Frequently Asked Questions

What network sizes were allocated for the AI Hub?

Confirmed by Platform Services Team on Dec 11, 2025

Why does the AI Hub need larger private networks than a standard /24?

The platform is not hosting just one application. It contains several managed Azure services, and many of those services require their own dedicated subnet space and reserve more internet protocol addresses than people expect. Because of that, a small default network range is not enough for production.

The table below shows why the address space grows quickly:

Total: Once you combine the gateway layer, private endpoints, container and platform subnets, and room for growth, the usual /24 network is too small. That is why production needs a much larger address range.

What's the difference between control plane and data plane?

Azure has two very different kinds of access, and understanding the difference explains many of the platform design choices in this repository.

Control plane access means managing the resource itself: creating it, updating settings, changing permissions, or deleting it. Data plane access means using what is inside that resource: reading a secret, writing a blob, or querying stored data.

If you are wondering why some tasks work from a public automation runner and others do not, this is the reason. See the architecture decision record on control plane versus data plane access and the matching diagram for a deeper explanation.

Why can't I see Key Vault secrets in the Azure Portal?

The Azure Portal is primarily a management interface. It is very good at showing you that a resource exists and how it is configured, but it does not magically bypass a private endpoint.

When you open a Key Vault in the Azure Portal:

• ✓ You can see that the vault exists, because listing resources is a management action.
• ✓ You can see the vault configuration, because reading settings is also a management action.
• ✗ You cannot reveal the secret value unless your traffic is actually coming from inside the allowed private network path.

In other words, the screen that shows the vault is not the same thing as network access to the vault's secret data. To view secrets, use the Chisel tunnel playbook or connect through the jumpbox by way of Azure Bastion.

Do tenant developers get Chisel access?

No. Chisel is an administrative tool for the people who operate the platform itself. It is not part of the normal tenant experience.

Tenant developers are expected to use the public entry points that were built for them:

• Application Gateway and the Azure gateway service for application programming interfaces for public service endpoints
• Their own applications, which then call those gateway endpoints

This separation is deliberate. It keeps tenants isolated from private infrastructure, preserves metering and security boundaries, and avoids giving every team broad internal network access that they do not need.

Which access method should I use?

Choose the access method based on what you are trying to do. The important distinction is whether you need to reach private data inside Azure resources, or whether you only need to deploy and configure resources.

See Choosing Your Access Method and the access methods diagram if you want a more detailed decision guide.

How do other teams onboard to the AI Hub?

Teams onboard through the Tenant Onboarding Portal. This is a custom application built specifically for this platform because the team needed more than a simple request form. The portal stores structured onboarding information, supports review and approval by platform administrators, and gives the platform a place to expose approved tenant information later.

The current operating model works like this:

1. A team submits its onboarding information through the portal.
2. Platform administrators review the request, verify that it fits the platform, and then approve or reject it.
3. Once a tenant has been approved, authorised tenant administrators can return to the portal and view environment-specific information that the platform exposes for them.

This is important because onboarding here is not just a one-time form submission. It is an ongoing workflow that can later include approval history, generated configuration, operational details, and controlled access to credentials and service information.

How do tenant administrators get their gateway subscription keys?

Approved tenant administrators can view their gateway subscription keys directly in the Tenant Onboarding Portal. They do not need to open a support request for routine key retrieval.

• Only users listed as tenant administrators can access the credential panel.
• The portal separates information by environment, so development, test, and production values are shown in different tabs.
• The primary and secondary keys are masked on screen and exposed through copy actions rather than printed openly in the page.
• When automatic key rotation is enabled, the portal also shows explanatory timing information such as the last rotation and the next scheduled rotation.

Behind the scenes, the portal backend reads the tenant's key material from the shared central Key Vault by using its own managed identity. That means no long-lived stored password is required for the portal to retrieve those values. See the key rotation guide for the full operational details.

What's the 3-6-9 month roadmap?

A planning session has been proposed, but the roadmap has not yet been finalised. The idea is to move from early pilot work into a clearer sequence of near-term, medium-term, and longer-term platform outcomes.

The working agenda currently includes:

• Role clarity and decision ownership
• The first technical capabilities that should be delivered to show value quickly
• The platform improvements that make onboarding easier for new teams
• A baseline set of milestones for the next three, six, and nine months
• A work tracker and delivery rhythm
• Regular review meetings and planning cadence

Why can't GitHub Actions run Terraform directly?

GitHub Actions can run Terraform, but it cannot directly reach private endpoints from a standard public runner. That is the key limitation.

The platform solves this by creating a secure tunnel from the public automation runner into the private Azure network. A Chisel server runs inside an Azure App Service that sits in the private network path, and the deployment workflow sends private data traffic through that tunnel when it needs to talk to things like the private Terraform state account or secrets store.

This means the workflow can still use normal public GitHub-hosted runners for most automation, without paying for a permanently running private build fleet. There is an optional module for self-hosted runners on Azure Container Apps for special cases, but the platform's own deployment path does not depend on it.

Cost note: The Chisel proxy runs as an App Service plan-based component, so cost is tied to that service plan rather than to how often the workflow runs. See Cost Tracking for details.

What Azure services will the AI Hub provide?

The platform provides shared artificial intelligence services for British Columbia Government teams through a multi-tenant setup. In practical terms, that means one platform supports multiple teams while still keeping each tenant's access, quotas, and configuration separate.

The following services are currently live in the development and test environments:

• Azure AI Foundry for language models, reasoning models, and text embedding models
• The Azure gateway service for application programming interfaces for tenant-specific subscription keys, per-tenant rate limiting, and usage metering
• Azure Application Gateway with built-in web request protection for public entry, secure transport termination, and routing toward the right backend service
• The Azure language service for sensitive personal information detection, now routed through a dedicated external redaction service
• Azure AI Search, Speech, and Document Intelligence as shared cognitive services exposed through the gateway layer

See the services catalogue for the full model list, per-tenant allocation details, and usage limits.

How does sensitive personal information redaction work in the current architecture?

Requests that need sensitive personal information redaction are no longer processed directly inside the gateway policy engine. Instead, the platform gateway forwards the request body and the tenant's redaction settings to a dedicated redaction service that runs as an internal container application.

This design is easier to reason about because all redaction work goes through the same external service, regardless of request size.

1. The platform gateway reads the tenant-specific settings that control whether redaction is enabled, which categories to exclude, which language to assume, whether failure should block the request, and which message roles should be scanned.
2. The gateway policy sends the request to the external redaction service over the internal private network path.
3. The redaction service calls Azure AI Language service over a private endpoint, reconstructs the result into the original request shape, and returns the redacted body together with diagnostic information.
4. The gateway forwards the request to the downstream backend only after the redaction service reports that it completed the full job successfully.

See the Language service redaction guide and the architecture decision record for the external redaction service for the full flow and configuration details.

How does virtual network peering work between environments?

The platform uses virtual network peering so that the tools environment can reach the development, test, and production environments for operational and deployment work without collapsing everything into one flat network.

• Tools to development, test, and production: outbound traffic from the tools environment is allowed toward the other environments so deployment and maintenance workflows can reach what they need.

This is mainly there to support platform operations and automation. It is not a shortcut that gives tenant teams direct access to internal services in every environment.