connection_name')]", + "onlinestoreconnectionname": "[parameters('online_store_connection_name')]" + }, + "enableDataIsolation": "[parameters('enable_data_isolation')]" + } + } + ] + } + } + }, + { + "condition": "[and(equals(parameters('kind'), 'featurestore'), equals(parameters('grant_materialization_permissions'), 'true'))]", + "type": "Microsoft.Resources/deployments", + "name": "[concat('workspace-role-assign-', guid(variables('materializationIdentity'), resourceId('Microsoft.MachineLearningServices/workspaces', parameters('workspaceName')), 'azureml ds role'))]", + "apiVersion": "2020-06-01", + "dependsOn": [ + "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('workspaceName'))]", + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('materialization_identity_name'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + { + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(variables('materializationIdentity'), resourceId('Microsoft.MachineLearningServices/workspaces', parameters('workspaceName')), 'azureml ds role')]", + "scope": "[resourceId(resourceGroup().name, 'Microsoft.MachineLearningServices/workspaces', parameters('workspaceName'))]", + "location": "[parameters('location')]", + "properties": { + "roleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'f6c7c914-8db3-469d-8ca1-694a8f32e121')]", + "principalId": "[if(not(equals(parameters('materializationIdentityOption'), 'none')), reference(variables('materializationIdentity'), '2018-11-30').principalId, '')]", + "principalType": "ServicePrincipal" + } + } + ] + } + } + }, + { + "condition": "[and(equals(parameters('kind'), 'featurestore'), equals(parameters('grant_materialization_permissions'), 'true'), not(equals(parameters('materializationIdentityOption'), 'none')))]", + "type": "Microsoft.Resources/deployments", + "name": "[concat('offline-store-role-assign-', guid(variables('materializationIdentity'), variables('offlineStore'), 'storage blob data contributor'))]", + "apiVersion": "2020-06-01", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts/blobServices/containers', parameters('offline_store_storage_account_name'), 'default', parameters('offline_store_container_name'))]", + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('materialization_identity_name'))]" + ], + "resourceGroup": "[parameters('offline_store_resource_group_name')]", + "subscriptionId": "[parameters('offline_store_subscription_id')]", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + { + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(variables('materializationIdentity'), variables('offlineStore'), 'storage blob data contributor')]", + "scope": "[variables('offlineStore')]", + "location": "[parameters('location')]", + "properties": { + "roleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'ba92f5b4-2d11-453d-a403-e96b0029c9fe')]", + "principalId": "[if(not(equals(parameters('materializationIdentityOption'), 'none')), reference(variables('materializationIdentity'), '2023-01-31').principalId, '')]", + "principalType": "ServicePrincipal" + } + } + ] + } + } + }, + { + "condition": "[and(equals(parameters('kind'), 'featurestore'), equals(parameters('grant_materialization_permissions'), 'true'), not(equals(parameters('materializationIdentityOption'), 'none')), not(empty(parameters('online_store_resource_id'))))]", + "type": "Microsoft.Resources/deployments", + "name": "[concat('online-store-role-assign-', guid(variables('materializationIdentity'), parameters('online_store_resource_id'), 'contributor'))]", + "apiVersion": "2020-06-01", + "dependsOn": [ + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('materialization_identity_name'))]" + ], + "resourceGroup": "[parameters('online_store_resource_group_name')]", + "subscriptionId": "[parameters('online_store_subscription_id')]", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + { + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(variables('materializationIdentity'), parameters('online_store_resource_id'), 'contributor')]", + "scope": "[parameters('online_store_resource_id')]", + "location": "[parameters('location')]", + "properties": { + "roleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c')]", + "principalId": "[if(not(equals(parameters('materializationIdentityOption'), 'none')), reference(variables('materializationIdentity'), '2023-01-31').principalId, '')]", + "principalType": "ServicePrincipal" + } + } + ] + } + } + }, + { + "condition": "[and(equals(parameters('kind'), 'featurestore'), equals(parameters('grant_materialization_permissions'), 'true'), not(equals(parameters('materializationIdentityOption'), 'none')))]", + "type": "Microsoft.Resources/deployments", + "name": "[concat('ws-storage-role-assign-', guid(variables('materializationIdentity'), variables('storageAccount'), 'storage blob data contributor'))]", + "apiVersion": "2020-06-01", + "dependsOn": [ + "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('workspaceName'))]", + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('materialization_identity_name'))]" + ], + "resourceGroup": "[parameters('storageAccountResourceGroupName')]", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + { + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(variables('materializationIdentity'), variables('storageAccount'), 'storage blob data contributor')]", + "scope": "[variables('storageAccount')]", + "location": "[parameters('location')]", + "properties": { + "roleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'ba92f5b4-2d11-453d-a403-e96b0029c9fe')]", + "principalId": "[if(not(equals(parameters('materializationIdentityOption'), 'none')), reference(variables('materializationIdentity'), '2023-01-31').principalId, '')]", + "principalType": "ServicePrincipal" + } + } + ] + } + } + }, + { + "condition": "[and(variables('enablePE'), not(equals(parameters('privateEndpointType'), 'none')))]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "2020-06-01", + "name": "[variables('privateEndpointDeploymentName')]", + "resourceGroup": "[parameters('privateEndpointResourceGroupName')]", + "dependsOn": [ + "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('workspaceName'))]", + "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('subnetName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + { + "apiVersion": "2020-06-01", + "name": "[parameters('privateEndpointName')]", + "type": "Microsoft.Network/privateEndpoints", + "location": "[parameters('location')]", + "tags": "[parameters('tagValues')]", + "properties": { + "privateLinkServiceConnections": "[if(equals(parameters('privateEndpointType'), 'AutoApproval'), variables('defaultPEConnections'), json('null'))]", + "manualPrivateLinkServiceConnections": "[if(equals(parameters('privateEndpointType'), 'ManualApproval'), variables('defaultPEConnections'), json('null'))]", + "subnet": { + "id": "[variables('subnet')]" + } + } + } + ] + } + } + } + ] +} diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/workspace_param.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/workspace_param.json new file mode 100644 index 00000000..3ae37b73 --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/workspace_param.json @@ -0,0 +1,218 @@ +{ + "location": { + "value": "" + }, + "workspaceName": { + "value": "" + }, + "resourceGroupName": { + "value": "" + }, + "description": { + "value": "" + }, + "kind": { + "value": "Default" + }, + "friendlyName": { + "value": "" + }, + "tagValues": { + "value": {} + }, + "keyVaultOption": { + "value": "new" + }, + "keyVaultName": { + "value": "" + }, + "keyVaultResourceGroupName": { + "value": "" + }, + "associatedResourcePNA": { + "value": "Enabled" + }, + "storageAccountOption": { + "value": "new" + }, + "storageAccountName": { + "value": "" + }, + "storageAccountSubscriptionId": { + "value": "" + }, + "storageAccountResourceGroupName": { + "value": "" + }, + "applicationInsightsOption": { + "value": "new" + }, + "applicationInsightsName": { + "value": "" + }, + "logAnalyticsName": { + "value": "none" + }, + "logAnalyticsArmId": { + "value": "" + }, + "applicationInsightsResourceGroupName": { + "value": "" + }, + "containerRegistryOption": { + "value": "none" + }, + "containerRegistryName": { + "value": "name" + }, + "containerRegistryResourceGroupName": { + "value": "" + }, + "encryption_status": { + "value": "Disabled" + }, + "cmk_keyvault": { + "value": "" + }, + "resource_cmk_uri": { + "value": "" + }, + "privateEndpointName": { + "value": "name" + }, + "subnetOption": { + "value": "existing" + }, + "subnetName": { + "value": "default" + }, + "vnetOption": { + "value": "existing" + }, + "vnetName": { + "value": "name" + }, + "vnetResourceGroupName": { + "value": "name" + }, + "privateEndpointType": { + "value": "none" + }, + "privateEndpointResourceGroupName": { + "value": "name" + }, + "confidential_data": { + "value": "false" + }, + "imageBuildCompute": { + "value": "" + }, + "publicNetworkAccess": { + "value": "Enabled" + }, + "soft_delete_enabled": { + "value": "false" + }, + "allow_recover_softdeleted_workspace": { + "value": "false" + }, + "encryption_cosmosdb_resourceid": { + "value": "" + }, + "encryption_storage_resourceid": { + "value": "" + }, + "encryption_search_resourceid": { + "value": "" + }, + "identity": { + "value": {} + }, + "primaryUserAssignedIdentity": { + "value": "" + }, + "managedNetwork": { + "value": {} + }, + "provisionNetworkNow": { + "value": "false" + }, + "spark_runtime_version" : { + "value": null + }, + "offlineStoreStorageAccountOption": { + "value": null + }, + "offline_store_storage_account_name": { + "value": null + }, + "offline_store_container_name" : { + "value": null + }, + "offline_store_resource_group_name" : { + "value": null + }, + "offline_store_subscription_id" : { + "value": null + }, + "offline_store_connection_name" : { + "value": null + }, + "online_store_resource_id" : { + "value": null + }, + "online_store_resource_group_name" : { + "value": null + }, + "online_store_subscription_id" : { + "value": null + }, + "online_store_connection_name" : { + "value": null + }, + "grant_materialization_permissions" : { + "value": "true" + }, + "materializationIdentityOption": { + "value": null + }, + "materialization_identity_name": { + "value": null + }, + "materialization_identity_resource_group_name": { + "value": null + }, + "materialization_identity_subscription_id": { + "value": null + }, + "workspace_hub_config" : { + "value": {} + }, + "existing_workspaces" : { + "value": [] + }, + "workspace_hub" : { + "value": "" + }, + "enable_data_isolation": { + "value": "false" + }, + "allowRoleAssignmentOnRG": { + "value": "true" + }, + "serverless_compute_settings": { + "value": {} + }, + "systemDatastoresAuthMode": { + "value": "" + }, + "endpoint_resource_id": { + "value": "null" + }, + "endpoint_kind": { + "value": "AIServices" + }, + "endpoint_option": { + "value": "new" + } +} \ No newline at end of file diff --git a/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/workspace_project.json b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/workspace_project.json new file mode 100644 index 00000000..74d19bcb --- /dev/null +++ b/.venv/lib/python3.12/site-packages/azure/ai/ml/_arm_deployments/arm_templates/workspace_project.json @@ -0,0 +1,731 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "workspaceName": { + "type": "string", + "metadata": { + "description": "Specifies the name of the Azure Machine Learning workspace." + } + }, + "description": { + "type": "string", + "metadata": { + "description": "Description string." + } + }, + "friendlyName": { + "type": "string", + "metadata": { + "description": "Friendly name." + } + }, + "kind": { + "type": "string", + "defaultValue": "Default", + "metadata": { + "description": "Specifies the Kind of the workspace." + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Specifies the location for all resources." + } + }, + "resourceGroupName": { + "type": "string", + "metadata": { + "description": "Specifies the resource group name of the Azure Machine Learning workspace." + } + }, + "associatedResourcePNA": { + "type": "string", + "defaultValue": "Enabled", + "allowedValues": [ + "Enabled", + "Disabled" + ], + "metadata": { + "description": "Determines the PublicNetworkAccess mode of new workspace-associated resources provisioned alongside with workspace." + } + }, + "storageAccountOption": { + "type": "string", + "defaultValue": "new", + "allowedValues": [ + "new", + "existing" + ], + "metadata": { + "description": "Determines whether or not a new storage should be provisioned." + } + }, + "storageAccountName": { + "type": "string", + "defaultValue": "[concat('sa', uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of the storage account." + } + }, + "storageAccountType": { + "type": "string", + "defaultValue": "Standard_LRS" + }, + "storageAccountBehindVNet": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "Determines whether or not to put the storage account behind VNet" + } + }, + "storageAccountSubscriptionId": { + "type": "string", + "defaultValue": "[subscription().subscriptionId]" + }, + "storageAccountResourceGroupName": { + "type": "string", + "defaultValue": "[parameters('resourceGroupName')]" + }, + "storageAccountLocation": { + "type": "string", + "defaultValue": "[parameters('location')]" + }, + "keyVaultOption": { + "type": "string", + "defaultValue": "new", + "allowedValues": [ + "new", + "existing" + ], + "metadata": { + "description": "Determines whether or not a new key vault should be provisioned." + } + }, + "keyVaultName": { + "type": "string", + "defaultValue": "[concat('kv', uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of the key vault." + } + }, + "keyVaultBehindVNet": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "Determines whether or not to put the storage account behind VNet" + } + }, + "keyVaultResourceGroupName": { + "type": "string", + "defaultValue": "[parameters('resourceGroupName')]" + }, + "keyVaultLocation": { + "type": "string", + "defaultValue": "[parameters('location')]" + }, + "applicationInsightsOption": { + "type": "string", + "defaultValue": "new", + "allowedValues": [ + "new", + "existing", + "none" + ], + "metadata": { + "description": "Determines whether or not new ApplicationInsights should be provisioned." + } + }, + "logAnalyticsName": { + "type": "string", + "defaultValue": "[concat('la', uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of LogAnalytics to be used by ApplicationInsights resource." + } + }, + "logAnalyticsArmId": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "ARM Id of LogAnalytics to be used by ApplicationInsights resource." + } + }, + "applicationInsightsName": { + "type": "string", + "defaultValue": "[concat('ai', uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of ApplicationInsights." + } + }, + "applicationInsightsResourceGroupName": { + "type": "string", + "defaultValue": "[parameters('resourceGroupName')]" + }, + "applicationInsightsLocation": { + "type": "string", + "defaultValue": "[parameters('location')]" + }, + "containerRegistryOption": { + "type": "string", + "defaultValue": "none", + "allowedValues": [ + "new", + "none" + ], + "metadata": { + "description": "Determines whether or not a new container registry should be provisioned." + } + }, + "containerRegistryName": { + "type": "string", + "defaultValue": "[concat('cr', uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "The container registry bind to the workspace." + } + }, + "containerRegistrySku": { + "type": "string", + "defaultValue": "Standard", + "allowedValues": [ + "Basic", + "Standard", + "Premium" + ] + }, + "containerRegistryResourceGroupName": { + "type": "string", + "defaultValue": "[parameters('resourceGroupName')]" + }, + "containerRegistryBehindVNet": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "Determines whether or not to put container registry behind VNet." + } + }, + "containerRegistryLocation": { + "type": "string", + "defaultValue": "[parameters('location')]" + }, + "vnetOption": { + "type": "string", + "defaultValue": "[if(equals(parameters('privateEndpointType'), 'none'), 'none', 'new')]", + "allowedValues": [ + "new", + "existing", + "none" + ], + "metadata": { + "description": "Determines whether or not a new VNet should be provisioned." + } + }, + "vnetName": { + "type": "string", + "defaultValue": "[concat('vn',uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of the VNet" + } + }, + "vnetResourceGroupName": { + "type": "string", + "defaultValue": "[parameters('resourceGroupName')]" + }, + "addressPrefixes": { + "type": "array", + "defaultValue": [ + "10.0.0.0/16" + ], + "metadata": { + "description": "Address prefix of the virtual network" + } + }, + "subnetOption": { + "type": "string", + "defaultValue": "[if(or(not(equals(parameters('privateEndpointType'), 'none')), equals(parameters('vnetOption'), 'new')), 'new', 'none')]", + "allowedValues": [ + "new", + "existing", + "none" + ], + "metadata": { + "description": "Determines whether or not a new subnet should be provisioned." + } + }, + "subnetName": { + "type": "string", + "defaultValue": "[concat('sn',uniqueString(parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of the subnet" + } + }, + "subnetPrefix": { + "type": "string", + "defaultValue": "10.0.0.0/24", + "metadata": { + "description": "Subnet prefix of the virtual network" + } + }, + "adbWorkspace": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Azure Databrick workspace to be linked to the workspace" + } + }, + "confidential_data": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "false", + "true" + ], + "metadata": { + "description": "Specifies that the Azure Machine Learning workspace holds highly confidential data." + } + }, + "encryption_status": { + "type": "string", + "defaultValue": "Disabled", + "allowedValues": [ + "Enabled", + "Disabled" + ], + "metadata": { + "description": "Specifies if the Azure Machine Learning workspace should be encrypted with customer managed key." + } + }, + "cmk_keyvault": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Specifies the customer managed keyVault arm id." + } + }, + "resource_cmk_uri": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Specifies if the customer managed keyvault key uri." + } + }, + "privateEndpointType": { + "type": "string", + "defaultValue": "none", + "allowedValues": [ + "AutoApproval", + "ManualApproval", + "none" + ] + }, + "tagValues": { + "type": "object" + }, + "privateEndpointName": { + "type": "string", + "defaultValue": "pe", + "metadata": { + "description": "Name of the private end point added to the workspace" + } + }, + "privateEndpointResourceGroupName": { + "type": "string", + "defaultValue": "[parameters('resourceGroupName')]", + "metadata": { + "description": "Name of the resource group where the private end point is added to" + } + }, + "imageBuildCompute": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The name of the compute target to use for building environment Docker images with the container registry is behind a VNet." + } + }, + "publicNetworkAccess": { + "type": "string", + "defaultValue": "Enabled", + "allowedValues": [ + "Disabled", + "Enabled" + ], + "metadata": { + "description": "Whether to allow public endpoint connectivity when a workspace is private link enabled." + } + }, + "soft_delete_enabled": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "false", + "true" + ], + "metadata": { + "description": "Whether to create a workspace with soft delete capability" + } + }, + "allow_recover_softdeleted_workspace": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "false", + "true" + ], + "metadata": { + "description": "Whether to allow an existing soft-deleted workspace to be recovered" + } + }, + "encryption_cosmosdb_resourceid": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The Bring-Your-Own cosmosdb account that customer brings to store data" + } + }, + "encryption_storage_resourceid": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The Bring-Your-Own storage account that customer brings to store data" + } + }, + "encryption_search_resourceid": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The Bring-Your-Own search account that customer brings to store data" + } + }, + "identity": { + "type": "object", + "defaultValue": { + "type": "systemAssigned" + }, + "metadata": { + "description": "Managed identities assigned to workspace. If not specificed, SystemAssigned managed identity is the default." + } + }, + "primaryUserAssignedIdentity": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "ARM identifier of primary user assigned managed identity, in case multiple ones are specified. Also the default managed identity for clusterless compute." + } + }, + "managedNetwork": { + "type": "object", + "defaultValue": { + "isolationMode": "Disabled" + }, + "metadata": { + "description": "Managed network settings to be used for the workspace. If not specified, isolation mode Disabled is the default" + } + }, + "provisionNetworkNow": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "Set to provision the managed VNet with the default Options when creating a Workspace with the managed VNet enabled" + } + }, + "enable_data_isolation": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "false", + "true" + ], + "metadata": { + "description": "A flag to determine if workspace has data isolation enabled. The flag can only be set at the creation phase, it can't be updated." + } + }, + "storage_accounts" : { + "type": "array", + "defaultValue": [], + "metadata": { + "description": "A list of storage accounts used by Hub." + } + }, + "key_vaults" : { + "type": "array", + "defaultValue": [], + "metadata": { + "description": "A list of key vaults used by Hub." + } + }, + "container_registies" : { + "type": "array", + "defaultValue": [], + "metadata": { + "description": "A list of container registries used by Hub." + } + }, + "existing_workspaces" : { + "type": "array", + "defaultValue": [], + "metadata": { + "description": "A list of existing workspaces used by Hub to perform convert." + } + }, + "workspace_hub" : { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Resource Id of Hub used for lean workspace." + } + }, + "workspace_hub_config" : { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "Additional configuration for WorkspaceHub." + } + }, + "serverless_compute_settings": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "Serverless compute configuration." + } + }, + "endpoint_resource_id": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The resource id that this workspace hub's endpoints should reference." + } + }, + "endpoint_kind": { + "type": "string", + "defaultValue": "AIServices", + "metadata": { + "description": "The kind of endpoints this workspace hub ought to contain." + } + }, + "endpoint_option": { + "type": "string", + "defaultValue": "new", + "metadata": { + "description": "Testing value. Do not touch." + } + }, + "spark_runtime_version": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "spark version to be used by all feature sets" + } + }, + "offlineStoreStorageAccountOption": { + "type": "string", + "defaultValue": "none", + "allowedValues": [ + "new", + "existing", + "none" + ], + "metadata": { + "description": "Determines whether or not to provision a feature store offline store storage account" + } + }, + "offline_store_storage_account_name": { + "type": "string", + "defaultValue": "[concat('sa', uniqueString('featurestore', parameters('resourceGroupName'), parameters('workspaceName')))]", + "metadata": { + "description": "Name of the feature store storage account." + } + }, + "offline_store_container_name": { + "type": "string", + "defaultValue": "[concat('offlinestore', newGuid())]", + "metadata": { + "description": "Feature store offline store container" + } + }, + "offline_store_resource_group_name": { + "type": "string", + "defaultValue": "[resourceGroup().name]", + "metadata": { + "description": "Feature store offline store resource group" + } + }, + "offline_store_subscription_id": { + "type": "string", + "defaultValue": "[subscription().subscriptionId]", + "metadata": { + "description": "Feature store offline store subscription id" + } + }, + "offline_store_connection_name": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store offline store config" + } + }, + "online_store_resource_id": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store online store resource id" + } + }, + "online_store_resource_group_name": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store online store resource group" + } + }, + "online_store_subscription_id": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store online store subscription id" + } + }, + "online_store_connection_name": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Feature store online store config" + } + }, + "materializationIdentityOption": { + "type": "string", + "defaultValue": "none", + "allowedValues": [ + "new", + "existing", + "none" + ], + "metadata": { + "description": "Determines whether or not to provision a materialization identity" + } + }, + "materialization_identity_name": { + "type": "string", + "defaultValue": "empty", + "metadata": { + "description": "Feature store materialization identity name" + } + }, + "materialization_identity_subscription_id": { + "type": "string", + "defaultValue": "[subscription().subscriptionId]", + "metadata": { + "description": "Feature store materialization identity subscription id" + } + }, + "materialization_identity_resource_group_name": { + "type": "string", + "defaultValue": "[resourceGroup().name]", + "metadata": { + "description": "Feature store materialization identity resource group name" + } + }, + "grant_materialization_permissions": { + "type": "string", + "defaultValue": "false", + "allowedValues": [ + "false", + "true" + ], + "metadata": { + "description": "Whether to grant materialization identity permissions" + } + }, + "allowRoleAssignmentOnRG": { + "type": "string", + "defaultValue": "true", + "allowedValues": [ + "true", + "false" + ], + "metadata": { + "description": "Unused for projects, but required due to interdependency of normal and project ARM templates." + } + }, + + "systemDatastoresAuthMode": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "Unused for projects, but required due to interdependency of normal and project ARM templates" + } + } + }, + "variables": { + "tenantId": "[subscription().tenantId]", + "storageAccount": "[resourceId(parameters('storageAccountSubscriptionId'), parameters('storageAccountResourceGroupName'), 'Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]", + "keyVault": "[resourceId(parameters('keyVaultResourceGroupName'), 'Microsoft.KeyVault/vaults', parameters('keyVaultName'))]", + "containerRegistry": "[resourceId(parameters('containerRegistryResourceGroupName'), 'Microsoft.ContainerRegistry/registries', parameters('containerRegistryName'))]", + "applicationInsights": "[resourceId(parameters('applicationInsightsResourceGroupName'), 'Microsoft.Insights/components', parameters('applicationInsightsName'))]", + "vnet": "[resourceId(parameters('vnetResourceGroupName'), 'Microsoft.Network/virtualNetworks', parameters('vnetName'))]", + "subnet": "[resourceId(parameters('vnetResourceGroupName'), 'Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('subnetName'))]", + "enablePE": true, + "networkRuleSetBehindVNet": { + "defaultAction": "deny", + "virtualNetworkRules": [ + { + "action": "Allow", + "id": "[variables('subnet')]" + } + ] + }, + "privateEndpointSettings": { + "name": "[concat(parameters('workspaceName'), '-PrivateEndpoint')]", + "properties": { + "privateLinkServiceId": "[resourceId('Microsoft.MachineLearningServices/workspaces', parameters('workspaceName'))]", + "groupIds": [ + "amlworkspace" + ] + } + }, + "defaultPEConnections": "[array(variables('privateEndpointSettings'))]", + "privateEndpointDeploymentName": "[concat('DeployPrivateEndpoint-', uniqueString(parameters('privateEndpointName')))]", + "offlineStoreConnectionName": "[if(equals(parameters('offline_store_connection_name'), ''), 'OfflineStoreConnectionName', parameters('offline_store_connection_name'))]", + "onlineStoreConnectionName": "[if(equals(parameters('online_store_connection_name'), ''), 'OnlineStoreConnectionName', parameters('online_store_connection_name'))]", + "isWorkspaceHub": "[equals(parameters('kind'), 'hub')]", + "storageAccountList": ["[variables('storageAccount')]"], + "keyVaultList": ["[variables('keyVault')]"], + "emptyArray": [], + "containerRegistryList": "[if(not(equals(parameters('containerRegistryOption'), 'none')), array(variables('containerRegistry')), variables('emptyArray'))]" + }, + "resources": [ + { + "condition": "[variables('enablePE')]", + "type": "Microsoft.MachineLearningServices/workspaces", + "apiVersion": "2023-08-01-preview", + "tags": "[parameters('tagValues')]", + "name": "[parameters('workspaceName')]", + "kind": "[parameters('kind')]", + "location": "[parameters('location')]", + "identity": "[parameters('identity')]", + "properties": { + "friendlyName": "[parameters('friendlyName')]", + "description": "[parameters('description')]", + "primaryUserAssignedIdentity": "[parameters('primaryUserAssignedIdentity')]", + "hubResourceId": "[parameters('workspace_hub')]", + "enableDataIsolation": "[parameters('enable_data_isolation')]", + "publicNetworkAccess": "[parameters('publicNetworkAccess')]", + "serverlessComputeSettings": "[parameters('serverless_compute_settings')]" + } + } + ] +} |