Update to speed aisearch deployment

deployment/terraform/infra/modules/aisearch/aisearch-datasource.tf

@@ -29,7 +29,6 @@ resource "null_resource" "create_datasource" {
     always_run = "${timestamp()}"
   }
   depends_on = [
-    azurerm_search_service.search_service,
     local_file.datasource_config,
     azurerm_role_assignment.storage_blob_data_to_search_service,
     azurerm_role_assignment.search_service_contributor,

deployment/terraform/infra/modules/aisearch/aisearch-index.tf

@@ -30,7 +30,6 @@ resource "null_resource" "create_index" {
     always_run = "${timestamp()}"
   }
   depends_on = [
-    azurerm_search_service.search_service,
     local_file.index_config,
     null_resource.create_datasource,
     azurerm_role_assignment.storage_blob_data_to_search_service,

deployment/terraform/infra/modules/aisearch/aisearch-indexer.tf

@@ -36,7 +36,6 @@ resource "null_resource" "create_indexer" {
     always_run = "${timestamp()}"
   }
   depends_on = [
-    azurerm_search_service.search_service,
     local_file.indexer_config,
     null_resource.create_datasource,
     null_resource.create_index,

deployment/terraform/infra/modules/aisearch/aisearch-skillset.tf

@@ -35,7 +35,6 @@ resource "null_resource" "create_skillset" {
     always_run = "${timestamp()}"
   }
   depends_on = [
-    azurerm_search_service.search_service,
     local_file.skillset_config,
     null_resource.create_index,
     null_resource.create_datasource,

deployment/terraform/infra/modules/aisearch/connectivity.tf

@@ -2,7 +2,7 @@ resource "null_resource" "ai_search_disable_public_network_access" {
   provisioner "local-exec" {
     interpreter = local.is_windows ? ["PowerShell", "-Command"] : []
     command     = <<-EOT
-      az search service update --resource-group ${var.resource_group_name} --name ${var.search_service_name} --public-network-access ${var.public_network_access_enabled ? "enabled" : "disabled"}
+      az search service update --resource-group ${var.resource_group_name} --name ${var.search_service_name} --public-network-access ${var.public_network_access_enabled ? "enabled" : "disabled"} --no-wait
     EOT
   }
   triggers = {
@@ -30,7 +30,7 @@ resource "azurerm_private_endpoint" "private_endpoint_search_service" {
   private_service_connection {
     name                           = "${var.search_service_name}-pe"
     is_manual_connection           = false
-    private_connection_resource_id = azurerm_search_service.search_service.id
+    private_connection_resource_id = var.search_service_resource_id
     subresource_names              = ["searchService"]
   }
   subnet_id = var.subnet_id
@@ -41,30 +41,27 @@ resource "azurerm_private_endpoint" "private_endpoint_search_service" {
   }
 }
 
-resource "azurerm_search_shared_private_link_service" "shared_private_link_search_service_aoai" {
-  depends_on         = [azurerm_private_endpoint.private_endpoint_search_service]
-  name               = "${var.search_service_name}-spa-aoai"
-  search_service_id  = azurerm_search_service.search_service.id
-  subresource_name   = "openai_account"
-  target_resource_id = var.openai_account_id
-  request_message    = "Auto-Approved"
-}
-
 resource "azurerm_search_shared_private_link_service" "shared_private_link_search_service_blob" {
-  # Looks like only one private link can be created at a time. So, we need to process them sequentially.
-  # Otherwise we may get 409 Conflict error.
-  depends_on         = [azurerm_search_shared_private_link_service.shared_private_link_search_service_aoai]
   name               = "${var.search_service_name}-spa-blob"
-  search_service_id  = azurerm_search_service.search_service.id
+  search_service_id  = var.search_service_resource_id
   subresource_name   = "blob"
   target_resource_id = var.storage_account_id
   request_message    = "Auto-Approved"
 }
 
-resource "azurerm_search_shared_private_link_service" "shared_private_link_ai_vision" {
+resource "azurerm_search_shared_private_link_service" "shared_private_link_search_service_aoai" {
   depends_on         = [azurerm_search_shared_private_link_service.shared_private_link_search_service_blob]
+  name               = "${var.search_service_name}-spa-aoai"
+  search_service_id  = var.search_service_resource_id
+  subresource_name   = "openai_account"
+  target_resource_id = var.openai_account_id
+  request_message    = "Auto-Approved"
+}
+
+resource "azurerm_search_shared_private_link_service" "shared_private_link_ai_vision" {
+  depends_on         = [azurerm_search_shared_private_link_service.shared_private_link_search_service_aoai]
   name               = "${var.search_service_name}-spa-cog-cv"
-  search_service_id  = azurerm_search_service.search_service.id
+  search_service_id  = var.search_service_resource_id
   subresource_name   = "cognitiveservices_account"
   target_resource_id = var.vision_id
   request_message    = "Auto-Approved"
@@ -73,7 +70,7 @@ resource "azurerm_search_shared_private_link_service" "shared_private_link_ai_vi
 resource "azurerm_search_shared_private_link_service" "shared_private_link_ai_multi-service" {
   depends_on         = [azurerm_search_shared_private_link_service.shared_private_link_ai_vision]
   name               = "${var.search_service_name}-spa-cog-multi"
-  search_service_id  = azurerm_search_service.search_service.id
+  search_service_id  = var.search_service_resource_id
   subresource_name   = "cognitiveservices_account"
   target_resource_id = var.cognitive_account_id
   request_message    = "Auto-Approved"
@@ -82,7 +79,7 @@ resource "azurerm_search_shared_private_link_service" "shared_private_link_ai_mu
 resource "azurerm_search_shared_private_link_service" "shared_private_link_function" {
   depends_on         = [azurerm_search_shared_private_link_service.shared_private_link_ai_multi-service]
   name               = "${var.search_service_name}-spa-func"
-  search_service_id  = azurerm_search_service.search_service.id
+  search_service_id  = var.search_service_resource_id
   subresource_name   = "sites"
   target_resource_id = var.function_id
   request_message    = "Auto-Approved"

deployment/terraform/infra/modules/aisearch/data.tf

@@ -1,7 +1,7 @@
 data "azurerm_client_config" "current" {}
 
 data "azurerm_monitor_diagnostic_categories" "diagnostic_categories_search_service" {
-  resource_id = azurerm_search_service.search_service.id
+  resource_id = var.search_service_resource_id
 }
 data "azapi_resource" "openai_account_pe_connections" {
   type                   = "Microsoft.CognitiveServices/accounts@2024-10-01"

deployment/terraform/infra/modules/aisearch/logging.tf

@@ -1,7 +1,7 @@
 
 resource "azurerm_monitor_diagnostic_setting" "diagnostic_setting_search_service" {
   name                       = "logAnalytics"
-  target_resource_id         = azurerm_search_service.search_service.id
+  target_resource_id         = var.search_service_resource_id
   log_analytics_workspace_id = var.log_analytics_workspace_id
 
   dynamic "enabled_log" {

deployment/terraform/infra/modules/aisearch/outputs.tf

@@ -1,27 +1,3 @@
-output "search_service_identity" {
-  description = "The system managed identity principalid of the search service account."
-  value       = azurerm_search_service.search_service.identity[0].principal_id
-}
-
-output "search_service_resource_id" {
-  description = "The ID of the search service ."
-  value       = azurerm_search_service.search_service.id
-}
-
-output "search_service_name" {
-  description = "The name of the search service."
-  value       = azurerm_search_service.search_service.name
-}
-
-data "azuread_service_principal" "search_service_principal" {
-  object_id = azurerm_search_service.search_service.identity[0].principal_id
-}
-
-output "managed_identity_application_id" {
-  value = data.azuread_service_principal.search_service_principal.client_id
-}
-
-
 output "search_service_index_name" {
   value = var.search_service_index_name
 }
@@ -34,3 +10,15 @@ output "search_service_skillset_name" {
 output "search_service_datasource_name" {
   value = var.search_service_datasource_name
 }
+output "search_service_identity" {
+  value = var.search_service_identity
+}
+output "search_service_resource_id" {
+  value = var.search_service_resource_id
+}
+output "search_service_name" {
+  value = var.search_service_name
+}
+output "managed_identity_application_id" {
+  value = var.search_service_identity
+}

deployment/terraform/infra/modules/aisearch/roleassignments.tf

@@ -1,23 +1,23 @@
 resource "azurerm_role_assignment" "search_service_contributor" {
-  scope                = azurerm_search_service.search_service.id
+  scope                = var.search_service_resource_id
   role_definition_name = "Search Service Contributor"
   principal_id         = data.azurerm_client_config.current.object_id
 }
 
 resource "azurerm_role_assignment" "search_index_data_contributor" {
-  scope                = azurerm_search_service.search_service.id
+  scope                = var.search_service_resource_id
   role_definition_name = "Search Index Data Contributor"
   principal_id         = data.azurerm_client_config.current.object_id
 }
 
 resource "azurerm_role_assignment" "storage_blob_data_to_search_service" {
   scope                = var.storage_account_id
   role_definition_name = "Storage Blob Data Reader"
-  principal_id         = azurerm_search_service.search_service.identity[0].principal_id
+  principal_id         = var.search_service_identity
 }
 
 resource "azurerm_role_assignment" "knowledgestore_blob_data_to_search_service" {
   scope                = var.knowledgestore_storage_account_id
   role_definition_name = "Storage Blob Data Contributor"
-  principal_id         = azurerm_search_service.search_service.identity[0].principal_id
+  principal_id         = var.search_service_identity
 }

deployment/terraform/infra/modules/aisearch/searchonly/aisearch.tf

@@ -0,0 +1,19 @@
+resource "azurerm_search_service" "search_service" {
+  name                = var.search_service_name
+  location            = var.location
+  resource_group_name = var.resource_group_name
+  tags                = var.tags
+  identity {
+    type = "SystemAssigned"
+  }
+
+  allowed_ips  = []
+  hosting_mode = "default"
+
+  sku                                      = var.search_service_sku
+  semantic_search_sku                      = var.semantic_search_sku
+  partition_count                          = var.search_service_partition_count
+  replica_count                            = var.search_service_replica_count
+  local_authentication_enabled             = false
+  customer_managed_key_enforcement_enabled = false
+}

deployment/terraform/infra/modules/aisearch/searchonly/outputs.tf

@@ -0,0 +1,22 @@
+output "search_service_name" {
+  description = "The name of the search service."
+  value       = azurerm_search_service.search_service.name
+}
+
+output "search_service_resource_id" {
+  description = "The ID of the search service ."
+  value       = azurerm_search_service.search_service.id
+}
+
+output "search_service_identity" {
+  description = "The system managed identity principalid of the search service account."
+  value       = azurerm_search_service.search_service.identity[0].principal_id
+}
+
+data "azuread_service_principal" "search_service_principal" {
+  object_id = azurerm_search_service.search_service.identity[0].principal_id
+}
+
+output "managed_identity_application_id" {
+  value = data.azuread_service_principal.search_service_principal.client_id
+}

deployment/terraform/infra/modules/aisearch/searchonly/variables.tf

@@ -0,0 +1,82 @@
+# General variables
+variable "location" {
+  description = "Specifies the location of the search service."
+  type        = string
+  sensitive   = false
+  validation {
+    condition     = contains(["eastus", "westus", "westus2", "francecentral", "northeurope", "westeurope", "swedencentral", "switzerlandnorth", "australiaeast", "southeastasia", "koreacentral", "japaneast"], var.location)
+    error_message = <<EOT
+    Please specify a region for search service that supports Multimodal embeddings
+    Valid values at the time this code published are:
+      - eastus
+      - westus
+      - westus2
+      - francecentral
+      - northeurope
+      - westeurope
+      - swedencentral
+      - switzerlandnorth
+      - australiaeast
+      - southeastasia
+      - koreacentral
+      - japaneast
+    Regions that support multimodal embeddings are published here
+    https://learn.microsoft.com/en-us/azure/ai-services/computer-vision/overview-image-analysis?tabs=4-0#region-availability
+    EOT
+  }
+}
+
+variable "resource_group_name" {
+  description = "Specifies the name of the resource group."
+  type        = string
+  sensitive   = false
+  validation {
+    condition     = length(var.resource_group_name) >= 2
+    error_message = "Please specify a valid name longer than 2 characters."
+  }
+}
+
+variable "tags" {
+  description = "Specifies the tags that you want to apply to all resources."
+  type        = map(string)
+  sensitive   = false
+  default     = {}
+}
+
+variable "search_service_name" {
+  description = "Specifies the name of the search service."
+  type        = string
+  sensitive   = false
+  validation {
+    condition     = length(var.search_service_name) >= 2
+    error_message = "Please specify a valid name longer than 2 characters."
+  }
+}
+
+variable "search_service_sku" {
+  description = "Specifies the SKU for the search service"
+  type        = string
+  sensitive   = false
+  default     = "standard"
+}
+
+variable "semantic_search_sku" {
+  description = "Specifies the SKU for the semantic search"
+  type        = string
+  sensitive   = false
+  default     = "standard"
+}
+
+variable "search_service_partition_count" {
+  description = "Specifies the number of partitions in the search service."
+  type        = number
+  sensitive   = false
+  default     = 1
+}
+
+variable "search_service_replica_count" {
+  description = "Specifies the number of replicas in the search service."
+  type        = number
+  sensitive   = false
+  default     = 1
+}