alz for openai challenge update

109-ALZ-for-OpenAI/readme.md

@@ -2,7 +2,16 @@
 
 ![Azure AI Landing Zone](AIArchitecture.png "Azure AI Landing Zone")
 
-This GitHub repository provides a comprehensive guide to deploy an Azure AI Landing Zone—a specialized environment for empowering AI technologies, including advanced language models like GPT-4. The landing zone is designed to complement existing data management and data landing zones within your cloud-scale data analytics platform, enabling you to unlock the true potential of AI.
+This GitHub repository provides a comprehensive guide to deploy an Azure AI Landing Zone—a specialized environment for empowering AI technologies, including advanced language models like GPT-4. The landing zone is designed to complement existing data management and data landing zones within your [cloud-scale data analytics](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/cloud-scale-analytics/) platform, enabling you to unlock the true potential of AI.
+
+## Azure Chat Solution Accelerator powered by Azure Open AI
+
+In this workshop we will be using the [Azure Chat Solution Accelerator](https://github.com/microsoft/azurechat/tree/main) to deploy a private Azure OpenAI powered chatbot in your Azure Subscription, with a familiar user experience and the added capabilities of chatting over your data and files. The goal of this workshop to have an Azure OpenAI powered chatbot which is:
+
+- Private: Deployed in your Azure tenant, allowing you to isolate it to your Azure tenant.
+- Isolated: Network traffic can be fully isolated to your network.
+- Secure: Using built-in enterprise grade authentication security features.
+- Bonus: Able to connect your own internal data sources (plug and play) or integrate with other internal services (e.g., ServiceNow, etc).
 
 ## Architecture Scenarios
 
@@ -47,78 +56,3 @@ In this scenario, you build upon the architecture from the first scenario to sec
 * Firewall Rules for Azure OpenAI: Similar to the first scenario, you maintain firewall rules in Azure OpenAI to allow communication from the dynamic IP address of the Azure App Service, ensuring secure access to Azure OpenAI resources.
 
 This architecture enhances the security of your web application by adding a layer of protection through the Web Application Firewall (WAF) while still leveraging the benefits of private endpoints for Azure OpenAI. It provides a secure and controlled way to expose your application to external users while protecting it from common web-based threats.
-
-## Features
-
-## Enterprise Landing Zone
-### Hub and Azure Firewall Deployment
-- Automated deployment of a Hub network and Azure Firewall using the Azure Terraform landing zone standard module.
-- Enhances security and network architecture within the landing zone.
-
-### Sample Configuration with Azure Firewall
-- Provides users with readily available sample configurations for setting up the hub network, including Azure Firewall settings.
-- Simplifies the initial configuration process.
-
-### Example Firewall Policies
-- Features a set of example firewall policies for securing and managing traffic within the landing zone.
-- Predefined security policies are available for improved network protection.
-
-### Workbook for Firewall Traffic Monitoring
-- Deploys workbooks inside the Azure Firewall to have comprehensive monitoring and analysis of all traffic secured by the firewall.
-
-### Private DNS Zones Automation
-- Automates the deployment of private DNS zones, facilitating domain name resolution within the landing zone.
-- DNS Resolver deployed and integrated with Private DNS Zones for centralized DNS resolved from and to on prem and in azure as well.
-
-### DNS Policy Example
-- Demonstrates a policy example that automatically adds DNS entries to the private DNS zone for private endpoints in the hub.
-- Simplifies Private DNS management and configuration.
-
-### Core Resource and Management Groups Alignment with CAF
-- Aligns the deployment with the Cloud Adoption Framework (CAF) guidelines.
-- Establishes a structured and organized resource hierarchy.
-
-### Custom Azure Policies
-- Configures custom Azure policies to allow specific resource creation, such as audit VNets without Network Security Groups (NSGs).
-- Maintains security and compliance while providing flexibility.
-
-### Monitoring and Logs Resources Deployment
-- Automates the deployment of resources necessary for monitoring and logging within the landing zone, Azure Monitor, Log Analytics, diagnostic settings, etc.
-- Enhances visibility and compliance tracking.
-
-### Independent Module Deployment
-- Enables users to deploy each module independently using orchestration tools or scripts.
-- Promotes modularity and flexibility in configuration.
-
-### Azure Bastion and Jumpbox
-- Deploys Azure Bastion and Jumpbox solutions for secure access to private resources within the landing zone.
-- Enhances remote access and security for administrators.
-
-## AI Landing Zone - Features
-
-### Sample Private GPT Web Application
-- A sample web application that connects to OpenAI and utilizes CosmosDB for storing conversation history.
-- Provides the ability to connect to Cognitive Search for using custom indexed data.
-
-### Linux Web App Deployment
-- Deploys the web application inside a Linux web app using Azure App Service.
-- Ensures a scalable and reliable hosting environment.
-
-### Private Link for OpenAI Service
-- Establishes a Private Link for the OpenAI service.
-- Implements firewalling rules to allow secure communication between the web app and OpenAI.
-
-### Application Gateway and WAF Deployment
-- Deploys an Application Gateway with Web Application Firewall (WAF) to securely expose your chat web app to the internet.
-- Enhances security and protection against common web application attacks.
-
-### Azure API Management (APIM) Integration (Work in Progress)
-- Integration with Azure API Management (APIM) is in progress, allowing for comprehensive API management and monitoring.
-
-### Routing and VNET Integration
-- Establishes routing and integrates with Virtual Network (VNET) for secure communication and isolation.
-- Utilizes Network Security Groups (NSGs) to control traffic and enhance network security.
-
-### Integration with Main Landing Zone
-- Integrates seamlessly with the main landing zone using network peering.
-- Provides a consistent and cohesive infrastructure for AI workloads within the broader Azure environment.