File tree Expand file tree Collapse file tree 1 file changed +13
-1
lines changed
Expand file tree Collapse file tree 1 file changed +13
-1
lines changed Original file line number Diff line number Diff line change @@ -153,6 +153,15 @@ module kvault 'deploy_keyvault.bicep' = {
153153 scope : resourceGroup (resourceGroup ().name )
154154}
155155
156+ // First, add this section to store the AI Services key in Key Vault
157+ resource aiServicesKeySecret 'Microsoft.KeyVault/vaults/secrets@2022-07-01' = {
158+ name : '${kvault .outputs .keyvaultName }/aiServicesKey'
159+ properties : {
160+ value : aiServices .listKeys ().key1
161+ }
162+ }
163+
164+ // Then modify the aifoundry module to reference the secret securely
156165module aifoundry 'deploy_ai_foundry.bicep' = {
157166 name : 'deploy_ai_foundry'
158167 params : {
@@ -163,10 +172,13 @@ module aifoundry 'deploy_ai_foundry.bicep' = {
163172 gptModelVersion : gptModelVersion
164173 managedIdentityObjectId : managedIdentityModule .outputs .managedIdentityOutput .objectId
165174 aiServicesEndpoint : aiServices .properties .endpoint
166- aiServicesKey : aiServices . listKeys (). key1
175+ aiServicesKey : '@Microsoft.KeyVault(SecretUri=${ kvault . outputs . keyVaultUri }secrets/aiServicesKey/)'
167176 aiServicesId : aiServices .id
168177 }
169178 scope : resourceGroup (resourceGroup ().name )
179+ dependsOn : [
180+ aiServicesKeySecret
181+ ]
170182}
171183
172184resource aoaiUserRoleDefinition 'Microsoft.Authorization/roleDefinitions@2022-05-01-preview' existing = {
You can’t perform that action at this time.
0 commit comments