Skip to content

Latest commit

 

History

History
215 lines (150 loc) · 16.2 KB

File metadata and controls

215 lines (150 loc) · 16.2 KB
title description author ms.component ms.topic ms.date ms.subservice ms.author ms.reviewer search.audienceType
Set up the CoE Starter Kit | MicrosoftDocs
Prerequisites and instructions for setting up the Center of Excellence (CoE) Starter Kit for adopting and supporting Microsoft Power Platform, with a focus on Power Apps and Power Automate
manuelap-msft
pa-admin
conceptual
08/02/2023
guidance
mapichle
sericks
admin

Before setting up the CoE Starter Kit

The Center of Excellence (CoE) Starter Kit is a collection of components and tools to help you get started with developing a strategy for adopting and supporting Microsoft Power Platform, with a focus on Power Apps and Power Automate. For more information about individual components, see CoE Starter Kit explained

This article prepares you to install the CoE Starter Kit and provides guidance on:

  • The identity used to install and run the solutions.
  • The environment type to use for your solutions.
  • All prerequisites needed to use the CoE Starter Kit.

Which identity should I use to install the CoE Starter Kit?

The CoE Starter Kit requires access to your tenant's Power Platform environments. Therefore, the identity you set up for the CoE Starter Kit needs the following licenses and roles:

  • Microsoft Power Platform service admin or global tenant admin.

    [!NOTE] Dynamics 365 service admin doesn't work, since it:

    • Can't gather all environment types, for example the teams type.
    • Doesn't allow privilege escalation.
  • Power Apps Per User license (nontrial) and Microsoft 365 license.

  • Power Automate Per User license, or Per Flow licenses (nontrial).

  • Power BI Premium per user or per capacity (if using Data Export for inventory)

  • The identity must have access to an Office 365 mailbox that meets all requirements to use the Office 365 Outlook connector.

  • If you'd like to collect usage information, such as app launches and unique users per app, you must have access to an Azure app registration. The app registrations need to have permissions to read data from the Microsoft 365 audit log to complete the setup. You only need this app registration if you're using Cloud flows for inventory.

  • If you'd like to share the Power BI report that's part of the CoE Starter Kit, this identity needs to have the Power BI Pro license.

These roles and licenses must be available to a user directly and permanently.

:::image type="content" source="media/ppadminrole.png" alt-text="Screenshot of the Power Platform admin center environments overview." lightbox="media/ppadminrole.png":::

Configure multifactor authentication for the account by following the recommended settings for conditional access and multifactor authentication in Power Automate.

How to communicate with your admins, makers, and users

Consider how you want to communicate with different groups of people, or personas, before you start the setup:

  • Admin persona
    • Power Platform admins communicate with each other.
    • Power Platform makers contact Power Platform admins.
  • Maker persona
    • Power Platform admins contact Power Platform makers.
    • Power Platform makers communicate with each other.
  • User persona
    • Power Platform admins contact Power Platform users.

We recommend using three Microsoft 365 groups, one for each persona. This group type is an email-enabled security group and can be associated with a Microsoft team for collaboration between the people in the group.

Important

As part of the inventory of a tenants Power Platform resources, makers are added to the group you define for the Power Platform Maker persona.

To add makers to the group, the admin or service account setting up the inventory components needs to be an owner of the group. You can share apps and other resources relevant to makers with this group.

Individual as an admin

Some processes in the CoE Starter Kit send Power Automate Approvals and Adaptive Cards for Microsoft Teams. These cards can't be assigned to a group.

You need an individual named admin to receive these communications:

  • Individual to receive chat bot chats
  • Individual to receive approvals

What data source should I use for my Power Platform inventory?

At the heart of the CoE Starter Kit are processes that gather information about your Power Platform inventory to provide processes to manage, govern, and nurture Power Platform adoption in your tenant.

The CoE Starter Kit offers two mechanisms to gather this data:

  • Data Export (preview)

    You can export Power Platform inventory and usage data directly into Azure Data Lake Storage using the Data Export feature in the Power Platform admin center. Since the admin center provides the data, this mechanism is high in performance. Data Export must be configured in advance from the Power Platform Admin Center to use this option.

    [!IMPORTANT] The CoE Starter Kit using data provided by Data Export for inventory is currently in experimental preview. We recommend to first test the kit in a dedicated test environment. Trying this feature helps us validate that the feature meets your needs and prevents unintended side effects.

    For more information, see Try out the Data Export feature.

  • Cloud flows

    Cloud flows use Power Platform admin connectors to query and crawl your tenant and store inventory and usage data in Dataverse tables.

    This method is suitable for small to medium sized tenants but can cause performance issues in tenants where Power Platform inventory exceeds 10,000 objects (combined number of environments, apps, flows).

How can I try out the Data Export feature?

  1. Enable the Data Export feature in your tenant.

    Proceed with the CoE Starter Kit configuration only when you see inventory data files in your storage account. The initial data export can take up to five days.

  2. Download the version of the CoE Starter Kit that integrates with Data Export and use the setup wizard to configure the feature in your tenant.

  3. Post your feedback by raising an issue on GitHub. Your feedback is critical to this process.

For more information, see Frequently asked questions about the Data Export integration.

Plan your upgrade strategy

A new version of the CoE Starter Kit is released monthly, usually in the first full week of each month. This release cadence is important to know so you can review, organize, plan, and test the latest version.

We recommend upgrading the CoE Starter Kit solution at least every three months. With the fast pace of change for Power Platform, leaving updates longer than three months can result in unexpected issues with your next update.

We recommend testing upgrades in a dedicated test environment, before upgrading your production environment. Focus your test efforts on your favorite features of the CoE Starter Kit. Verify that components you use continue to work when you add new features that meet your requirements.

In your test environment, set the ProductionEnvironment variable to no. A no setting means no emails are sent to makers and end users as you test features.

For more information, see Updating the Center of Excellence (CoE) Starter Kit.

Create your environments

We recommend creating two environments to install the CoE Starter Kit solution:

  1. One for testing
  2. One for production use

For more information, see Updating the CoE Starter Kit.

Create two production environments to install the CoE Starter Kit solutions:

  • Create an environment with a database.
  • Choose English as the default language.
  • Don't add sample apps and datasets.
  • Set the security group to None to allow open access. Some parts of the CoE Starter Kit use approval actions and require makers to be able to interact with the environment.
  • After importing the solution and completing the setup steps, set the ProductionEnvironment variable to no in your test environment. This means you can test the CoE Starter Kit processes without impacting makers and end users.

Important

Using Data Export as a mechanism to retrieve inventory and telemetry is currently in preview. We recommend you test this in a dedicated test environment before using this feature in production.

Validate data loss prevention (DLP) policies

The DLP policy applied to your CoE Starter Kit environment needs to allow the following connectors to be used together in the business group:

Note

The CoE Starter Kit collects information about who owns a resource, such as an app or a flow.

  • If the resource is owned by an interactive user, the Office 365 Users connector is used to get the owner details.
  • If the resource is owned by a service principal (app user), the HTTP with Microsoft Entra ID (preauthorized) connector makes a call to Microsoft Graph to retrieve the app user name to correctly mark ownership of resources to avoid them being marked as orphaned (without an owner).

Download the solution

Download the CoE Starter Kit solution and Power BI dashboard files to your device.

The content package contains various files that support different features of the CoE Starter Kit. The setup instructions walk you through when to use each file.

The following table is an overview of each file:

File Name Description
admintaskanalysis_core_x_xx_managed.zip Power Platform admin task planner components.
BYODL_CoEDashboard_MMMYYYY.pbit CoE Dashboard Power BI template file. Required during configuration of the Power BI dashboard if using experimental Data Export feature.
CenterofExcellenceAuditComponents_x.xx_managed.zip Governance components solution file. Required during setup of the Governance components. Has a dependency on Core components being installed first.
CenterofExcellenceCoreComponents_x.xx_managed.zip Core components solution file. Required during setup of the Core components in a production environment.
CenterofExcellenceInnovationBacklog_x.xx_managed.zip Innovation Backlog components solution file. Required during setup of the Innovation Backlog components.
CenterofExcellenceNurtureComponents_x.xx_managed.zip Nurture components solution file. Required during setup of the Nurture components. Has a dependency on Core components being installed first.
MakerAssessmentStarterData.xlsx Provides a set of starter questions and answers for the Maker assessment app. Required during configuration of the Maker Assessment app.
microsoft-video-hub-starter-data.xlsx Provides a set of starter videos for the Video Hub app.
Power Platform Administration Planning.pbit Power Platform admin task planner Power BI template file. Required during configuration of the Power Platform admin task planner components.
PowerPlatformAdminAnalytics-DF-MMYYYY Dataflow file required during configuration of the Power BI dashboard if using experimental Data Export feature.
PowerPlatformGovernance_CoEDashboard_MMMYYYY.pbit CoE Governance and Compliance Dashboard Power BI template file. Required during configuration of the Power BI dashboard
Production_CoEDashboard_MMMYYYY.pbit CoE Dashboard Power BI template file. Required during configuration of the Power BI dashboard
Pulse_CoEDashboard.pbit Pulse survey Power BI template file. Required during configuration of Pulse survey components.
Sample-task-data.xlsx Provides a set of tasks for the Power Platform admin task planner components app. Configuration of the Power Platform admin task planner components.
ToolIcons.zip Provides a set of starter icons for the Innovation Backlog. Required during configuration of the Innovation Backlog.

[!div class="nextstepaction"] Next step: Set up inventory components

What's next: After installing the CoE Starter Kit

Important

We recommend upgrading the CoE Starter Kit solution at least every three months. With the fast pace of change for Power Platform, leaving updates longer than three months can result in unexpected issues with your next update.

If you already installed the CoE Starter Kit, check instructions for

[!INCLUDEfooter-include]