Arnica Documentation
  • Introduction
  • Getting Started
    • 🔑Sign Up
    • ▶️SCM Integrations
      • Azure DevOps
      • Bitbucket Cloud
      • Bitbucket Server & Datacenter
      • Github
        • GitHub Audit Logs
        • Github App Permissions
      • Gitlab
    • 📤ChatOps
      • Microsoft Teams
      • Slack
        • Adding Arnica to a New Channel
        • Interacting With the Arnica Slackbot
    • 🎫Ticket Management
      • 🐛Jira Integration
      • 📋ADO Boards Integration
    • 🧠Artificial Intelligence
      • Azure OpenAI
      • OpenAI ChatGPT
    • 🏨On Premise Integrations
  • Inventory
    • 💼Identities, Repositories & Organizations
    • 📇Software Bill of Materials (SBOM)
    • 🦄Prioritization & Product Ownership
  • Hardcoded Secrets
    • 🕵️Secret Detection
    • ⏪Realtime Secret Mitigation
    • 🥕Secrets Policy Settings
  • Code Risks
    • 🎼Static Application Security Testing (SAST)
      • Custom SAST Rules
    • 🧩Software Composition Analysis (SCA)
    • 🔡3rd Party Package Licenses
      • Override License Classifications
    • 🤹3rd Party Package Reputation
      • Identifying Low Rep Packages
      • How to Find Alternative Packages
    • ⛅Infrastructure as Code Security (IaC)
    • 🤖Code Risk Policy Settings
      • Developer Feedback On Push
      • Require Review Before Dismissal
      • 0 New High Severity Vulnerabilities
      • Enforce Remediation SLA
    • 🪄Code Risk Magic Links
    • 📦Code Risk Language and Framework Support
  • Platform Operations
    • 🚪Joining an Existing Org
    • ❌Deleting a Tenant
    • 🫂How do I invite members to my tenant?
      • New User Invitations
    • 👥Users & Roles
    • 🔇Deleting Integrations
    • ⌛Scheduled Jobs
      • How often do Jobs run?
    • 💸Billing
  • Security
    • 🎮Role Based Access Control (RBAC)
    • 🛡️Data Handling
    • 🏛️SSO Integration
      • Okta Integration
      • Entra ID Integration
Powered by GitBook
On this page
  • Overview
  • Prerequisites
  • Deploy service resource
  • IP allowlist
  • Installation process
  • Get the deployment endpoint and key
  • Get a deployment model name
  • Integrate
  • User Experience

Was this helpful?

  1. Getting Started
  2. Artificial Intelligence

Azure OpenAI

PreviousArtificial IntelligenceNextOpenAI ChatGPT

Last updated 1 year ago

Was this helpful?

Overview

Arnica utilizes Azure OpenAI to provide mitigation code samples for code risks, such as SAST and IaC vulnerabilities.

The integration with Azure OpenAI provides the following benefits:

  1. Enterprise-Grade Infrastructure: Azure OpenAI, being a part of Microsoft Azure, offers robust cloud infrastructure, ensuring high scalability, security, and compliance standards suitable for enterprise needs.

  2. Extended Support and SLAs: Azure provides extended support and service level agreements (SLAs) that are crucial for businesses and large-scale applications.

  3. Customization and Control: Azure OpenAI might offer more customization and control options tailored for business applications, including private deployments and specific compliance needs.

  4. Pricing and Billing: With Azure, businesses can get consolidated billing for all Azure services, including Azure OpenAI, which simplifies financial management.

Prerequisites

Deploy service resource

Service resources are required in order to connect to the models they host. Follow Microsoft's guidelines to .

IP allowlist

In some cases, customers may want to restrict who can access the deployed resources. If needed, follow the guidelines mentioned in the section above and use Arnica's IP addresses, as documented in the section of the on Premise integrations page.

Installation process

Get the deployment endpoint and key

  1. Navigate to the OpenAI Service and click on the deployed service resource, as described in the prerequisites section above.

  2. Go to the Keys and endpoint page under Resource Management in the left menu.

  3. Copy the endpoint and one of the keys - they will be required in Arnica's integration.

Get a deployment model name

If you don't have deployed models, below are the steps to deploy a new model.

  1. Navigate to the Deployments page.

  2. Click on Create new deployment, otherwise skip to the next step. Fill the following fields, adjust as needed, and lick on Create.

  1. Save the deployment name - it will be required when the integration is added.

Integrate

  1. Fill the endpoint, deployment name and API key from the previous steps.

  2. Click on Validate.

  3. Ensure that Azure OpenAI is in the existing integrations list.

User Experience

Arnica allows the users to select when to trigger the OpenAI recommendation request, so that the cost of OpenAI will remain relatively low compared to execution on every finding.

If you would like to generate an alternative recommendation, click on the OpenAI icon again.

The code example recommendation will be dynamically generated in the details pane, followed by the explanation of the generated code to ensure the solution is clear as much as possible for the developer or Arnica operator.

Login to .

Login to .

Navigate to the in Arnica and click on Azure OpenAI.

To see the recommendation, navigate to the page and click on one of the SAST / IaC findings. Click on the OpenAI icon on the top right corner of the details pane - it will spin while the recommendation is generated and validated by Arnica.

🧠
Azure Portal
Azure OpenAI Studio
Integrations page
Code Risks
create and deploy Azure OpenAI service resource
Ingress traffic
Azure OpenAI keys and endpoint page
Azure OpenAI deployment settings