1.5 - Manual Provisioning
Today we explore manual resource provisioning using the Azure Portal. This hands-on approach helps you understand what happens when resources are created and why automation is valuable.
What You’ll Learn
Section titled “What You’ll Learn”- How to create Azure resources manually through the Portal
- Configuration options and decisions required for each resource
- The time and effort involved in manual provisioning
- Why manual approaches don’t scale for complex applications
Resources
Section titled “Resources”Before diving in, review these resources:
- 📘 Azure Portal Overview - Understanding the Azure Portal interface
- 📘 Create Azure OpenAI Resource - Step-by-step resource creation
- 📘 Azure Resource Manager - Understanding resource management concepts
The Apartment Analogy: Buying One Chair
Section titled “The Apartment Analogy: Buying One Chair”Remember our apartment analogy from Day 3? Manual provisioning is like:
Going to a furniture store, selecting a chair, paying for it, carrying it home, and assembling it yourself.
Process:
- Research chair options
- Drive to store
- Select specific chair
- Pay and load into car
- Drive home
- Unpack and assemble
- Position in room
Effort: Doable for one chair, exhausting for furnishing an entire apartment!
Manual Provisioning Walkthrough
Section titled “Manual Provisioning Walkthrough”Let’s manually create a simple AI resource: an Azure OpenAI Service instance.
Prerequisites
Section titled “Prerequisites”- Azure subscription
- Appropriate permissions (Contributor role)
- Azure OpenAI Service access (requires application approval)
Step-by-Step: Creating Azure OpenAI Resource
Section titled “Step-by-Step: Creating Azure OpenAI Resource”Step 1: Navigate to Azure Portal
Section titled “Step 1: Navigate to Azure Portal”- Go to portal.azure.com
- Sign in with your Azure credentials
- Click “Create a resource”
Step 2: Search for Service
Section titled “Step 2: Search for Service”- In the search box, type “Azure OpenAI”
- Select “Azure OpenAI” from results
- Click “Create”
Step 3: Basic Configuration
Section titled “Step 3: Basic Configuration”Decisions to make:
- Subscription: Which subscription to bill
- Resource Group: Create new or use existing
- Name:
rg-retail-ai-dev - Region: East US
- Name:
- Region: Where to deploy (affects latency and availability)
- Choose: East US
- Name: Unique name for your resource
- Example:
openai-retail-assistant-dev
- Example:
- Pricing Tier: Standard S0
Time: ~2 minutes
Step 4: Network Configuration
Section titled “Step 4: Network Configuration”Decisions to make:
- Network Access: Public or private endpoint
- Choose: All networks (for development)
- Production would use private endpoint
- Allow Azure services: Yes/No
- Choose: Yes
Time: ~1 minute
Step 5: Security & Identity
Section titled “Step 5: Security & Identity”Decisions to make:
- Managed Identity: System-assigned or user-assigned
- Choose: System-assigned (enabled)
- Access Control: RBAC settings
- Note: Configure after creation
Time: ~1 minute
Step 6: Tags
Section titled “Step 6: Tags”Optional but recommended:
- Environment: Development
- Project: RetailAI
- Owner: your-email@company.com
- CostCenter: IT-AI-Projects
Time: ~1 minute
Step 7: Review + Create
Section titled “Step 7: Review + Create”- Review all settings
- Read terms and conditions
- Click “Create”
- Wait for deployment (3-5 minutes)
Total time for one resource: ~10 minutes
Step 8: Post-Creation Configuration
Section titled “Step 8: Post-Creation Configuration”After the resource is created, you still need to:
-
Deploy a Model
- Navigate to Azure OpenAI Studio
- Click “Deployments”
- Create new deployment
- Select model (gpt-4, gpt-35-turbo)
- Choose capacity (TPM)
- Wait for deployment (~2 minutes)
-
Get API Keys
- Navigate to “Keys and Endpoint”
- Copy Key 1 or Key 2
- Note the endpoint URL
-
Configure Content Filters
- Set up content filtering policies
- Configure severity thresholds
- Apply to deployments
Additional time: ~5-10 minutes
The Reality of Manual Provisioning
Section titled “The Reality of Manual Provisioning”For a Complete Retail AI Application
Section titled “For a Complete Retail AI Application”Our retail AI app needs ~15 resources:
| Resource | Est. Time | Configuration Complexity |
|---|---|---|
| Resource Group | 2 min | Low |
| Azure OpenAI | 10 min | Medium |
| AI Search | 8 min | High |
| Cosmos DB | 10 min | High |
| App Service Plan | 5 min | Medium |
| App Service | 7 min | Medium |
| Container Registry | 5 min | Low |
| Container Apps Environment | 8 min | Medium |
| Container App | 10 min | High |
| API Management | 15 min | High |
| Application Insights | 5 min | Low |
| Log Analytics Workspace | 5 min | Low |
| Key Vault | 8 min | Medium |
| Virtual Network | 12 min | High |
| Storage Account | 7 min | Medium |
Total Estimated Time: 2-3 hours (for an experienced person!)
Challenges with Manual Provisioning
Section titled “Challenges with Manual Provisioning”1. Time-Consuming
Section titled “1. Time-Consuming”- Hours spent clicking through forms
- Waiting for resources to deploy
- Context switching between services
2. Error-Prone
Section titled “2. Error-Prone”- Typos in names or settings
- Inconsistent naming conventions
- Forgotten configuration steps
- Wrong regions or SKUs
3. Difficult to Reproduce
Section titled “3. Difficult to Reproduce”- No documentation of steps
- Hard to create identical dev/test/prod
- Knowledge locked in one person’s head
- Onboarding new team members is painful
4. Not Version Controlled
Section titled “4. Not Version Controlled”- Can’t track changes over time
- No code review process
- No rollback capability
- No audit trail
5. Configuration Drift
Section titled “5. Configuration Drift”- Environments slowly diverge
- “Works on my machine” problems
- Testing doesn’t match production
- Debugging becomes nightmare
6. Scaling Issues
Section titled “6. Scaling Issues”- Can’t provision multiple environments quickly
- Regional expansion is manual copy-paste
- Disaster recovery is manual
- No automation possible
When Manual Makes Sense
Section titled “When Manual Makes Sense”Manual provisioning is acceptable for:
✅ Learning and exploration - Understanding service options ✅ Quick experiments - Testing a single service ✅ One-off resources - Rarely changed, simple configurations ✅ Emergency fixes - When automation is broken
Lessons Learned
Section titled “Lessons Learned”From this exercise, you should appreciate:
- Complexity: Even “simple” resources have many configuration options
- Time: Manual provisioning doesn’t scale
- Expertise: You need to know what every option means
- Documentation: Hard to remember or document all steps
- Consistency: Easy to make different choices each time
The Path Forward
Section titled “The Path Forward”Tomorrow (Day 6) we’ll see how ARM/Bicep templates solve many of these problems through Infrastructure as Code.
Then on Day 7, we’ll discover how AZD templates go even further by:
- Including application code
- Providing sensible defaults
- Enabling one-command deployment
- Incorporating best practices
Ask Copilot
Section titled “Ask Copilot”Reflect on manual provisioning:
- “What are the main risks of manually provisioning production infrastructure, and how can they lead to security vulnerabilities?”
- “How would you create a checklist or documentation for manually provisioning a complex multi-service application?”
- “What Azure Portal features help reduce errors when manually creating resources?”
Related Resources
Section titled “Related Resources”- Azure Portal Tips and Tricks
- Azure Resource Naming Conventions
- Azure Tagging Strategy
- Azure Service Limits and Quotas
Next: Day 6 - ARM Templates
Tomorrow we’ll explore Infrastructure as Code with ARM and Bicep templates—automating what we did manually today.