Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel6
Table of Contents
minLevel1
maxLevel6
outlinefalse
styledefault
typelist
printabletrue

...

A resource groups is what is used to group and administrate customer resources in Azure. The two Ayfie components Ayfie Personal Assistant Storage and Ayfie Personal Assistant Application could be placed in one resource group together with other non-Ayfie resources, or in a resource group just by themselves, or split across two different resource groups. Further, these resource groups could be given any name one see fit. However, it is recommended that each of them are given a dedicated resource group and that they are not mixed with other resources. It is also recommended naming the resource groups rg-ayfie-pa-storage and rg-ayfie-pa-application. Using these standardized names will simplify exact named resource groups will simplify later upgrades to newer versions of Ayfie Personal Assistant as well as any future interactions with Ayfie support.

...

Version upgrades are not done as “upgrades” but rather as an uninstall operation (of the old version) followed by an install operation (of the new version). As of version 2.149, Personal Assistant consists of two components (see above) and only the application component is “upgraded” (uninstalled and installed), the storage component is left as-is.

Custom Domain vs. Random URL

The URL to access Personal Assistant can be either a custom domain of your choosing (for instance pa.mycompany.com) or whatever random URL provided by OpenAIAzure AI services. The former approach is what is most common. In either case this has to be followed up whenever one upgrade to a new version of Personal Assistant, either by making sure to reuse the same Service Príncipe Principle (the Entra ID application) or by updating the callback_url if one uses the default URL provided by OpenAIAzure AI services.

Prerequisites

The prerequisites come in two groups:

...

  • Obtain an Azure Subscription

    • An active Azure subscription is required. To register a new subscription, go to the Azure website.

      • At times, Microsoft may impose subscription type specific limitations on their OpenAI services, particularly concerning the amount of data (referred to as the token quota) that can be exchanged during chat interactions. Please see this Microsoft documentation on token quotas for details on which subscription types that may have such restrictions.

    • If one has a contract directly with Ayfie (a.k.a. private plan) please send the Subscription ID to your Ayfie contact.

  • Get Azure OpenAI Approval

  • Enable two Providers

    • In the Azure subscription settings, ensure that the two providers below are enabled. How to do that is described in Ayfie Personal Assistant - How to Add Providers to an Azure Subscription.

      • Microsoft.App: Required for deploying applications within Azuredeploying applications within Azure.

      • Microsoft.ContainerService: Required for managing container-based services within Azure.

      • Microsoft.ContainerInstance: Required for runningcontainerized applications without needing to manage the underlying infrastructure.

      • Microsoft.ContainerServiceOperationalInsights: Required for managing container-based services within Azuremonitoring, diagnostics, and log management.

Admin User Prerequisites

...

...

Note

Ayfie Personal Assistant Storage must be created (or already exist) before setting up the Ayfie Personal Assistant Application.

...

If in doubt, one should consult Private Plan or Public Offering? on how to find out what one has. Most of the steps are the same for the two alternatives. The difference is in step 2 and 5 below (indicated with bold font) and with green markings in the screenshot below where one follow the red arrows all the way for the public offering and swap to green for the private plan.

...

  1. Go to the Microsoft Azure Portal at https://portal.azure.com

  2. In the search box enter Marketplace and select it from the search resultsthe search results

  3. If you have a private plan select Private plans in in the left side menu (circled in green), otherwise use the search box to look up the “Ayfie Personal Assistant” applications

  4. Select the Ayfie Personal Assistant Application box

  5. If you have a private plan select Private plans in in the left side menu (circled in green, select the plan from the dropdown (see green arrow below), otherwise use the search box to look up the “Ayfie Personal Assistant” applications

  6. Select the Ayfie Personal Assistant Application box

  7. If you have a private plan, select the plan from the dropdown (see green arrow below), otherwise select the number of users you want to license (red arrow). Then click the Create button.

...

From this point of in the procedure, there is no difference between having a private plan or a public offering.

Configure the Application Component

To complete the creation of the Ayfie Personal Assistant Application component, one will visit these 4 page tabs one by one in the given order:

  • Basic

  • User Authentication

  • Application Settings

  • Review + create

The Basic Tab

The page title in the graphics below ends with Private Plan. if one is using a public offering, then the title will instead be Create N users, where N is the number of users one selected from the dropdown on the previous page. The graphics in this section will show both title types.

...

  • Select the subscription from the dropdown (Ayfie Development in the example above).

  • Create a new resource group (recommended) or select an existing one. The recommended name for the group is rg-ayfie-pa-application.

  • Select the region. Normally one would select the same region as earlier selected for the storage component, but if this is done as part of an upgrade one may have to select another region if one as part of the upgrade is changing to a new language model that is not available in the same region.

  • Select the storage resource group from earlier (that is rg-ayfie-pa-storage if one created it using the recommend name)

  • Give the managed application a name, for instance the recommended name AyfiePersonalAssistant as in the example above.

  • Click Next to get to the next page tab

The User Authentication Tab

...

User access to Ayfie Personal Assistance is managed by Entra ID via a Service Principal.

  • One can use a Service Principal that already exists or create a new one.

    • Note: If upgrading, make sure to use the exact same Enterprise Application as in for previous version, otherwise it may cause issues with stored documents and chat history

  • Depending on which of the two options one chose, clicking the Make selection link will either bring up a search pane with existing Service Principals to choose from, or a form to register a new Service Principal. The screenshot above shows the case of creating a new one.

  • Give the Service Principal (the Entra ID application) a name, for instance AyfiePersonalAssistantApp as in the graphics above.

  • Select the single tenant option (this would cover the case of all users being employees of the customer)

  • Click the Register button. This will take one away from the page. After having completed the registration, just redo the first few steps to get back to this place.

  • Verify that one has created or selected a Service Principal by checking of the check box

  • Click Next (circled in red) to get to the Authentication page

The Application Settings Tab

The “Application Settings” tab has the following optional settings which allows you to:

  • Enable and set Custom Domain (instead of a generated URL)

  • Enable and set Data Retention Policy (if not enabled we will keep all documents for as long the application is installed)

These settings are not possible to change post deployment. That would require one to uninstall and install as explained in chapter “Upgrading to a Newer Version of Ayfie Personal Assistant”

...

Custom Domain (red box)

When deploying Ayfie Personal Assistant one is always given an URL which users can use to access the frontend. This URL will adhere to the format: https://chat-ui.random-part.region-name.azurecontainerapps.io.

If one instead would like users to access the application with a specific custom URL, then do as described below, otherwise skip this page by clicking the Next button directly:

  • Check the “Configure custom domain”

  • Check the “Verify if you have access to DNS record for you domain”

  • Add the custom domain, e.g. “pa.my-domain.com” to the input field

  • Click the white Next or the blue Review + create button. This will take one to the Review + create page.

Data Retention Policy (green box)

If one want to reduce the storage cost, be compliant with internal policies for data storage or if one want to avoid a potential long list of files in the user interface of Personal Assistant, one can enable Data Retention Policy. This can be set to an integer between 7 and 100. This feature will then remove all files permanently from Personal Assistant if the file is older and haven’t been used in any chat for the past number of days specified.

...

Check the “Enable data retention policy”

...

  1. select the number of users you want to license (red arrow). Then click the Create button.

...

From this point of in the procedure, there is no difference between having a private plan or a public offering.

Configure the Application Component

To complete the creation of the Ayfie Personal Assistant Application component, one will visit these 4 page tabs one by one in the given order:

  • Basic

  • User Authentication

  • Application Settings

  • Review + create

The Basic Tab

The page title in the graphics below ends with Private Plan. if one is using a public offering, then the title will instead be Create N users, where N is the number of users one selected from the dropdown on the previous page. The graphics in this section will show both title types.

...

  • Select the subscription from the dropdown (Ayfie Development in the example above).

  • Create a new resource group (recommended) or select an existing one. The recommended name for the group is rg-ayfie-pa-application.

  • Select the region. Normally one would select the same region as earlier selected for the storage component, but if this is done as part of an upgrade one may have to select another region if one as part of the upgrade is changing to a new language model that is not available in the same region.

  • Select the storage resource group from earlier (that is rg-ayfie-pa-storage if one created it using the recommended name)

  • Give the managed application a name, for instance the recommended name AyfiePersonalAssistant as in the example above.

  • Click Next to get to the next page tab

The User Authentication Tab

...

User access to Ayfie Personal Assistance is managed by Entra ID via a Service Principal.

  • One can use a Service Principal that already exists or create a new one.

    • Note: If upgrading, make sure to use the exact same Enterprise Application as in for previous version, otherwise it may cause issues with stored documents and chat history

  • Depending on which of the two options one chose, clicking the Make selection link will either bring up a search pane with existing Service Principals to choose from, or a form to register a new Service Principal. The screenshot above shows the case of creating a new one.

  • Give the Service Principal (the Entra ID application) a name, for instance AyfiePersonalAssistantApp as in the graphics above.

  • Select the single tenant option (this would cover the case of all users being employees of the customer)

  • Click the Register button. This will take one away from the page. After having completed the registration, just redo the first few steps to get back to this place.

  • Verify that one has created or selected a Service Principal by checking of the check box

  • Click Next (circled in red) to get to the Authentication page

The Application Settings Tab

The Application Settings tab has the following optional settings:

  • Custom Domain - Allows one to configure a Custom Domain that is to be used instead of a randomly generated URL when accessing the Personal Assistant (red box)

  • Data Retention Policy - Allows one to configure for how long time uploaded documents are to be stored after having been accessed the last time (green box)

  • Model Configuration - Set the philosophy for how to determine what AI-model to be used as the default for when starting new chat sessions or going back to stored chat sessions. Price, performance or a mix? (blue box)

These settings are not possible to change post deployment. That would require one to uninstall and install as explained in section Upgrading to a Newer Version of Ayfie Personal Assistant.

...

Custom Domain (red box)

When deploying Ayfie Personal Assistant one is always given an URL which users can use to access the frontend. This URL will adhere to the format: https://chat-ui.random-part.region-name.azurecontainerapps.io.

If one instead would like users to access the application with a specific custom URL, then do as described below, otherwise click the Next button directly:

  • Check the “Configure custom domain”

  • Check the “Verify if you have access to DNS record for you domain”

  • Add the custom domain, e.g. “pa.my-domain.com” to the input field

    • Note: This has to be made as a public DNS

  • Click the white Next or the blue Review + create button. This will take one to the Review + create page.

Data Retention Policy (green box)

To reduce storage expenses, adhere to data storage guidelines, or keep the Personal Assistant interface uncluttered, you can turn on the Data Retention Policy. This will automatically remove any uploaded documents that haven't been used in chats for the duration (from 7 to 100 days) set by the adjustable sliding scale.

  • Check the “Enable data retention policy”

  • Enter the number of days before files are deleted due to inactivity

Model Configuration (blue box)

For each region there will be a set of models that will be made available to the users. One of those models will be the default one and the one to be returned to each time one starts a new chat or when one return to a stored chat. While it is not possible to select a specific model to instead be used as the default, one can set the “philosophy” for how to determine the default. The three “philosophies” to chose chose from are Economy, Premium, Standard. That is, price, performance, and mix of the two, respectability. Economy is the default.

The Review + Create Tab

  • Review the summary of one’s choices from the previous two tabs and go back and correct anything found to be wrong.

  • Click the Create button at the bottom of the page when ready to deploy Ayfie Personal Assistant

...

  1. Go to the Microsoft Azure Portal at https://portal.azure.com

  2. In the search box enter Resource Groups and select it from the search results

  3. Search for and select resource group rg-ayfie-pa-application (or whatever other name that it was given)

  4. Click the managed application AyfiePersonalAssistant (or whatever other name that it was given)

  5. Click the managed resource group link mrg-ayfie_personal_assistan-<timestamp> (or whatever other name that it was given) up to the right

  6. Within this group, find and click on the 'chat-ui' resource to access its settings-ui' resource to access its settings.

  7. In the 'chat-ui' resource, look for the 'Custom Domain' section in the navigation pane on the left side of the screen.

  8. Click on the 'Add custom domain' button to start the domain setup process.

  9. When prompted, choose 'Managed certificate' as your first option (circled in purple) to ensure your domain is secured with an SSL certificate managed by Azure.

  10. In the 'chat-ui' resource, look for the 'Custom Domain' section in the navigation pane on the left side of the screen.

  11. Click on the 'Add custom domain' button to start the domain setup process.

  12. When prompted, choose 'Managed certificate' as your first option (circled in purple) to ensure your domain is secured with an SSL certificate managed by Azure.

  13. In the 'Domain' field (circled in green), type in the exact domain name you specified during the deployment of the Ayfie Personal Assistant Application.

  14. For the record type, leave it set to “CNAME”

  15. Add the two records provided in the 'Domain validation' section (circled in orange) to your domain's DNS settings. These records are crucial for proving ownership of the domain and for the SSL certificate to be issued.Domain' field (circled in green), type in the exact domain name you specified during the deployment of the Ayfie Personal Assistant Application.

  16. For the record type, leave it set to “CNAME”

  17. Add the two records provided in the 'Domain validation' section (circled in orange) to your domain's DNS settings. These records are crucial for proving ownership of the domain and for the SSL certificate to be issued. Please note the following when setting up the public DNS record:

    1. CNAME Record:

      • Host: Enter your domain name (e.g., ayfie.company.com).

      • Value: Use the URL ending with ...containerapps.io provided by Azure.

    2. TXT Record:

      • Host: Enter asuid. followed by your domain name (e.g., asuid.ayfie.company.com).

      • Value: Use the value provided by Azure.

  18. Once you've updated your domain's DNS settings, click the 'Validate' button in Azure to check if the records are correctly configured.

  19. If the validation is successful, the domain status should eventually update from “No binding” to 'Secured', indicating that your custom domain is now properly set up and protected with an SSL certificate.

...