install.md done!

Author: nicolgit

INSTALL.md

@@ -7,33 +7,73 @@ az-firewall-mon once installed in your environment will result in the following
 The steps to follow to install a private copy of az-firewall-mon in your environment are:
 
 * Fork the GitHub repository
+* Create a GitHub Personal Access Token (PAT)
 * Create all Azure resources
 * Configure the GitHub Action to deploy both the SPA and the backend API
 * Environment variables
 
 # Fork the GitHub repository
 
-The first thing to do is clone the az-firewall-mon repository; this repository holds all the source code of az-firewall-mon. This will also allow to pull down and build the latest changes and updates from original repo having the stability of maintaining a own personal copy.
+The first thing to do is clone the az-firewall-mon repository. This will also allow you to pull down and build the latest changes and updates from the original repo while having the stability of maintaining your own personal copy.
 
 * Navigate to: <https://github.com/nicolgit/azure-firewall-mon>.
 * Click Fork > create a new fork (top right of the repository)
 * Click [Create fork]
-* You have now a fork of the 'az-firewall-mon' repository; when a new update comes out - you can also select 'Sync fork' - to keep your fork up-to-date and trigger a new build.
 
+> You have now a fork of the 'az-firewall-mon' repository; when a new update comes out - you can also select 'Sync fork' - to keep your fork up-to-date and trigger a new build.
+
+# Create a GitHub Personal Access Token (PAT)
+
+1. Go to your GitHub account settings
+2. Select **Developer settings** > **Personal access tokens** > **Tokens (classic)** (<https://github.com/settings/tokens>)
+3. Click **Generate new token** > **Generate new token (classic)**
+4. Give your token a name like "Azure Static Web App Deployment"
+5. Expiration: `No Expiration`
+6. Select the following scopes:
+   - `repo` (Full control of private repositories)
+   - `workflow` (Update GitHub Action workflows)
+7. Click **Generate token**
+8. **Copy your token** (you won't be able to see it again)
 
 # Create all Azure resources
-An instance of az-firewall-mon is composeb by
+An instance of `az-firewall-mon` is composed of:
 * 1 Azure Static Web App (standard plan)
-* 1 Azure Map account
+* 1 Azure Maps account
 * 1 Azure OpenAI account
-* 1 Application insight instance
+* 1 Application Insights instance
 
-All these resources can be deployed on your subscription clicking the button below:
+All these resources can be deployed to your subscription by clicking the button below:
 
 [![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fnicolgit%2Fazure-firewall-mon%2Fmain%2Fbicep%2Fsetup.json)
 
-# Configure the GitHub Action to deploy both the SPA and the backend API
+Remember to fill in the following parameters:
+   - `staticWebAppName`: Name for your static web app
+   - `repositoryUrl`: Your GitHub repository URL (e.g., `https://github.com/username/azure-firewall-mon`)
+   - `repositoryToken`: Your GitHub PAT created in the above paragraph
+   - `branch`: Your main branch ('main')
+
+This will create an action in your repository that will build and deploy the solution to Azure.
+
+Go to <https://github.com/YOURGITHUBACCOUNT/azure-firewall-mon/actions> to see the deployment status. When deployment is complete, go to Azure Portal > Static Web Apps > View app in browser
+
+# Environment variables 
+
+az-firewall-mon requires a few environment variables to work. These variables are configured automatically by the deployment. Here's the reference in case you want to change any:
+
+ APPLICATIONINSIGHTS_CONNECTION_STRING: Application Insights connection string 
+    
+Azure Maps settings
+* **ip_api_key**: Azure Maps API key
+* **ip_throttling_calls**: '1'
+* **ip_throttling_window_milliseconds**: '1000'
 
+IP API will return a 429 status code if you make more than 1 call to IP API per second (1000 milliseconds)
 
+Azure OpenAI settings
+* **aoai_api_key**: Azure OpenAI key
+* **aoai_endpoint**: Azure OpenAI endpoint
+* **aoai_deployment**: Azure OpenAI deployment name
 
-# Environment variables 
+* **llm_throttling_calls**: '5'
+* **llm_throttling_window_milliseconds**: '60000'
+Chat API will return a 429 status code if you make more than 5 calls per minute (60000 milliseconds)

bicep/setup.bicep

@@ -1,14 +1,24 @@
 @description('Name of the Static Web App')
 param staticWebAppName string = 'my-firewall-mon-web'
 
+@description('GitHub repository URL for the Static Web App')
+param repositoryUrl string
+
+@description('GitHub repository token for the Static Web App deployment')
+@secure()
+param repositoryToken string
+
+@description('GitHub repository branch for the Static Web App deployment')
+param branch string = 'main'
+
 @description('Name of the Application Insights instance')
 param appInsightsName string = 'firewall-mon-insights'
 
 @description('Name of the Azure Maps Account')
-param mapsAccountName string = 'firewall-mon-maps'
+param mapsAccountName string = 'firewall-mon-maps-${uniqueString(resourceGroup().id)}'
 
 @description('Name of the Azure OpenAI Account')
-param openAiAccountName string = 'firewall-mon-openai'
+param openAiAccountName string = 'firewall-mon-openai-${uniqueString(resourceGroup().id)}'
 
 @description('Name of the GPT-4o model deployment')
 param gpt4oDeploymentName string = 'gpt4o'
@@ -29,6 +39,7 @@ param retentionInDays int = 90
 @allowed(['PerGB2018', 'Free', 'PerNode', 'Standard', 'Standalone', 'Premium'])
 param logAnalyticsSku string = 'PerGB2018'
 
+
 resource staticWebApp 'Microsoft.Web/staticSites@2023-01-01' = {
   name: staticWebAppName
   location: resourceGroup().location
@@ -37,8 +48,15 @@ resource staticWebApp 'Microsoft.Web/staticSites@2023-01-01' = {
     tier: 'Standard'
   }
   properties: {
-
+    repositoryUrl: repositoryUrl
+    repositoryToken: repositoryToken
+    branch: branch
+    buildProperties: {
+      appLocation: '/firewall-mon-app'
+      apiLocation: '/firewall-mon-api'
+      outputLocation: 'dist/firewall-mon-app'
     }
+  }
 }
 
 // Create Static Web App App Settings with Application Insights connection string
@@ -60,7 +78,7 @@ resource staticWebAppSettings 'Microsoft.Web/staticSites/config@2023-01-01' = {
     aoai_deployment: gpt4oDeploymentName
 
     llm_throttling_calls: '5'
-    llm_throttling_window_milliseconds: '1000'
+    llm_throttling_window_milliseconds: '60000'
 
     // Build date timestamp
     BUILD_DATE: baseTime
@@ -123,27 +141,20 @@ resource openAiAccount 'Microsoft.CognitiveServices/accounts@2024-10-01' = {
   }
 }
 
-// Create GPT-4o model deployment
 resource gpt4oDeployment 'Microsoft.CognitiveServices/accounts/deployments@2024-10-01' = {
   parent: openAiAccount
   name: gpt4oDeploymentName
   sku: {
     name: 'Standard'
-    capacity: 1  // Represents the amount of provisioned throughput
+    capacity: 10
   }
   properties: {
     model: {
       format: 'OpenAI'
       name: 'gpt-4o'
       version: '2024-11-20'  // Using the latest version available
     }
+    raiPolicyName: 'Microsoft.Default'
+    versionUpgradeOption: 'OnceNewDefaultVersionAvailable'
   }
 }
-
-// Output the Maps Account id for reference 
-output mapsAccountId string = mapsAccount.id
-
-// Output Azure OpenAI account endpoint and deployment ID
-output openAiEndpoint string = openAiAccount.properties.endpoint
-output openAiDeploymentId string = gpt4oDeployment.id
-

bicep/setup.json

@@ -5,7 +5,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.36.1.42791",
-      "templateHash": "8888054241536279544"
+      "templateHash": "14750720778315896797"
     }
   },
   "parameters": {
@@ -16,6 +16,25 @@
         "description": "Name of the Static Web App"
       }
     },
+    "repositoryUrl": {
+      "type": "string",
+      "metadata": {
+        "description": "GitHub repository URL for the Static Web App"
+      }
+    },
+    "repositoryToken": {
+      "type": "securestring",
+      "metadata": {
+        "description": "GitHub repository token for the Static Web App deployment"
+      }
+    },
+    "branch": {
+      "type": "string",
+      "defaultValue": "main",
+      "metadata": {
+        "description": "GitHub repository branch for the Static Web App deployment"
+      }
+    },
     "appInsightsName": {
       "type": "string",
       "defaultValue": "firewall-mon-insights",
@@ -25,14 +44,14 @@
     },
     "mapsAccountName": {
       "type": "string",
-      "defaultValue": "firewall-mon-maps",
+      "defaultValue": "[format('firewall-mon-maps-{0}', uniqueString(resourceGroup().id))]",
       "metadata": {
         "description": "Name of the Azure Maps Account"
       }
     },
     "openAiAccountName": {
       "type": "string",
-      "defaultValue": "firewall-mon-openai",
+      "defaultValue": "[format('firewall-mon-openai-{0}', uniqueString(resourceGroup().id))]",
       "metadata": {
         "description": "Name of the Azure OpenAI Account"
       }
@@ -98,7 +117,16 @@
         "name": "Standard",
         "tier": "Standard"
       },
-      "properties": {}
+      "properties": {
+        "repositoryUrl": "[parameters('repositoryUrl')]",
+        "repositoryToken": "[parameters('repositoryToken')]",
+        "branch": "[parameters('branch')]",
+        "buildProperties": {
+          "appLocation": "/firewall-mon-app",
+          "apiLocation": "/firewall-mon-api",
+          "outputLocation": "dist/firewall-mon-app"
+        }
+      }
     },
     {
       "type": "Microsoft.Web/staticSites/config",
@@ -113,7 +141,7 @@
         "aoai_endpoint": "[reference(resourceId('Microsoft.CognitiveServices/accounts', parameters('openAiAccountName')), '2024-10-01').endpoint]",
         "aoai_deployment": "[parameters('gpt4oDeploymentName')]",
         "llm_throttling_calls": "5",
-        "llm_throttling_window_milliseconds": "1000",
+        "llm_throttling_window_milliseconds": "60000",
         "BUILD_DATE": "[parameters('baseTime')]"
       },
       "dependsOn": [
@@ -186,32 +214,20 @@
       "name": "[format('{0}/{1}', parameters('openAiAccountName'), parameters('gpt4oDeploymentName'))]",
       "sku": {
         "name": "Standard",
-        "capacity": 1
+        "capacity": 10
       },
       "properties": {
         "model": {
           "format": "OpenAI",
           "name": "gpt-4o",
           "version": "2024-11-20"
-        }
+        },
+        "raiPolicyName": "Microsoft.Default",
+        "versionUpgradeOption": "OnceNewDefaultVersionAvailable"
       },
       "dependsOn": [
         "[resourceId('Microsoft.CognitiveServices/accounts', parameters('openAiAccountName'))]"
       ]
     }
-  ],
-  "outputs": {
-    "mapsAccountId": {
-      "type": "string",
-      "value": "[resourceId('Microsoft.Maps/accounts', parameters('mapsAccountName'))]"
-    },
-    "openAiEndpoint": {
-      "type": "string",
-      "value": "[reference(resourceId('Microsoft.CognitiveServices/accounts', parameters('openAiAccountName')), '2024-10-01').endpoint]"
-    },
-    "openAiDeploymentId": {
-      "type": "string",
-      "value": "[resourceId('Microsoft.CognitiveServices/accounts/deployments', parameters('openAiAccountName'), parameters('gpt4oDeploymentName'))]"
-    }
-  }
+  ]
 }