NickP
Reputation: 89
Azure AI OpenAI Services fails on BringOwnFeatureNotEnabled, even though the form states it's not needed for Azure OpenAI
Attempting to deploy a cognitive serives account for openai, and it looks like it fails when it checks the subscription for BringYourOwnKey enabled on subscription for cognitive services.
Error: creating Account
│ Resource Group Name: "NP-OPENAI-RGP"
│ Account Name: "np-openai"): unexpected status 400 (400 Bad Request) with error: BringOwnFeatureNotEnabled: Bring your own feature is not enabled for Subscription/SKU/Kind.
│
│ with azurerm_cognitive_account.openai,
│ on openai.tf line 14, in resource "azurerm_cognitive_account" "openai":
│ 14: resource "azurerm_cognitive_account" "openai" {
According to the MS doc, Azure AI Services Customer Managed Keys and Bring Your Own Storage access request, it states Please complete and submit this form to request access to use these capabilities with our Speech and Content Moderator services. The other AI Services, including Azure OpenAI, no longer require the access request to access these features.
Not sure what I may be missing here, I even attempted to comment out the customer_managed_key and it is still throwing this error. Using azurerm version ~> 3.111.0:
# OpenAI
resource "azurerm_cognitive_account" "openai" {
kind = "OpenAI"
name = var.openai_name
resource_group_name = azurerm_resource_group.openai-rg.name
location = azurerm_resource_group.openai-rg.location
sku_name = var.openai_cog_acct_sku
custom_subdomain_name = var.openai_name
public_network_access_enabled = true
tags = merge(local.base_tags,
{ Component = "Azure OpenAI" }
)
depends_on = [
azurerm_key_vault_access_policy.openai,
azurerm_user_assigned_identity.openai
]
identity {
type = "UserAssigned"
identity_ids = [azurerm_user_assigned_identity.openai.id]
}
/* customer_managed_key {
key_vault_key_id = azurerm_key_vault_key.openai.id
identity_client_id = azurerm_user_assigned_identity.openai.principal_id
} */
storage {
storage_account_id = module.openai-sa.storage_acct_id
}
/* network_acls {
default_action = "Deny"
ip_rules = local.vpn
virtual_network_rules {
subnet_id = data.azurerm_subnet.np-vnet-subnets[var.np_subnet].id
ignore_missing_vnet_service_endpoint = false
}
} */
}
Upvotes: 0
Views: 108
Answers (0)
Related Questions
- Getting error while selecting system assigned managed identity in data connection step of open ai data configuration
- Set up Azure app service calling public access disabled function app that has private endpoint
- Can't deploy a privatelink service with Terraform
- Azure private endpoints and Terraform
- "KeyVaultAuthenticationFailure" when Storage Account attempts to Access Customer Managed Key in Key Vault with Private Endpoint (Using Terraform)
- Not able to create text analytics resource in Azure Congnitive services
- Azure text-to-speech service returns 401 Unauthorized