Data Sources

Data sources available for use by the ICS community

Platforms

ICS supported platforms.

Teams

ICS Teams


Menu Button Menu Button

Resource Group: rg-i2db-chat-sandbox

Overview

The resource group rg-i2db-chat-sandbox is designed to support a chat-based application development environment. It comprises several Azure services including cognitive services, databases, storage accounts, web applications, and log analytics. The goal of this resource group is to provide developers with integrated tools for building, analyzing, deploying, and managing intelligent applications.

Resources

Cognitive Services

  1. OpenAI Account

    • Type: Microsoft.CognitiveServices/accounts
    • Name: i2db-chat-sandboxaizehuif2whye3c
    • Purpose: This resource enables the use of OpenAI models, which can be deployed for various AI-driven functionalities, including chat features and natural language processing.
    • Configuration:
      • Location: North Central US
      • SKU: Standard tier (S0)
      • Public Network Access: Enabled

  2. Form Recognizer Account

    • Type: Microsoft.CognitiveServices/accounts
    • Name: i2db-chat-sandbox-form-zehuif2whye3c
    • Purpose: Provides capabilities for document processing and extraction of structured data from forms.
    • Configuration:
      • Location: Central US
      • SKU: Standard tier (S0)
      • Public Network Access: Enabled

  3. Speech Services Account

    • Type: Microsoft.CognitiveServices/accounts
    • Name: i2db-chat-sandbox-speech-zehuif2whye3c
    • Purpose: Offers features for speech to text, text to speech, and other audio processing functions.
    • Configuration:
      • Location: Central US
      • SKU: Standard tier (S0)
      • Public Network Access: Enabled

Storage Accounts

  1. Storage Account
    • Type: Microsoft.Storage/storageAccounts
    • Name: i2dbchatsanboxpoc
    • Purpose: Used for storing blob data, file shares, queues, and tables.
    • Configuration:
      • Location: Central US
      • SKU: Standard Redundant (RA-GRS)
      • Public Network Access: Enabled
      • Sub-resources include various blob service endpoints and features such as blob containers.

Cosmos DB

  1. Cosmos DB Account
    • Type: Microsoft.DocumentDB/databaseAccounts
    • Name: i2db-chat-sandbox-cosmos-zehuif2whye3c
    • Purpose: A globally distributed database service ideal for adding real-time data processing capabilities to chat applications.
    • Configuration:
      • Location: Central US
      • Backup Policy: Geo-redundant
      • Public Network Access: Enabled
      • Database Containers include:
        • history: Stores historical chat messages with throughput settings.
        • users: Stores user data with throughput settings.
        • Throughput: Set to 400 RU/s for each container.

Web Apps

  1. Web Application
    • Type: Microsoft.Web/sites
    • Name: i2db-chat-sandbox-webapp-zehuif2whye3c
    • Purpose: Hosts the front-end application where users interact.
    • Configuration:
      • Location: Central US
      • SKU: Premium plan with HTTPS enabled, IP restriction to allow all traffic, and environment variables configured for deployment.

Log Analytics Workspace

  1. Log Analytics Workspace
    • Type: Microsoft.OperationalInsights/workspaces
    • Name: i2db-chat-sandbox-la-zehuif2whye3c
    • Purpose: Collects and analyzes logs from various resources deployed within the resource group.
    • Configuration:
      • Location: Central US
      • Retention in Days: 30

Data Storage

Data storage within this resource group is managed across multiple services:

  • Cosmos DB is used to manage dynamic datasets including user details and historical messages.
  • Storage Accounts handle blob storage for any documents, media, or application data used by the web app.
  • Data is retained within the Cosmos DB with built-in redundancy and scalability capabilities to ensure that the data remains accessible across regional outages.

Networking

The resource group does not explicitly define its network configurations within the provided ARM template content:

  • Public Access is enabled for several services, indicating that communication with external networks is allowed.
  • Consider utilizing Azure Virtual Network for isolation, security, and interconnectivity among services for optimal security and performance.

Security Overview

  • Public Network Access: This is enabled for many resources. It is recommended to review and restrict unnecessary public access and to utilize Virtual Networks (VNets) and Network Security Groups (NSGs) to control traffic.
  • Key Vault: Secrets associated with storage accounts and databases are stored securely, thereby mitigating the risk of exposed sensitive information.
  • IP Restrictions: IP access control policies can significantly decrease possible attack vectors.
  • Identity Management: Ensure that only legitimate identities/roles have access to critical resources through Azure RBAC.

Other Information

  • Cost Management: Monitoring and managing costs is particularly important and should be done using Azure Cost Management tools to track resource usage.
  • Scalability: Each resource, such as the Cosmos DB and Web App, has defined throughput settings, allowing for scalability based on application load.
  • Consider implementing alerts in the Log Analytics workspace to proactively handle any irregularities in application performance or security incidents.

This documentation provides insights into how various Azure services are interconnected within this resource group and their roles in supporting the chat-based application architecture. Proper attention to security settings and network configurations will ensure robust reliability and protection of resources.

Note: This document was generated using the Azure Assistants script and an LLM

Table of Contents

Updated on October 29, 2024