Azure OpenAI
Last updated
Last updated
Arnica utilizes Azure OpenAI to provide mitigation code samples for code risks, such as SAST and IaC vulnerabilities.
The integration with Azure OpenAI provides the following benefits:
Enterprise-Grade Infrastructure: Azure OpenAI, being a part of Microsoft Azure, offers robust cloud infrastructure, ensuring high scalability, security, and compliance standards suitable for enterprise needs.
Extended Support and SLAs: Azure provides extended support and service level agreements (SLAs) that are crucial for businesses and large-scale applications.
Customization and Control: Azure OpenAI might offer more customization and control options tailored for business applications, including private deployments and specific compliance needs.
Pricing and Billing: With Azure, businesses can get consolidated billing for all Azure services, including Azure OpenAI, which simplifies financial management.
Service resources are required in order to connect to the models they host. Follow Microsoft's guidelines to create and deploy Azure OpenAI service resource.
In some cases, customers may want to restrict who can access the deployed resources. If needed, follow the guidelines mentioned in the section above and use Arnica's IP addresses, as documented in the section of the on Premise integrations page.
Login to Azure Portal.
Navigate to the OpenAI Service
and click on the deployed service resource, as described in the prerequisites section above.
Go to the Keys and endpoint
page under Resource Management
in the left menu.
Copy the endpoint and one of the keys - they will be required in Arnica's integration.
If you don't have deployed models, below are the steps to deploy a new model.
Login to Azure OpenAI Studio.
Navigate to the Deployments
page.
Click on Create new deployment
, otherwise skip to the next step. Fill the following fields, adjust as needed, and lick on Create
.
Save the deployment name - it will be required when the integration is added.
Navigate to the Integrations page in Arnica and click on Azure OpenAI
.
Fill the endpoint, deployment name and API key from the previous steps.
Click on Validate
.
Ensure that Azure OpenAI is in the existing integrations list.
Arnica allows the users to select when to trigger the OpenAI recommendation request, so that the cost of OpenAI will remain relatively low compared to execution on every finding.
To see the recommendation, navigate to the Code Risks page and click on one of the SAST / IaC findings. Click on the OpenAI icon on the top right corner of the details pane - it will spin while the recommendation is generated and validated by Arnica.
If you would like to generate an alternative recommendation, click on the OpenAI icon again.
The code example recommendation will be dynamically generated in the details pane, followed by the explanation of the generated code to ensure the solution is clear as much as possible for the developer or Arnica operator.