Azure
/
CCOInsights
зеркало из https://github.com/Azure/CCOInsights.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Users/mabara/rebranding (#245) 

* update links, rename to insights

* update link, TOCs, taxonomy; separate release notes

* update navigation

* update navigation

* fix links

* delete ellipsies, fix typos
This commit is contained in:
Máté Barabás 2022-06-27 11:00:15 -07:00 коммит произвёл GitHub
Родитель dc628b0fa7
Коммит 4cd9222de7
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
9 изменённых файлов: 411 добавлений и 338 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

276
README.md
Просмотреть файл

@ -1,43 +1,63 @@
# Continuous Cloud Optimization Power BI Dashboards Project
# Continuous Cloud Optimization Insights
## Content
- [Overview](README.md#overview)
- [CCO Azure Governance Dashboard Governance Version 2.6](README.md#cco-azure-governance-dashboard-report-pages) ***<span style="color:green"><sup>NEW</sup></span>***
- [CCO Azure Infrastructure Dashboard Version 9.1](README.md#cco-azure-infrastructure-dashboard-report-pages) ***<span style="color:green"><sup>NEW</sup></span>***
- [List of resources](README.md#List-of-resources)
- [CCO Azure Infrastructure Dashboard report pages](README.md#cco-azure-infrastructure-dashboard-report-pages)
- [CCO Azure Infrastructure Dashboard with AKS add-on report pages](README.md#cco-azure-infrastructure-dashboard-with-aks-add-on-report-pages)
- [CCO GitHub Contributions Dashboard](README.md#cco-github-contributions-dashboard-pages)
- [Call for Contribution](README.md#Call-for-Contribution)
- [Continuous Cloud Optimization Insights](#continuous-cloud-optimization-insights)
- [Overview](#overview)
- [Release notes](#release-notes)
- [Highlights of the latest releases](#highlights-of-the-latest-releases)
- [CCO GitHub Contributions Dashboards Version 1.0](#cco-github-contributions-dashboards-version-10)
- [CCO ADO Contributions Dashboards Version 1.0](#cco-ado-contributions-dashboards-version-10)
- [CCO Azure Infrastructure Dashboard Version 9.1 Updates](#cco-azure-infrastructure-dashboard-version-91-updates)
- [CCO Azure Governance Dashboard Version 2.6 Updates](#cco-azure-governance-dashboard-version-26-updates)
- [List of resources](#list-of-resources)
- [Dashboard overview](#dashboard-overview)
- [CCO Azure Governance Dashboard Report Pages](#cco-azure-governance-dashboard-report-pages)
- [CCO Azure Infrastructure Dashboard Report Pages](#cco-azure-infrastructure-dashboard-report-pages)
- [CCO GitHub Contributions Dashboard](#cco-github-contributions-dashboard)
- [CCO ADO Contributions Dashboard](#cco-ado-contributions-dashboard)
- [CCO Azure Infrastructure Dashboard with AKS add-on Report Pages (not maintained)](#cco-azure-infrastructure-dashboard-with-aks-add-on-report-pages-not-maintained)
- [Call for contribution](#call-for-contribution)
-------------------------------
## Overview
The Continuous Cloud Optimization Power BI Dashboards project is a set of Power BI Desktop Reports developed using Power Query M language and DAX, that pulls information directly from different Azure REST APIs and enables monitoring, operation and infrastructure teams to quickly gain insights about their existing Azure Platform footprint and resources.
The Continuous Cloud Optimization Insights (CCO Insights) project is a set of Power BI Desktop Reports developed using Power Query M language and DAX, that pulls information directly from different Azure REST APIs and enables monitoring, operation and infrastructure teams to quickly gain insights about their existing Azure Platform footprint and resources as well as code contribution characteristics on two major platforms - Azure DevOps and GitHub.
The current set of CCO Dashboards includes 3 different Dashboards to discover information about different Azure critical design areas:
CCO Insights currently includes 5 different dashboards to discover information about your Azure, Azure DevOps and GitHub cloud platforms:
- [**CCO Azure Infrastructure Dashboard**](/dashboards/CCODashboard-Infra/InfraDeploymentGuide.md): Get insights about Azure advisor optimizations, Azure Security Center Alerts, Networking, Compute, RBAC, Idle resources and Subscriptions Quotas and Limits
- [**CCO Azure Governance Dashboard**](/dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md): Get insights about Azure Governance aspects like Management Groups and Subscriptions hierarchy, resource tagging and naming standards, security controls, policies compliance, Regulatory Standards and Azure Blueprints
- [**CCO Azure Infrastructure Dashboard with AKS**](/dashboards/CCODashboard-Infra/InfraDeploymentGuide.md): Get insights about AKS information
- [**CCO Azure Infrastructure Dashboard**](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md): Get insights about Azure advisor optimizations, Azure Security Center Alerts, Networking, Compute, RBAC, Idle resources and Subscriptions Quotas and Limits
- [**CCO Azure Governance Dashboard**](./dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md): Get insights about Azure Governance aspects like Management Groups and Subscriptions hierarchy, resource tagging and naming standards, security controls, policies compliance, Regulatory Standards and Azure Blueprints
- [**CCO Azure Infrastructure Dashboard with AKS (not maintained)**](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md): Get insights about AKS information
- [**CCO GitHub Contributions Dashboard**](./dashboards/GitHubDashboard-Contributors/GitHubDeploymentGuide.md): Get insights about the contributions to your GitHub project.
- [**CCO Azure DevOps Contributions Dashboard**](./dashboards/ADODashboard-Contributors/ADODeploymentGuide.md): Get insights about the contributions to your Azure DevOps (ADO) project.
**NOTE**: If your're experiencing problems during the deployment of the dashboards, please check the [Troubleshooting guide](https://github.com/Azure/ccodashboard/blob/EarlyAdopters/install/TroubleshootingGuide.md) and the [Github issues](https://github.com/Azure/ccodashboard/issues?q=is%3Aissue) before creating a new one.
**NOTE**: If your're experiencing problems during the deployment of the dashboards, please check the [Troubleshooting guide](./install/TroubleshootingGuide.md) and the [Github issues](https://github.com/Azure/ccodashboard/issues?q=is%3Aissue) before creating a new one.
![OverviewImage](/install/images/OverviewImage.png)
![OverviewImage](./install/images/OverviewImage.png)
## Last release notes
## Release notes
### **CCO Azure Infrastructure Dashboard Version 9.1 Updates**
For the comprehensive list of release notes, see the [Release notes](./Release-Notes.md) page.
### Highlights of the latest releases
#### CCO GitHub Contributions Dashboards Version 1.0
- Initial release of the CCO GitHub Contributions Dashboard
#### CCO ADO Contributions Dashboards Version 1.0
- Initial release of the CCO ADO Contributions Dashboard
#### CCO Azure Infrastructure Dashboard Version 9.1 Updates
- New report page available for Azure Web Applications.
- Management Group filtering
- IMPORTANT: Now it requires the Custom connector (mandatory to retrieve the MGs)
- **IMPORTANT**: Now it requires the Custom connector (mandatory to retrieve the MGs)
### **CCO Azure Governance Dashboard Version 2.6 Updates**
#### CCO Azure Governance Dashboard Version 2.6 Updates
- Governance dashboard policies visuals fix
@ -45,48 +65,49 @@ The current set of CCO Dashboards includes 3 different Dashboards to discover in
This project includes the following resources:
1. **install folder**: Includes all the files required to successfully deploy the Dashboard in your environment. The [Deployment Guide](https://github.com/Azure/ccodashboard/blob/master/dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md) file contains a detailed guidance to install and setup your dashboard including the requirements, what REST APIs are in use, the resource providers that needs to be enabled or what tabs are included as part of the default Dashboard. The [Troubleshooting Guide](/install/TroubleshootingGuide.md) file contains guidance to solve potential issues that you might encounter during the Dashboard deployment. Errors like Power BI regional settings, or Privacy levels will be documented on this document.
1. **install folder**: Includes all the files required to successfully deploy the Dashboard in your environment. The [Deployment Guide](./dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md) file contains a detailed guidance to install and setup your dashboard including the requirements, what REST APIs are in use, the resource providers that needs to be enabled or what tabs are included as part of the default Dashboard. The [Troubleshooting Guide](./install/TroubleshootingGuide.md) file contains guidance to solve potential issues that you might encounter during the Dashboard deployment. Errors like Power BI regional settings, or Privacy levels will be documented on this document.
2. **queries folder**: Includes the M queries used in the Dashboard to pull data from Azure and Graph REST APIs. This content is for reference purposes to facilitate the Data Model comprehension and to enable contributors to expand the Dashboard capabilities.
3. **docs/assets/pictures folder**: Contains all the images that the Dashboard will use when loading data from Azure. The content of this folder will be dynamic and we will update the repository regularly. Make sure the computer running the Dashboard that has internet access also have access to this URL https://azure.github.io/ccodashboard/assets/pictures
4. **dashboards folder**: This parent folder contains sub folders with different versions of the CCO Dashboard depending on the workloads you want to get report from. We expect to see more versions in the future from community contributions.
4. **dashboards folder**: This parent folder contains sub folders with different versions of the dashboards of CCO Insights depending on the workloads you want to get report from. We expect to see more versions in the future from community contributions.
- ***CCODashboard-Infra folder*** has a more generic version of the Dashboard that includes information from Azure Advisor, Azure Security Center, Azure Networking REST APIs, Azure Compute REST APIs and Graph
- ***CCODashboard-Governance folder*** has a dashboard aligned with the Microsoft Cloud Adoption Framework governance principles and will allow to get quick insights around Management Groups, Subscriptions, Blueprints, Polices, Naming Standards, Tagging and Regulatory Standards compliance. For this dashboard is needed the installation of a [custom connector](https://github.com/Azure/ccodashboard/blob/master/dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md#installing-the-custom-connector).
- ***CCODashboard-Governance folder*** has a dashboard aligned with the Microsoft Cloud Adoption Framework governance principles and will allow to get quick insights around Management Groups, Subscriptions, Blueprints, Polices, Naming Standards, Tagging and Regulatory Standards compliance. For this dashboard is needed the installation of a [custom connector](./dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md#installing-the-custom-connector).
- ***CCODashboard-AKS folder*** has the add-on report to monitor Azure Kubernetes Services.
## CCO Azure Governance Dashboard Report Pages
## Dashboard overview
### CCO Azure Governance Dashboard Report Pages
The version 2.6 of the CCO Power BI Dashboard Governance includes the following information:
Version 2.6 of the CCO Power BI Dashboard Governance includes the following information:
- Azure Management Groups and Subscriptions hierarchy
- Resource Groups and Resources Tagging information
- Regulatory Standards Compliance Overview ***<span style="color:green"><sup>NEW</sup></span>***
- Azure Security and Compliance ***<span style="color:green"><sup>NEW</sup></span>***
- Azure Policies
- Azure Subscriptions Blueprints ***<span style="color:green"><sup>NEW</sup></span>***
- [Azure Management Groups and Subscriptions hierarchy](./dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md#management-groups-and-subscriptions-hierarchy-overview-page)
- [Tags and naming standards page](./dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md#tags-and-naming-standards-page)
- [Azure Regulatory Standards Forecast](./dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md#azure-regulatory-standards-forecast)
- [Azure Security and Compliance](./dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md#azure-resources-security--compliance-page)
- [Azure Policies](./dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md#azure-policies-page)
- [Azure Blueprints](./dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md#azure-blueprints-page)
You can find more details about each page on the [Deployment Guide](https://github.com/Azure/ccodashboard/blob/master/dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md) file.
You can find more details about each page in the [Deployment Guide](./dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md).
## CCO Azure Infrastructure Dashboard Report Pages
### CCO Azure Infrastructure Dashboard Report Pages
The version 9.1 of the CCO Power BI Dashboard includes 10 report pages. You will be able to navigate, filter and report the following information:
- Page 1: Overview
- Page 2: Azure Advisor Recommendations
- Page 3: Azure Security Center Alerts
- Page 4: Azure Compute information
- Page 1: [Overview](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md#cco-azure-infrastructure-dashboard-overview-page)
- Page 2: [Azure Advisor Recommendations](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md#azure-advisor-recommendations-page)
- Page 3: [Azure Security Center Alerts](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md#azure-security-center-alerts-page)
- Page 4: [Azure Compute information](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md#azure-compute-overview-page)
- Page 5: Web Applications (Including function Apps)
- Page 6 Azure Networking information
- Page 7: Network Security Groups
- Page 8: Azure RBAC permissions
- Page 9: Azure Service Principals RBAC permissions
- Page 10: IaaS Usage and Limits
- Page 11: IaaS Idle Resources
- Page 6 [Azure Networking information](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md#azure-vnets-and-subnets-recommendations-page)
- Page 7: [Network Security Groups](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md#azure-network-security-groups-page)
- Page 8: [Azure RBAC permissions](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md#role-based-access-control-page)
- Page 9: [Azure Service Principals RBAC permissions](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md#service-principal-role-based-access-control-page)
- Page 10: [IaaS Usage and Limits](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md#iaas-usage-and-limits-page)
- Page 11: [IaaS Idle Resources](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md#iaas-idle-resources-dashboard-page)
You can find more details about each page on the [Deployment Guide](https://github.com/Azure/ccodashboard/blob/master/dashboards/CCODashboard-Infra/InfraDeploymentGuide.md) file.
You can find more details about each page in the [Deployment Guide](./dashboards/CCODashboard-Infra/InfraDeploymentGuide.md).
**IMPORTANT**: You must follow this [procedure](https://docs.microsoft.com/en-us/azure/lighthouse/how-to/onboard-customer) to implement Azure delegated resource management to get data from subscriptions in other tenants.
**IMPORTANT**: You must follow [this procedure](https://docs.microsoft.com/en-us/azure/lighthouse/how-to/onboard-customer) to implement Azure delegated resource management to get data from subscriptions in other tenants.
## CCO Azure GitHub Contributions Dashboard
### CCO GitHub Contributions Dashboard
The version 1.0 of the CCO GitHub Contributions Dashboard includes 1 report page. You will be able to navigate, filter and report the following information:
- Number of contributors
@ -102,7 +123,9 @@ The version 1.0 of the CCO GitHub Contributions Dashboard includes 1 report page
- Comparison between number of additions vs deletions per month
- Top contributors measured by changes in their pull requests.
## CCO Azure ADO Contributions Dashboard
You can find more information about this dashboard in the [Deployment Guide](./dashboards/GitHubDashboard-Contributors/GitHubDeploymentGuide.md).
### CCO ADO Contributions Dashboard
The version 1.0 of the CCO ADO Contributions Dashboard includes 1 report page. You will be able to navigate, filter and report the following information:
- Number of Projects
@ -110,161 +133,20 @@ The version 1.0 of the CCO ADO Contributions Dashboard includes 1 report page. Y
- Average pull requests per day
- Comparison between number of open vs closed pull requests over the last months
- Branches created over the last months
- ...
You can find more information about this dashboard in the [Deployment Guide](./dashboards/ADODashboard-Contributors/ADODeploymentGuide.md).
## CCO Azure Infrastructure Dashboard with AKS add-on Report Pages (not updated)
### CCO Azure Infrastructure Dashboard with AKS add-on Report Pages (not maintained)
The version 5.0 of the CCO Power BI Dashboard AKS add-on includes the following information:
- Azure Kubernetes Clusters information
- Nodes, Pods, Containers status from Azure Log Analytics
- Azure Container Images (and source repositories) running on AKS Clusters ***<span style="color:green"><sup>NEW</sup></span>***
- Security recommendations to apply from Azure Security Center ***<span style="color:green"><sup>NEW</sup></span>***
- Service principals (showing assigned RBAC Roles) with cluster permissions ***<span style="color:green"><sup>NEW</sup></span>***
- Azure Container Instances information ***<span style="color:green"><sup>NEW</sup></span>***
- Improved API Rest calls ***<span style="color:green"><sup>NEW</sup></span>***
## Old release notes
## CCO Azure Governance Dashboard
### CCO Azure Governance Dashboard Version 2.1 Updates
- Custom connector and Assessments metadata API Bug fixing
- Azure Policy and Azure Blueprints names changed.
### CCO Azure Governance Dashboard Version 2.0 Updates
- US Government region support <span style="color:green"><sup>NEW</sup></span>
- Alignment with Azure Security Benchmarks and Azure Security Center Secure Scores
- New Security & Compliance page <span style="color:green"><sup>NEW</sup></span>
- New Regulatory Standards Forecast page <span style="color:green"><sup>NEW</sup></span>
- Redesigned Azure Blueprints page
- New UX design with latest Azure Portal Icons <span style="color:green"><sup>NEW</sup></span>
- General Bug Fixes and code improvements
## CCO Azure Infrastructure Dashboard
### **CCO Azure Infrastructure Dashboard Version 8.2 Updates**
- Bug fix: Maps location problems in Overview, Compute and Usage&Limits resources pages fixed.
- New features:
- Expiration date added to the SPNs. ***<span style="color:green"><sup>NEW</sup></span>***
- Reset filters button added. ***<span style="color:green"><sup>NEW</sup></span>***
### **CCO Azure Infrastructure Dashboard Version 8.1 Updates**
- Bug fixing 1:1 relationship between Tenants and Subscriptions to M:N relationship.
### **CCO Azure Infrastructure Dashboard Version 8.1 Updates**
- Bug fixing 1:1 relationship between Tenants and Subscriptions to M:N relationship.
### **CCO Azure Infrastructure Dashboard Version 7.1** Updates
- Bug fix [Issue #72](https://github.com/Azure/ccodashboard/issues/72):
- Subscription IDs in **All Subscriptions** table must be uniques.
- One tenant can be managed by one or more tenants (this data now is hidden but it will be used in future releases).
### **CCO Azure Infrastructure Dashboard Version 7.0** Updates
- **Multi tenant feature** ***<span style="color:green"><sup>NEW</sup></span>*** (requires Azure delegated resource management).
- Tenant filtering in all pages.
- Added subscription filtering in IaaS Usage and Limits and IaaS Idle Resources pages.
**IMPORTANT**: You must follow this [procedure](https://docs.microsoft.com/en-us/azure/lighthouse/how-to/onboard-customer) to implement Azure delegated resource management.
### **CCO Azure Infrastructure Dashboard Version 6.3** Updates
- Bug fixing ASC recommendation: Now all the Security Center Recommendations are defined in this [file](/docs/assets/SecRec.md). This file contains all the recommendations from docs.microsoft.com but will be updated by us for consolidating the model and avoid the issues when the official URL is updated.
### **CCO Azure Infrastructure Dashboard Version 6.2** Updates
- Bug fixing ASC recommendation URLs updated.
### **CCO Azure Infrastructure Dashboard Version 6.1** Updates
- Bug fixing ASC recommendation URLs updated.
- Bug fixing IaaS Idle Resources data number color changed from black to white.
### **CCO Azure Infrastructure Dashboard Version 6.0** Updates
**Azure Resources Usage and Limits Page** ***<span style="color:green"><sup>NEW</sup></span>***
- List Compute, Networking and Storage Azure Resources Usage and limits per subscription and region
**Azure Idle Resources identification Page** ***<span style="color:green"><sup>NEW</sup></span>***
- List Idle Public IPs, Network Interfaces and Disks per Subscription
### **CCO Azure Infrastructure Dashboard Version 5.4** Updates
- NSGs bug fixing when NSGs configuration are empty
- Bug fixing number of VNETs per subscription
- Bug Fixing duplicated VNET Peerings count
### **CCO Azure Infrastructure Dashboard Version 5.3** Updates
- Bug fixing issues with ASC Network Recommendations table load from docs.microsoft.com
- Incorporating icons new feature from PowerBI Desktop
### **CCO Azure Infrastructure Dashboard Version 5.2:** New features and updates
**Overview Page**
- New Resource Groups tags counter
- New Subscriptions, RG and Tags Search option
**Tags Overview** ***<span style="color:green"><sup>NEW</sup></span>***
- Filter Resource Groups and Resources with Tags
- Filter Resource Groups and Resources without Tags
- Number of tagged resources by resource type
- Number of untagged resources by resource type
- Search option for Resource Group and Resources tags
**Azure Advisor**
- Performance improvements and bugs fixes
- Simplified recommendations images
- Security recommendations
**Azure Security Center**
- Performance improvements and bugs fixes
- Simplified recommendations images
- Enhanced recommendation types filtering
**Security Alerts**
- Performance improvements and bugs fixes
- Simplified recommendations images
**Compute**
- Performance improvements and bugs fixes
**Networking**
- Performance improvements and bugs fixes
**NSGs** ***<span style="color:green"><sup>NEW</sup></span>***
- NSG rules overview across subscriptions (VMs and Subnets)
- Filter NSGs by subscription, Resource Group, NSG name, Tags, Direction and Ports
**RBAC**
- Performance improvements and bugs fixes
- Filtering RBAC permissions by object type (Users or Groups)
- Search option for Resource Group and users
**RBAC Service Principals** ***<span style="color:green"><sup>NEW</sup></span>***
- Filtering RBAC permissions by Service Principal Type
- Search option for Users and Resource Groups
- Azure Container Images (and source repositories) running on AKS Clusters
- Security recommendations to apply from Azure Security Center
- Service principals (showing assigned RBAC Roles) with cluster permissions
- Azure Container Instances information
- Improved API Rest calls
## Call for contribution

207
Release-Notes.md Normal file
Просмотреть файл

@ -0,0 +1,207 @@
# Release Notes
- [Release Notes](#release-notes)
- [CCO Azure Governance Dashboard](#cco-azure-governance-dashboard)
- [CCO Azure Governance Dashboard Version 2.6 Updates](#cco-azure-governance-dashboard-version-26-updates)
- [CCO Azure Governance Dashboard Version 2.1](#cco-azure-governance-dashboard-version-21)
- [CCO Azure Governance Dashboard Version 2.0](#cco-azure-governance-dashboard-version-20)
- [CCO Azure Infrastructure Dashboard](#cco-azure-infrastructure-dashboard)
- [CCO Azure Infrastructure Dashboard Version 9.1](#cco-azure-infrastructure-dashboard-version-91)
- [CCO Azure Infrastructure Dashboard Version 8.2](#cco-azure-infrastructure-dashboard-version-82)
- [CCO Azure Infrastructure Dashboard Version 8.1](#cco-azure-infrastructure-dashboard-version-81)
- [CCO Azure Infrastructure Dashboard Version 7.1](#cco-azure-infrastructure-dashboard-version-71)
- [CCO Azure Infrastructure Dashboard Version 7.0](#cco-azure-infrastructure-dashboard-version-70)
- [CCO Azure Infrastructure Dashboard Version 6.3](#cco-azure-infrastructure-dashboard-version-63)
- [CCO Azure Infrastructure Dashboard Version 6.2](#cco-azure-infrastructure-dashboard-version-62)
- [CCO Azure Infrastructure Dashboard Version 6.1](#cco-azure-infrastructure-dashboard-version-61)
- [CCO Azure Infrastructure Dashboard Version 6.0](#cco-azure-infrastructure-dashboard-version-60)
- [CCO Azure Infrastructure Dashboard Version 5.4](#cco-azure-infrastructure-dashboard-version-54)
- [CCO Azure Infrastructure Dashboard Version 5.3](#cco-azure-infrastructure-dashboard-version-53)
- [CCO Azure Infrastructure Dashboard Version 5.2](#cco-azure-infrastructure-dashboard-version-52)
- [Overview Page](#overview-page)
- [Tags Overview](#tags-overview)
- [Azure Advisor](#azure-advisor)
- [Azure Security Center](#azure-security-center)
- [Security Alerts](#security-alerts)
- [Compute](#compute)
- [Networking](#networking)
- [NSGs](#nsgs)
- [RBAC](#rbac)
- [RBAC Service Principals](#rbac-service-principals)
- [CCO ADO Contributions Dashboard](#cco-ado-contributions-dashboard)
- [CCO ADO Contributions Dashboard Version 1.0](#cco-ado-contributions-dashboard-version-10)
- [CCO GitHub Contributions Dashboard](#cco-github-contributions-dashboard)
- [CCO GitHub Contributions Dashboard Version 1.0](#cco-github-contributions-dashboard-version-10)
## CCO Azure Governance Dashboard
### CCO Azure Governance Dashboard Version 2.6 Updates
- Governance dashboard policies visuals fix
### CCO Azure Governance Dashboard Version 2.1
- Custom connector and Assessments metadata API Bug fixing
- Azure Policy and Azure Blueprints names changed.
### CCO Azure Governance Dashboard Version 2.0
- US Government region support
- Alignment with Azure Security Benchmarks and Azure Security Center Secure Scores
- New Security & Compliance page
- New Regulatory Standards Forecast page
- Redesigned Azure Blueprints page
- New UX design with latest Azure Portal Icons
- General Bug Fixes and code improvements
## CCO Azure Infrastructure Dashboard
### CCO Azure Infrastructure Dashboard Version 9.1
- New report page available for Azure Web Applications.
- Management Group filtering
- IMPORTANT: Now it requires the Custom connector (mandatory to retrieve the MGs)
### CCO Azure Infrastructure Dashboard Version 8.2
- Bug fix: Maps location problems in Overview, Compute and Usage&Limits resources pages fixed.
- New features:
- Expiration date added to the SPNs.
- Reset filters button added.
### CCO Azure Infrastructure Dashboard Version 8.1
- Bug fixing 1:1 relationship between Tenants and Subscriptions to M:N relationship.
### CCO Azure Infrastructure Dashboard Version 7.1
- Bug fix [Issue #72](https://github.com/Azure/ccodashboard/issues/72):
- Subscription IDs in All Subscriptions table must be uniques.
- One tenant can be managed by one or more tenants (this data now is hidden but it will be used in future releases).
### CCO Azure Infrastructure Dashboard Version 7.0
- Multi tenant feature (requires Azure delegated resource management).
- Tenant filtering in all pages.
- Added subscription filtering in IaaS Usage and Limits and IaaS Idle Resources pages.
IMPORTANT: You must follow this [procedure](https://docs.microsoft.com/en-us/azure/lighthouse/how-to/onboard-customer) to implement Azure delegated resource management.
### CCO Azure Infrastructure Dashboard Version 6.3
- Bug fixing ASC recommendation: Now all the Security Center Recommendations are defined in this [file](./docs/assets/SecRec.md). This file contains all the recommendations from docs.microsoft.com but will be updated by us for consolidating the model and avoid the issues when the official URL is updated.
### CCO Azure Infrastructure Dashboard Version 6.2
- Bug fixing ASC recommendation URLs updated.
### CCO Azure Infrastructure Dashboard Version 6.1
- Bug fixing ASC recommendation URLs updated.
- Bug fixing IaaS Idle Resources data number color changed from black to white.
### CCO Azure Infrastructure Dashboard Version 6.0
Azure Resources Usage and Limits Page
- List Compute, Networking and Storage Azure Resources Usage and limits per subscription and region
Azure Idle Resources identification Page
- List Idle Public IPs, Network Interfaces and Disks per Subscription
### CCO Azure Infrastructure Dashboard Version 5.4
- NSGs bug fixing when NSGs configuration are empty
- Bug fixing number of VNETs per subscription
- Bug Fixing duplicated VNET Peerings count
### CCO Azure Infrastructure Dashboard Version 5.3
- Bug fixing issues with ASC Network Recommendations table load from docs.microsoft.com
- Incorporating icons new feature from PowerBI Desktop
### CCO Azure Infrastructure Dashboard Version 5.2
#### Overview Page
- New Resource Groups tags counter
- New Subscriptions, RG and Tags Search option
#### Tags Overview
- Filter Resource Groups and Resources with Tags
- Filter Resource Groups and Resources without Tags
- Number of tagged resources by resource type
- Number of untagged resources by resource type
- Search option for Resource Group and Resources tags
#### Azure Advisor
- Performance improvements and bugs fixes
- Simplified recommendations images
- Security recommendations
#### Azure Security Center
- Performance improvements and bugs fixes
- Simplified recommendations images
- Enhanced recommendation types filtering
#### Security Alerts
- Performance improvements and bugs fixes
- Simplified recommendations images
#### Compute
- Performance improvements and bugs fixes
#### Networking
- Performance improvements and bugs fixes
#### NSGs
- NSG rules overview across subscriptions (VMs and Subnets)
- Filter NSGs by subscription, Resource Group, NSG name, Tags, Direction and Ports
#### RBAC
- Performance improvements and bugs fixes
- Filtering RBAC permissions by object type (Users or Groups)
- Search option for Resource Group and users
#### RBAC Service Principals
- Filtering RBAC permissions by Service Principal Type
- Search option for Users and Resource Groups
## CCO ADO Contributions Dashboard
### CCO ADO Contributions Dashboard Version 1.0
The version 1.0 of the CCO ADO Contributions Dashboard includes 1 report page. You will be able to navigate, filter and report the following information:
- Number of Projects
- Number of open/closed pull requests
- Average pull requests per day
- Comparison between number of open vs closed pull requests over the last months
- Branches created over the last months
## CCO GitHub Contributions Dashboard
### CCO GitHub Contributions Dashboard Version 1.0
The version 1.0 of the CCO GitHub Contributions Dashboard includes 1 report page. You will be able to navigate, filter and report the following information:
- Number of contributors
- Total number of pull requests
- Number of watchers
- Number of stars
- Number of forks
- Number of clones
- Number of open pull requests
- Average pull requests per day
- Pull requests' lifecycle (in days)
- Comparison between number of open vs closed pull requests over the last months.
- Comparison between number of additions vs deletions per month
- Top contributors measured by changes in their pull requests.

38
dashboards/ADODashboard-Contributors/ADODeploymentGuide.md
Просмотреть файл

@ -1,33 +1,29 @@
# CCO Azure DevOps Contributions Dashboard
### _Navigation_
- [CCO Azure DevOps Contributions Dashboard](#cco-azure-devops-contributions-dashboard)
- [_Navigation_](#navigation)
- [Overview](#overview)
- [Infrastructure](#infrastructure)
- [Deployment](#deployment)
- [Pre-requisites](#pre-requisites)
- [Backend Deployment](#backend-deployment)
- [Back-end Deployment](#back-end-deployment)
- [Dashboard](#dashboard)
## Overview
As part of the Continuous Cloud Optimization solution, a dashboard is included to track the contributions made to a Azure DevOps repository. The objective is to monitor not only the cloud environment, but also all the resources used for its design, deployment and maintenance. This dashboard allows you to monitor different metrics such as:
As part of the Continuous Cloud Optimization Insights solution, a dashboard is included to track the contributions made to a Azure DevOps repository. The objective is to monitor not only the cloud environment, but also all the resources used for its design, deployment and maintenance. This dashboard allows you to monitor different metrics such as:
- Number of Projects
- Number of open/closed pull requests
- Average pull requests per day
- Comparison between number of open vs closed pull requests over the last months
- Branches created over the last months
- ...
An important note about this dashboard is that **this dashboard can be published in the PowerBI online service with auto refresh enabled**. The difference with the current versions of the other CCO dashboards is that, for this one, no dynamic queries are being done directly from the PowerBI file, meaning that it can be published and consumed directly from the [PowerBI online](https://docs.microsoft.com/en-us/power-bi/create-reports/desktop-upload-desktop-files) service.
An important note about this dashboard is that **this dashboard can be published in the PowerBI online service with auto refresh enabled**. The difference with the current versions of the other dashboards of CCO Insights is that, for this one, no dynamic queries are being done directly from the PowerBI file, meaning that it can be published and consumed directly from the [PowerBI online](https://docs.microsoft.com/en-us/power-bi/create-reports/desktop-upload-desktop-files) service.
## Infrastructure
This dashboard requires an infrastructure being deployed in Azure. The infrastructure consists of a Powershell Function App, an Application Insights for monitoring and a Storage Account where results from the Azure DevOps REST API calls will be stored in different tables. The following diagram represents the infrastructure to be deployed.
The CCO Azure DevOps Contributions dashboard requires an infrastructure being deployed in Azure. The infrastructure consists of a Powershell Function App, an Application Insights for monitoring and a Storage Account where results from the Azure DevOps REST API calls will be stored in different tables. The following diagram represents the infrastructure to be deployed.
![GitHub Dashboard Architecture](/install/images/github-dashboard-architecture.png)
![GitHub Dashboard Architecture](../../install/images/github-dashboard-architecture.png)
### Deployment
@ -39,7 +35,7 @@ In order to successfully user the deploy.bicep and workflow provided, you will n
- This repository forked in your own environment.
- An Azure subscription. If you don't have one you can create one for free using this [link](https://azure.microsoft.com/en-us/free/search/?OCID=AID2200258_SEM_069a8abd963111ebbd21e8d33199249f:G:s&ef_id=069a8abd963111ebbd21e8d33199249f:G:s&msclkid=069a8abd963111ebbd21e8d33199249f). If you already have an Azure tenant but you want to create a new subscription you can follow the instructions [here](https://docs.microsoft.com/en-us/azure/cost-management-billing/manage/create-subscription#:~:text=On%20the%20Customers%20page%2C%20select%20the%20customer.%20In,page%2C%20select%20%2B%20Add%20to%20create%20a%20subscription.).
- A [resource group](https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/manage-resource-groups-portal) already created.
- A service principal with Owner permissions in your subscription. You will need owner permissions because as part of the architecture you will be creating a Managed Identity that will require a role assignment to save the retrieved data in the Storage Account. You can create your service principal with Contributor rights by executing the following commands:
- A service principal with Owner permissions in your subscription. You will need owner permissions because as part of the architecture you will be creating a Managed Identity that will require a role assignment to save the retrieved data in the Storage Account. You can create your service principal with Contributor rights by running the following commands:
```sh
az ad sp create-for-rbac --name "<<service-principal-name>>" --role "Contributor" --scopes /subscriptions/<<subscriptionId>> --output "json"
```
@ -62,32 +58,32 @@ In order to successfully user the deploy.bicep and workflow provided, you will n
- In the [local.settings.json](./src/local.settings.json) file, update the values for the `organization`, `resourceGroup` and `storageAccount` with the names you want to configure in your environment. Also, make sure that these names match the values in the [deploy.bicep](./infrastructure/deploy.bicep) file for the same resources.
> Note: The **organization** correponds to the ADO organization from where the information needs to be retrieved.
> Note: The **organization** corresponds to the ADO organization from where the information needs to be retrieved.
#### Backend Deployment
#### Back-end Deployment
In the [infrastructure](./infrastructure/) folder you will find a `deploy.bicep` file which is the template that will be used to deploy the infrastructure. Please, go ahead and update the first two parameters (`name` and `staname`) with your unique values. **Name** will be used to compose the name of all resources except for the storage account, which will leverage the **staname**.
In the [src](./src/) folder you can find the source code that will be deployed in the Function App once the infrastructure is ready. Basically you will deploy two endpoints:
- **InitializeTables**: you will need to run this endpoint once manually to initialize the Storage Account with the required tables and collect all the data history available in the Azure DevOps API.
- **ADODailySync**: this endpoint will be automatically executed in a daily basis and will add more data to the already created storage account tables. If you don't want a daily execution you can update the cron expression in the `function.json` file under the [ADO DailySync folder](./src/ADOs/ADODailySync/).
- **ADODailySync**: this endpoint will be automatically run in a daily basis and will add more data to the already created storage account tables. If you don't want a daily cadence, you can update the cron expression in the `function.json` file under the [ADO DailySync folder](./src/ADOContributions/ADODailySync/).
Finally, if you go to the root folder of the repository you will find the [workflows folder](/.github/workflows/) under the `.github` folder. There you can locate the workflow that you will have to execute to deploy the backend of the dashboard. The only parameter you will need to setup manually while triggering the workflow in the `resourceGroupName` that you created earlier.
Finally, if you go to the root folder of the repository you will find the [workflows folder](../../.github/workflows/) under the `.github` folder. There you can locate the workflow that you will have to run to deploy the back-end of the dashboard. The only parameter you will need to setup manually while triggering the workflow in the `resourceGroupName` that you created earlier.
Now you are ready to deploy your backend in your environment:
![deploy-backend](/install/images/ado-run-workflow.png)
Now you are ready to deploy the back-end solution in your environment:
![deploy-back-end](../../install/images/ado-run-workflow.png)
After successfully deploying the backend go to the Azure portal and manually rung the `InitializeTables` endpoint. Make sure you see the tables in your Storage Account before moving forward.
After successfully deploying the back-end go to the Azure portal and manually rung the `InitializeTables` endpoint. Make sure you see the tables in your Storage Account before moving forward.
![storage-tables](/install/images/ado-storage-tables.png)
![storage-tables](../../install/images/ado-storage-tables.png)
## Dashboard
With the previous backend deployed, you can now download the [ADOContributions v1.0.pbit](./ADOContributions%20v1.0.pbit) and execute it locally. You will be asked to enter:
With the previous back-end deployed, you can now download the [ADOContributions v1.0.pbit](./ADOContributions%20v1.0.pbit) and run it locally. You will be asked to enter:
- The Storage Account name of the Storage Account you deployed.
![Storage Account Name](/install/images/ado-storage-account.png)
![Storage Account Name](../../install/images/ado-storage-account.png)
- The Storage account access key.
After that you will be able to monitor your contributions!
![Ado Contributions](/install/images/Ado-contributions-dashboard.png)
![Ado Contributions](../../install/images/Ado-contributions-dashboard.png)

4
dashboards/ADODashboard-Contributors/src/ADOContributions/profile.ps1
Просмотреть файл

@ -1,13 +1,13 @@
# Azure Functions profile.ps1
#
# This profile.ps1 will get executed every "cold start" of your Function App.
# This profile.ps1 will run every "cold start" of your Function App.
# "cold start" occurs when:
#
# * A Function App starts up for the very first time
# * A Function App starts up after being de-allocated due to inactivity
#
# You can define helper functions, run commands, or specify environment variables
# NOTE: any variables defined that are not environment variables will get reset after the first execution
# NOTE: any variables defined that are not environment variables will get reset after the first run
# Authenticate with Azure PowerShell using MSI.
# Remove this if you are not planning on using MSI or Azure PowerShell.

46
dashboards/CCODashboard-Governance/GovernanceDeploymentGuide.md
Просмотреть файл

@ -1,7 +1,5 @@
# CCO Azure Governance Dashboard
<div style="text-align: justify">
- [CCO Azure Governance Dashboard](#cco-azure-governance-dashboard)
- [Overview](#overview)
- [Requirements](#requirements)
@ -15,8 +13,8 @@
- [Credentials](#credentials)
- [Clean Credentials on the Data Source](#clean-credentials-on-the-data-source)
- [Refresh the dashboard](#refresh-the-dashboard)
- [Credentials for management.azure.com</span> REST API request](#credentials-for-managementazurecomspan-rest-api-request)
- [Credentials for CCO Dashboard Custom Connector](#credentials-for-cco-dashboard-custom-connector)
- [Credentials for management.azure.com REST API request](#credentials-for-managementazurecom-rest-api-request)
- [Credentials for Custom Connector](#credentials-for-custom-connector)
- [Report Pages](#report-pages)
- [Management Groups and Subscriptions Hierarchy Overview page](#management-groups-and-subscriptions-hierarchy-overview-page)
- [Tags and naming standards page](#tags-and-naming-standards-page)
@ -39,7 +37,7 @@ The CCO Azure Governance Dashboard is aligned with the Microsoft Cloud Adoption
## APIs in use
<div style="text-align: justify">The CCO Azure Governance Dashboard Governance pulls the information from several APIs. You can read the public documentation if you need further information about the calls and methods available:
The CCO Azure Governance Dashboard Governance pulls the information from several APIs. You can read the public documentation if you need further information about the calls and methods available:
<br><br>
</div>
@ -56,8 +54,6 @@ The CCO Azure Governance Dashboard is aligned with the Microsoft Cloud Adoption
| [Azure Secure Scores](https://docs.microsoft.com/en-us/rest/api/securitycenter/securescores) |2020-01-01 |2020-01-01|:heavy_check_mark:|
| [Azure Secure Scores Controls](https://docs.microsoft.com/en-us/rest/api/securitycenter/securescorecontrols) |2020-01-01-preview |2020-01-01-preview|:heavy_check_mark:|
<div style="text-align: justify">
API URLs by environment:
| API Name| API URL | Environment|
@ -79,17 +75,17 @@ Registering this Resource Provider has no cost or performance penalty on the sub
# Installing the custom connector
The CCO Azure Governance Dashboard requires to install the Power BI Custom Connector located in the same folder as the CCO Governance Dashboard ([CCoDashboardAzureConnector.mez](/dashboards/CCODashboard-Governance/CcoDashboardAzureConnector.mez)). This Custom Connector allows us to leverage information from Azure Management REST APIs that requires POST methods and errors control
The CCO Azure Governance Dashboard requires to install the Power BI Custom Connector located in the same folder as the CCO Governance Dashboard ([CCoDashboardAzureConnector.mez](../../dashboards/CCODashboard-Governance/CcoDashboardAzureConnector.mez)). This Custom Connector allows us to leverage information from Azure Management REST APIs that requires POST methods and errors control
To install the custom connector you must copy the file [CCoDashboardAzureConnector.mez](/dashboards/CCODashboard-Governance/CcoDashboardAzureConnector.mez) from the **ccodashboard/dashboards/CCODashboard-Governance/** folder to the folder that Power BI creates by default in the Documents folder in your PC. If this folder doesn't exist, you can create a new one with this name.
To install the custom connector you must copy the file [CCoDashboardAzureConnector.mez](../../dashboards/CCODashboard-Governance/CcoDashboardAzureConnector.mez) from the **ccodashboard/dashboards/CCODashboard-Governance/** folder to the folder that Power BI creates by default in the Documents folder in your PC. If this folder doesn't exist, you can create a new one with this name.
The path should be **C:\Users\\%username%\Documents\Power BI Desktop\Custom Connectors** or if you are using onedrive to backup the documents folder this path would not work for you and you should manualy go to your documents folder and create the folder structure there.
The path should be **C:\Users\\%username%\Documents\Power BI Desktop\Custom Connectors** or if you are using OneDrive to backup the documents folder this path would not work for you and you should manually go to your documents folder and create the folder structure there.
![cc](/install/images/customconnectorfolder.PNG)
![cc](../../install/images/customconnectorfolder.PNG)
Then go to Power BI Options and under Global category in the Security section, select **(Not Recommended) Allow any extension to load without validation or warning** and click **OK**.
![cc](/install/images/customconnectorsecurity.PNG)
![cc](../../install/images/customconnectorsecurity.PNG)
# Setting up the CCO Azure Governance Dashboard Governance
@ -103,7 +99,7 @@ Before start loading data you need to select which type of environment you're us
- Select "Global" for Microsoft Azure commercial environments. This is the default selection.
- Select [US-Government](https://docs.microsoft.com/en-us/azure/azure-government/documentation-government-developer-guide) for Azure Us government services. Azure Government is a separate instance of the Microsoft Azure service. It addresses the security and compliance needs of United States federal agencies, state and local governments, and their solution providers.
![selector](/install/images/selectorGov.PNG)
![selector](../../install/images/selectorGov.PNG)
## Modify Privacy settings
@ -125,7 +121,7 @@ In some cases, old credentials are cached by previous logins using Power BI Desk
- Click on **Clear Permissions**.
- Click on **Clear All Permissions**.
![credentials1](/install/images/Credentials1.png) ![credentials2](/install/images/Credentials2.png)
![credentials1](../../install/images/Credentials1.png) ![credentials2](../../install/images/Credentials2.png)
### Refresh the dashboard
@ -133,23 +129,23 @@ If the permissions and credentials are properly flushed it should ask you for cr
- Click on **Refresh**.
![refreshgovernance](/install/images/refreshgovernance1.png)
![refreshgovernance](../../install/images/refreshgovernance1.png)
### Credentials for management.azure.com</span> REST API request
### Credentials for management.azure.com REST API request
- Click on **Organizational Account**.
- Click on **Sign in**.
- Click on **Connect**.
![credentials4](/install/images/Credentials4.png)
![credentials4](../../install/images/Credentials4.png)
### Credentials for CCO Dashboard Custom Connector
### Credentials for Custom Connector
- Click on **Organizational Account**.
- Click on **Sign in**.
- Click on **Connect**.
![cc](/install/images/customconnector.PNG)
![cc](../../install/images/customconnector.PNG)
# Report Pages
@ -159,7 +155,7 @@ If the permissions and credentials are properly flushed it should ask you for cr
In this page, you will be able to identify easily the hierarchy within your environment with the view of the Management Groups and Subscriptions.
It's important to mention that this page just gives you a quick view.
![overview](/install/images/GovernanceOverview.png)
![overview](../../install/images/GovernanceOverview.png)
## Tags and naming standards page
@ -170,7 +166,7 @@ You can filter the information by:
- Management Group with subscriptions
- Subscription
![Tagsoverview](/install/images/TagsOverview.png)
![TagsOverview](../../install/images/TagsOverview.png)
## Azure Regulatory Standards Forecast
@ -182,7 +178,7 @@ You can filter the information by:
- Regulatory Compliance
- Assessment Category
![regulatorycompliance](/install/images/regulatorycompliance.png)
![regulatorycompliance](../../install/images/regulatorycompliance.png)
## Azure Resources Security & Compliance page
@ -196,7 +192,7 @@ You can filter the information by:
- Secure Controls
- Policy Category
![regulatorycomplianceresources](/install/images/regulatorycomplianceresources.png)
![regulatory compliance resources](../../install/images/regulatorycomplianceresources.png)
## Azure Policies page
@ -210,7 +206,7 @@ You can filter the information by:
If you navigate to a impacted resource you will see a quick description of the applied policies.
![policies](/install/images/governancePolicies.png)
![policies](../../install/images/governancePolicies.png)
## Azure Blueprints page
@ -221,4 +217,4 @@ You can filter the information by:
- Subscription with assigned blueprints
- Blueprint Definition
![governanceSubsBlueprints](/install/images/governanceSubsBlueprints.png)
![governanceSubsBlueprints](../../install/images/governanceSubsBlueprints.png)

71
dashboards/CCODashboard-Infra/InfraDeploymentGuide.md
Просмотреть файл

@ -1,7 +1,5 @@
# CCO Azure Infrastructure Dashboard
<div style="text-align: justify">
- [CCO Azure Infrastructure Dashboard](#cco-azure-infrastructure-dashboard)
- [Overview](#overview)
- [Requirements](#requirements)
@ -11,14 +9,15 @@
- [Generating Azure Advisor recommendations manually](#generating-azure-advisor-recommendations-manually)
- [Azure Security Center Recommendations](#azure-security-center-recommendations)
- [Setting up the Continuous Cloud Optimization Azure Infrastructure Power BI Dashboard](#setting-up-the-continuous-cloud-optimization-azure-infrastructure-power-bi-dashboard)
- [Template download](#template-download)
- [Environment selection](#environment-selection)
- [Modify Privacy settings](#modify-privacy-settings)
- [Credentials](#credentials)
- [Clean Credentials on the Data Source](#clean-credentials-on-the-data-source)
- [Refresh the dashboard](#refresh-the-dashboard)
- [Credentials for <span>management.azure.com</span> REST API request:](#credentials-for-managementazurecom-rest-api-request)
- [Credentials for <span>graph.windows.net</span> API](#credentials-for-graphwindowsnet-api)
- [Credentials for <span>api.loganalytics.io</span> API](#credentials-for-apiloganalyticsio-api)
- [Credentials for management.azure.com REST API request:](#credentials-for-managementazurecom-rest-api-request)
- [Credentials for graph.windows.net API](#credentials-for-graphwindowsnet-api)
- [Credentials for api.loganalytics.io API](#credentials-for-apiloganalyticsio-api)
- [Enter Access Web content credentials](#enter-access-web-content-credentials)
- [Report Pages](#report-pages)
- [CCO Azure Infrastructure Dashboard overview page](#cco-azure-infrastructure-dashboard-overview-page)
@ -60,7 +59,7 @@ Below you can find the list of providers and the actions that you will need to p
|*|*/Read|
## APIs in use
<div style="text-align: justify">
The CCO Azure Infrastructure Dashboard pulls the information from several APIs. You can read the public documentation if you need further information about the calls and methods available:
<br><br>
</div>
@ -84,8 +83,6 @@ The CCO Azure Infrastructure Dashboard pulls the information from several APIs.
| <span style="color:#0088cc">Log Analytics Rest API </span> ([1](https://docs.microsoft.com/en-us/rest/api/loganalytics/), [2](https://dev.loganalytics.io/)) |v1 |v1|:heavy_check_mark:|
| [Azure Active Directory Graph API](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-graph-api) | 1.6|1.6 |:heavy_check_mark:|
<div style="text-align: justify">
API URLs by environment:
| API Name| API URL | Environment|
@ -109,14 +106,14 @@ Registering these 2 Resource Providers has no cost or performance penalty on the
4. Click on **Microsoft.Advisor** and **Register**.
5. Click on **Microsoft.Security** and **Register**.
![resource providers](/install/images/resourceproviders.png)
![resource providers](../../install/images/resourceproviders.png)
## Azure Advisor Recommendations
Azure Advisor is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. It analyzes your resource configuration and usage telemetry. It then recommends solutions to help improve the performance, security, and high availability of your resources while looking for opportunities to reduce your overall Azure spend.
The Continuous Optimization Power BI Dashboard will directly pull data from Azure Advisor REST APIs to aggregate all the information across the Azure account subscriptions. This requires generating the recommendations before the first time we load the template else the Dashboard will be empty or will fail because it was unable to download any data.
To do so, you need to generate the recommendations for the first time manually from the Azure Portal, or programmatically using the script [GenerateAllSubscriptionsAdvisorRecommendations.ps1](/install/scripts/GenerateAllSubsAdvisorRecommendations.ps1)
To do so, you need to generate the recommendations for the first time manually from the Azure Portal, or programmatically using the script [GenerateAllSubscriptionsAdvisorRecommendations.ps1](../../install/scripts/GenerateAllSubsAdvisorRecommendations.ps1)
### Generating Azure Advisor recommendations manually
@ -128,11 +125,11 @@ Open the Azure Portal with your Azure Account http://portal.azure.com
4. Wait until the recommendations for the selected subscriptions has been loaded.
5. Repeat these steps for each subscription you want to generate Azure Advisor recommendations.
![AdvisorRecommendations](/install/images/AdvisorRecommendations.png)
![AdvisorRecommendations](../../install/images/AdvisorRecommendations.png)
## Azure Security Center Recommendations
Azure Security Center provides unified security management and advanced threat protection for workloads running in Azure, on-premises, and in other clouds. It delivers visibility and control over hybrid cloud workloads, active defence that reduces your exposure to threats, and intelligent detection to help you keep pace with rapidly evolving cyber-attacks.
Azure Security Center provides unified security management and advanced threat protection for workloads running in Azure, on-premises, and in other clouds. It delivers visibility and control over hybrid cloud workloads, active defense that reduces your exposure to threats, and intelligent detection to help you keep pace with rapidly evolving cyber-attacks.
You can find more information at the official Azure Security Center site [here](https://docs.microsoft.com/en-us/azure/security-center/security-center-intro).
@ -152,7 +149,7 @@ The following picture shows the steps to configure Azure Security Center plan fo
3. Click on **Select the subscription you want to configure**.
4. Click on **Free** or **Standard** plan and the click **Save**.
![SecurityCenterStandardRecommendations](/install/images/EnableSecurityCenterStandard.png)
![SecurityCenterStandardRecommendations](../../install/images/EnableSecurityCenterStandard.png)
# Setting up the Continuous Cloud Optimization Azure Infrastructure Power BI Dashboard
@ -167,7 +164,7 @@ Before start loading data you need to select which type of environment you're us
- Select [US-Government](https://docs.microsoft.com/en-us/azure/azure-government/documentation-government-developer-guide) for Azure Us government services. Azure Government is a separate instance of the Microsoft Azure service. It addresses the security and compliance needs of United States federal agencies, state and local governments, and their solution providers.
- **Preview feature:** Select [China](https://docs.microsoft.com/en-us/azure/china/resources-developer-guide) to load data from cloud applications in Microsoft Azure operated by 21Vianet (Azure China).
![selector](/install/images/selector.png)
![selector](../../install/images/selector.png)
## Modify Privacy settings
@ -189,7 +186,7 @@ In some cases, old credentials are cached by previous logins using Power BI Desk
- Click on **Clear Permissions**.
- Click on **Clear All Permissions**.
![credentials1](/install/images/Credentials1.png) ![credentials2](/install/images/Credentials2.png)
![credentials1](../../install/images/Credentials1.png) ![credentials2](../../install/images/Credentials2.png)
### Refresh the dashboard
@ -197,39 +194,39 @@ If the permissions and credentials are properly flushed it should ask you for cr
- Click on **Refresh**.
![credentials3](/install/images/Credentials3.png)
![credentials3](../../install/images/Credentials3.png)
### Credentials for <span>management.azure.com</span> REST API request:
### Credentials for management.azure.com REST API request:
- Click on **Organizational Account**.
- Click on **Sign in**.
- Click on **Connect**.
![credentials4](/install/images/Credentials4.png)
![credentials4](../../install/images/Credentials4.png)
### Credentials for <span>graph.windows.net</span> API
### Credentials for graph.windows.net API
- Click on **Organizational Account**.
- Click on **Sign in**.
- Click on **Connect**.
![credentials5](/install/images/Credentials5.png)
![credentials5](../../install/images/Credentials5.png)
### Credentials for <span>api.loganalytics.io</span> API
### Credentials for api.loganalytics.io API
- Click on **Organizational Account**.
- Click on **Sign in**.
- Click on **Connect**.
![loganalytics](/install/images/loganalyticsAPI.PNG)
![loganalytics](../../install/images/loganalyticsAPI.PNG)
### Enter Access Web content credentials
- Make sure that you select **Organization account** type.
- Click on **Sign in**.
![credentials7](/install/images/Credentials7.png)
![credentials7](../../install/images/Credentials7.png)
@ -246,7 +243,7 @@ You can filter the information by:
- Subscription
- Resource Tags
![overview](/install/images/OverviewImage.png)
![overview](../../install/images/OverviewImage.png)
## Azure Advisor Recommendations page
@ -262,7 +259,7 @@ It will also give a high-level overview of what subscriptions require more atten
If you navigate to a impacted resource you will see a quick description, potential solution and in some cases a link to a website where you can find all the steps to solve the problem.
![advisor](/install/images/Advisor.png)
![advisor](../../install/images/Advisor.png)
## Azure Security Center Alerts page
@ -275,7 +272,7 @@ You can filter the information by:
- Attack type
- Data range
![security Center alerts](/install/images/SecurityCenterAlerts.png)
![security Center alerts](../../install/images/SecurityCenterAlerts.png)
## Azure Compute Overview page
@ -288,7 +285,7 @@ You can filter the information by:
- Resource Group
- Vm extension
![azurecompute](/install/images/AzureCompute.png)
![azure compute](../../install/images/AzureCompute.png)
## Azure VNETs and Subnets Recommendations page
@ -303,7 +300,7 @@ You can filter the information by:
- Subnet
- Networking Interface
![azure networking](/install/images/AzureNetworking.png)
![azure networking](../../install/images/AzureNetworking.png)
**IMPORTANT**: It is important to mention that although a VNET with only one subnet might not be an issue, it might be a good lead to investigate if that is the best network segmentation for the applications running on it.
@ -320,7 +317,7 @@ You can filter the information by:
- Subnet
- NSG assignment
![azure NSGs](/install/images/NSGs.png)
![azure NSGs](../../install/images/NSGs.png)
## Role Based Access Control page
@ -333,7 +330,7 @@ You can filter the information by:
- Object type
- User
![azure rbac](/install/images/RBAC.png)
![azure rbac](../../install/images/RBAC.png)
## Service Principal Role Based Access Control page
@ -346,7 +343,7 @@ You can filter the information by:
- Object type
- User
![azure rbacSP](/install/images/RBACServicePrincipals.png)
![azure rbacSP](../../install/images/RBACServicePrincipals.png)
## IaaS Usage and Limits page
@ -358,7 +355,7 @@ You can filter the information by:
- Subscription
- Azure Region
![azure Idle](/install/images/UsageAndLimits.png)
![azure Idle](../../install/images/UsageAndLimits.png)
## IaaS Idle Resources Dashboard page
@ -369,18 +366,18 @@ You can filter the information by:
- Tenant
- Subscription
![azure Idle](/install/images/IdleResources.png)
![azure Idle](../../install/images/IdleResources.png)
## Azure Kubernetes Service Dashboard Overview page
In this page, you will be able to identify the number of AKS Clusters, Nodes, Pods, Containers, Service Principals and Azure Security Center recommedations. Its important to mention that this tab just gives you a quick view. All the detailed information will be available in the following tab.
In this page, you will be able to identify the number of AKS Clusters, Nodes, Pods, Containers, Service Principals and Azure Security Center recommendations. Its important to mention that this tab just gives you a quick view. All the detailed information will be available in the following tab.
You can filter the information by:
- Subscription
- AKS Cluster
![aks](/install/images/aks.PNG)
![aks](../../install/images/aks.PNG)
**IMPORTANT**: to receive all the information related to the Pods, Containers and Container Images a log analytics workspace configured **is required**.
</div>
@ -399,7 +396,7 @@ You can filter the information by:
**IMPORTANT**: to receive all the information related to the Pods, Containers and Container Images a log analytics workspace configured **is required**.
</div>
![aks](/install/images/aks2.png)
![aks](../../install/images/aks2.png)
# Scripts
@ -555,7 +552,7 @@ $providers | %{
"type": "Microsoft.Authorization/roleDefinitions",
"apiVersion": "2017-09-01",
"properties": {
"Name": "Continous Optimization Dashboard Reader",
"Name": "Continuous Optimization Dashboard Reader",
"Id": null,
"IsCustom": true,
"Description": "Can read Resources, Azure Security Center and Advisor Information",

28
dashboards/GitHubDashboard-Contributors/GitHubDeploymentGuide.md
Просмотреть файл

@ -1,9 +1,6 @@
# CCO GitHub Contributions Dashboard
### _Navigation_
- [CCO GitHub Contributions Dashboard](#cco-github-contributions-dashboard)
- [_Navigation_](#navigation)
- [Overview](#overview)
- [Infrastructure](#infrastructure)
- [Deployment](#deployment)
@ -13,21 +10,20 @@
## Overview
As part of the Continuous Cloud Optimization solution, a dashboard is included to track the contributions made to a GitHub repository. The objective is to monitor not only the cloud environment, but also all the resources used for its design, deployment and maintenance. This dashboard allows you to monitor different metrics such as:
As part of the Continuous Cloud Optimization Insights solution, a dashboard is included to track the contributions made to a GitHub repository. The objective is to monitor not only the cloud environment, but also all the resources used for its design, deployment and maintenance. This dashboard allows you to monitor different metrics such as:
- Number of contributors
- Number of open pull requests
- Average pull requests per day
- Pull requests' lifecycle (in days)
- Comparison between number of open vs closed pull requests over the last months
- ...
An important note about this dashboard is that **this dashboard can be published in the PowerBI online service with auto refresh enabled**. The difference with the current versions of the other CCO dashboards is that, for this one, no dynamic queries are being done directly from the PowerBI file, meaning that it can be published and consumed directly from the [PowerBI online](https://docs.microsoft.com/en-us/power-bi/create-reports/desktop-upload-desktop-files) service.
An important note about this dashboard is that **this dashboard can be published in the PowerBI online service with auto refresh enabled**. The difference with the current versions of the other dashboards of CCO Insights is that, for this one, no dynamic queries are being done directly from the PowerBI file, meaning that it can be published and consumed directly from the [PowerBI online](https://docs.microsoft.com/en-us/power-bi/create-reports/desktop-upload-desktop-files) service.
## Infrastructure
This dashboard requires an infrastructure being deployed in Azure. The infrastructure consists of a Powershell Function App, an Application Insights for monitoring and a Storage Account where results from the GitHub REST API calls will be stored in different tables. The following diagram represents the infrastructure to be deployed.
![GitHub Dashboard Architecture](/install/images/github-dashboard-architecture.png)
![GitHub Dashboard Architecture](../../install/images/github-dashboard-architecture.png)
### Deployment
@ -39,7 +35,7 @@ In order to successfully user the deploy.bicep and workflow provided, you will n
- This repository forked in your own environment.
- An Azure subscription. If you don't have one you can create one for free using this [link](https://azure.microsoft.com/en-us/free/search/?OCID=AID2200258_SEM_069a8abd963111ebbd21e8d33199249f:G:s&ef_id=069a8abd963111ebbd21e8d33199249f:G:s&msclkid=069a8abd963111ebbd21e8d33199249f). If you already have an Azure tenant but you want to create a new subscription you can follow the instructions [here](https://docs.microsoft.com/en-us/azure/cost-management-billing/manage/create-subscription#:~:text=On%20the%20Customers%20page%2C%20select%20the%20customer.%20In,page%2C%20select%20%2B%20Add%20to%20create%20a%20subscription.).
- A [resource group](https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/manage-resource-groups-portal) already created.
- A service principal with Owner permissions in your subscription. You will need owner permissions because as part of the architecture you will be creating a Managed Identity that will require a role assignment to save the retrieve data in the Storage Account. You can create your service principal with Contributor permissions by executing the following commands:
- A service principal with Owner permissions in your subscription. You will need owner permissions because as part of the architecture you will be creating a Managed Identity that will require a role assignment to save the retrieve data in the Storage Account. You can create your service principal with Contributor permissions by running the following commands:
```sh
az ad sp create-for-rbac --name "<<service-principal-name>>" --role "Contributor" --output "json"
```
@ -61,7 +57,7 @@ In order to successfully user the deploy.bicep and workflow provided, you will n
| admin:org | Full control of orgs and teams, read and write org projects |
- In the [local.settings.json](./src/local.settings.json) file, update the values for the `owner`, `repository`, `resourceGroup` and `storageAccount` with the names you want to configure in your environment. Also, make sure that these names match the values in the [deploy.bicep](./infrastructure/deploy.bicep) file for the same resources.
> Note: The **owner** and **repository** names correpond to the GitHub organization and repository name from where the information needs to be retrieved.
> Note: The **owner** and **repository** names correspond to the GitHub organization and repository name from where the information needs to be retrieved.
#### Backend Deployment
@ -69,24 +65,24 @@ In the [infrastructure](./infrastructure/) folder you will find a `deploy.bicep`
In the [src](./src/) folder you can find the source code that will be deployed in the Function App once the infrastructure is ready. Basically you will deploy two endpoints:
- **InitializeTables**: you will need to run this endpoint once manually to initialize the Storage Account with the required tables and collect all the data history available in the GitHub API.
- **GitHubDailySync**: this endpoint will be automatically executed in a daily basis and will add more data to the already created storage account tables. If you don't want a daily execution you can update the cron expression in the `function.json` file under the [GitHub DailySync folder](./src/GitHubContributions/GitHubDailySync/).
- **GitHubDailySync**: this endpoint will be automatically run in a daily basis and will add more data to the already created storage account tables. If you don't want a daily cadence you can update the cron expression in the `function.json` file under the [GitHub DailySync folder](./src/GitHubContributions/GitHubDailySync/).
Finally, if you go to the root folder of the repository you will find the [workflows folder](/.github/workflows/) under the `.github` folder. There you can locate the workflow that you will have to execute to deploy the backend of the dashboard. The only parameter you will need to setup manually while triggering the workflow in the `resourceGroupName` that you created earlier.
Finally, if you go to the root folder of the repository you will find the [workflows folder](../../.github/workflows/) under the `.github` folder. There you can locate the workflow that you will have to run to deploy the backend of the dashboard. The only parameter you will need to setup manually while triggering the workflow in the `resourceGroupName` that you created earlier.
Now you are ready to deploy your backend in your environment:
![deploy-backend](/install/images/run-workflow.jpg)
![deploy-backend](../../install/images/run-workflow.jpg)
After successfully deploying the backend go to the Azure portal and manually rung the `InitializeTables` endpoint. Make sure you see the tables in your Storage Account before moving forward.
![storage-tables](/install/images/storage-tables.jpg)
![storage-tables](../../install/images/storage-tables.jpg)
## Dashboard
With the previous backend deployed, you can now download the [GitHubContributions v1.0.pbit](./GitHubContributions%20v1.0.pbit) and execute it locally. You will be asked to enter:
With the previous backend deployed, you can now download the [GitHubContributions v1.0.pbit](./GitHubContributions%20v1.0.pbit) and run it locally. You will be asked to enter:
- The Storage Account name of the Storage Account you deployed.
![Storage Account Name](/install/images/github-storage-account.jpg)
![Storage Account Name](../../install/images/github-storage-account.jpg)
- The Storage account access key.
After that you will be able to monitor your contributions!
![GitHub Contributions](/install/images/Github-contributions-dashboard.jpg)
![GitHub Contributions](../../install/images/Github-contributions-dashboard.jpg)

4
dashboards/GitHubDashboard-Contributors/src/GitHubContributions/profile.ps1
Просмотреть файл

@ -1,13 +1,13 @@
# Azure Functions profile.ps1
#
# This profile.ps1 will get executed every "cold start" of your Function App.
# This profile.ps1 will run every "cold start" of your Function App.
# "cold start" occurs when:
#
# * A Function App starts up for the very first time
# * A Function App starts up after being de-allocated due to inactivity
#
# You can define helper functions, run commands, or specify environment variables
# NOTE: any variables defined that are not environment variables will get reset after the first execution
# NOTE: any variables defined that are not environment variables will get reset after the first run
# Authenticate with Azure PowerShell using MSI.
# Remove this if you are not planning on using MSI or Azure PowerShell.

75
install/TroubleshootingGuide.md
Просмотреть файл

@ -1,50 +1,49 @@
# CCO Dashboard Troubleshooting guide
<div style="text-align: justify">
# CCO Insights Troubleshooting guide
## Introduction
The Continuous Cloud Optimization Power BI Dashboard development started about a year ago. During all this time the project team and some Microsoft Services folks have been piloting and testing different versions of the Dashboards until the latest version was published in here (v4.0). We have been able to identify and fix several bugs or product limitations and we would like to encourage you to read this document before running the Dashboard.
During the continued development of CCO Insights, we have been able to identify and fix several bugs or product limitations and we would like to encourage you to read this document before starting to leverage the solution.
- ## List of known issues or limitations
- [Which Power BI Desktop version I should use?](TroubleshootingGuide.md#which-power-bi-desktop-version-i-should-use-microsoft-store-or-web-download) (Microsoft Store or Web Download)
- [Power BI Regional Settings](TroubleshootingGuide.md#power-bi-regional-settings-maps-visualizations-incorrectly-locate-resources-or-vnet-peerings)
(Maps Visualizations incorrectly locate resources or VNET peerings)
- [Graph REST API credentials error](TroubleshootingGuide.md#graph-rest-api-credentials-error)
## List of known issues or limitations
- [Which Power BI Desktop version I should use?](TroubleshootingGuide.md#which-power-bi-desktop-version-i-should-use-microsoft-store-or-web-download) (Microsoft Store or Web Download)
- [Power BI Regional Settings](TroubleshootingGuide.md#power-bi-regional-settings-maps-visualizations-incorrectly-locate-resources-or-vnet-peerings)
(Maps Visualizations incorrectly locate resources or VNET peerings)
- [Graph REST API credentials error](TroubleshootingGuide.md#graph-rest-api-credentials-error)
- [Privacy Levels across Data Sources not configured properly](TroubleshootingGuide.md#privacy-levels-across-data-sources-not-configured-properly)
- [Privacy Levels across Data Sources not configured properly](TroubleshootingGuide.md#privacy-levels-across-data-sources-not-configured-properly)
- [RBAC information is empty or blank](TroubleshootingGuide.md#rbac-information-is-empty-or-blank)
- [RBAC information is empty or blank](TroubleshootingGuide.md#rbac-information-is-empty-or-blank)
- [Management Groups - Access to the resource is forbidden error](TroubleshootingGuide.md#Management-Groups-Access-to-the-resource-is-forbidden-error)
- [Management Groups - Access to the resource is forbidden error](TroubleshootingGuide.md#management-groups-access-to-the-resource-is-forbidden-error)
- [Log Analytics REST API timeout (CCO AKS dashboard add-on only)](TroubleshootingGuide.md#log-analytics-rest-api-timeout-cco-aks-dashboard-add-on-only)
- [Data Model Relationships missing](TroubleshootingGuide.md#data-model-relationships-missing)
- [Log Analytics REST API timeout (CCO Dashboard AKS add on only)](TroubleshootingGuide.md#log-analytics-rest-api-timeout-cco-dashboard-aks-add-on-only)
- [Errors regarding missing 'column1' on refresh](#errors-regarding-missing-column1-on-refresh)
- [Data Model Relationships missing](TroubleshootingGuide.md#data-model-relationships-missing)
- [Errors regarding missing 'column1' on refresh](#errors-regarding-missing-column1-on-refresh)
We will keep updating this list of known issues as soon as we get more feedback from the community....
We will keep updating this list of known issues as soon as we get more feedback from the community.
----------------------------------
#### Which Power BI Desktop version I should use? (Microsoft Store or Web Download)
### Which Power BI Desktop version I should use? (Microsoft Store or Web Download)
Based on our experience we highly recommend to use the Power BI Desktop version from the Microsoft Store to get automatic updates. The following article explains the main difference between both options. https://docs.microsoft.com/en-us/power-bi/desktop-get-the-desktop <br>
Make sure that you don't have both versions installed on the computer where you plan to run the CCO Dashboard.
Make sure that you don't have both versions installed on the computer where you plan to use CCO Insights.
#### Power BI Regional Settings (Maps Visualizations incorrectly locate resources or VNET peerings)
### Power BI Regional Settings (Maps Visualizations incorrectly locate resources or VNET peerings)
It might happen then when you run the Dashboard using different regional settings some coordinates are not calculated properly. The CCO Dashboard development has been based on English US regional settings. Make sure that you set the Regional Settings to use English (United States) on the application language on both Global and Current File options. If the current file has a different configuration you will need to change to English US, export the file as template again, and then open it from your computer
It might happen then when you run the Dashboard using different regional settings some coordinates are not calculated properly. CCO Insights' development has been based on English US regional settings. Make sure that you set the Regional Settings to use English (United States) on the application language on both Global and Current File options. If the current file has a different configuration you will need to change to English US, export the file as template again, and then open it from your computer
<p align="center">
<img src="/install/images/locale_options_powerBI.PNG">
</p>
#### Graph REST API credentials error
### Graph REST API credentials error
During the first run of the CCO Dashboard template you should be prompted to enter the credentials for both the Azure Management REST API and the GRAPH REST API. You might get the error message from below if you incorrectly enter your credentials. Also, in some cases, during the first execuction Power BI will not ask for credentials because they are already cached by some other Power BI Dashboard execution accessing the same APIs.
During the first use of the CCO Insights templates you should be prompted to enter the credentials for both the Azure Management REST API and the GRAPH REST API. You might get the error message from below if you incorrectly enter your credentials. Also, in some cases, during the first run, Power BI will not ask for credentials because they are already cached by a previous use of another Power BI Dashboard accessing the same APIs.
![graph apil](/install/images/WrongTenantNameError.png)
![graph apil](../install/images/WrongTenantNameError.png)
![graph apil](/install/images/problem_graph_api.png)
![graph apil](../install/images/problem_graph_api.png)
If that happens you will need to manually set the proper credentials for the GRAPH REST API Data Source.
To do this you must follow this steps:
@ -59,7 +58,7 @@ To do this you must follow this steps:
<img src="/install/images/Credentials5.png">
</p>
#### Privacy Levels across Data Sources not configured properly
### Privacy Levels across Data Sources not configured properly
Another credentials issue we identified during our pilots is that in some cases the end user didn't setup the Privacy levels correctly getting the following error
@ -75,41 +74,41 @@ This is an example of a wrong Privacy Levels configuration across Data Sources.
</p>
#### RBAC information is empty or blank
### RBAC information is empty or blank
Everytime you run the Dashboard from the .pbit template you will be asked to enter the Tenant parameter. This parameter is critical to properly get your RBAC information. If this parameter is entered incorrectly but the tenant exists it will load the Dashboard information with blank information on the RBAC page or the Subscriptions Owners visualization on the Overview page
Every time you run the Dashboard from the .pbit template you will be asked to enter the Tenant parameter. This parameter is critical to properly get your RBAC information. If this parameter is entered incorrectly but the tenant exists it will load the Dashboard information with blank information on the RBAC page or the Subscriptions Owners visualization on the Overview page
![Wrong Tenant Name](/install/images/RBACwrongTenantName.PNG)
![Wrong Tenant Name](../install/images/RBACwrongTenantName.PNG)
#### Management Groups Access to the resource is forbidden error
### Management Groups Access to the resource is forbidden error
Management Groups in Azure is a relatively new capability and some users reported the following error when loading the Dashboard for the first time. The reason behind that error can be the lack of permissions but also because there is no Management Groups definition.
![Management Groups access forbidden](/install/images/MGForbiddenAccessError.png)
![Management Groups access forbidden](../install/images/MGForbiddenAccessError.png)
If that is the case and you are still not using Management Groups in your environment you can simply open the Query Editor, browse to the Management Groups query on the left side panel and disable the query. You will need to refresh all the data once this change is applied.
![Management Groups access forbidden workaround](/install/images/MGQueryDisabled.png)
![Management Groups access forbidden workaround](../install/images/MGQueryDisabled.png)
#### Log Analytics REST API timeout (CCO Dashboard AKS add on only)
### Log Analytics REST API timeout (CCO AKS dashboard add-on only)
Depending on the number of records we have in log analytics, we can obtain a timeout during the refresh.
The solution is to wait a few minutes and launch a new refresh.
#### Data Model Relationships missing
### Data Model Relationships missing
In some ocasions when having both Power BI Desktop versions installed on the computer we have seen the Data Relationship model to dissapear. If that happens you can use the following reference to manually reconfigure the relationship between tables. It should also help you to understand how we defined the Data Model in case you want to expand the default content
In some occasions when having both Power BI Desktop versions installed on the computer we have seen the Data Relationship model to disappear. If that happens you can use the following reference to manually reconfigure the relationship between tables. It should also help you to understand how we defined the Data Model in case you want to expand the default content
Governance:
![relationship model](/install/images/RelationshipsModelGovernance.PNG)
![relationship model](../install/images/RelationshipsModelGovernance.PNG)
Infrastructure:
![relationship model](/install/images/RelationshipsModelInfrastructure.PNG)
![relationship model](../install/images/RelationshipsModelInfrastructure.PNG)
#### Errors regarding missing `column1` on refresh
### Errors regarding missing `column1` on refresh
Try using a native user account to the AAD tenant you are connecting to instead of a guest user account.