Enforce RBAC only for non-free search service (#1502)

* Configure Azure Developer Pipeline

* Configure Azure Developer Pipeline

* Update pricing calculator link

* Enforce RBAC only for search service

* Rm unneeded change

* Remove it from main.bicep

Author: pamelafox

infra/core/search/search-services.bicep

@@ -47,7 +47,7 @@ resource search 'Microsoft.Search/searchServices@2021-04-01-preview' = {
   // The free tier does not support managed identity
   identity: searchIdentityProvider
   properties: {
-    authOptions: authOptions
+    authOptions: disableLocalAuth ? null : authOptions
     disableLocalAuth: disableLocalAuth
     disabledDataExfiltrationOptions: disabledDataExfiltrationOptions
     encryptionWithCmk: encryptionWithCmk

infra/main.bicep

@@ -418,11 +418,7 @@ module searchService 'core/search/search-services.bicep' = {
     name: !empty(searchServiceName) ? searchServiceName : 'gptkb-${resourceToken}'
     location: !empty(searchServiceLocation) ? searchServiceLocation : location
     tags: tags
-    authOptions: {
-      aadOrApiKey: {
-        aadAuthFailureMode: 'http401WithBearerChallenge'
-      }
-    }
+    disableLocalAuth: !useSearchServiceKey
     sku: {
       name: searchServiceSkuName
     }