EasyRepro Test Automation or something else… ?

In the “couloir” we already knew since a couple of years that Microsoft was investing in Playwright.

Customer, partners, peers,… looking at test automation for Power Platform or Dynamics 365 CE always wondered why EasyRepro is using Selenium and why there is no Playwright version of EaysRepro.

I suspect that in these odd cases it always boils down onto roadmap challenges. But no worries, the FastTrack team has you covered with a open-sourceproject to start your initial Dynamics 365 Customer Service testing.

Read all about this here: Set up test automation with Playwright – Dynamics 365 | Microsoft Learn

How do I expose my Generative AI models towards other internal consumers?

No worries, this recent blog post from the Azure Integration Services gives you all the possible approaches and examples. Another hidden gem that can save you some time when architecting these types of challenges.

Main questions answered?

  1. How many Azure Open AI (AOAI) APIs should I create?
  2. How do I version AOAI APIs?
  3. How do I support consumers with different content-safety and model requirements?
  4. How do I restrict throughput per Consumer, per deployment?
  5. How do I scale out AOAI services?
  6. How do I log all prompts and responses including streaming, without disruption?
  7. What other value add services should a platform offer consumers?

Find out everything here: https://techcommunity.microsoft.com/t5/azure-integration-services-blog/designing-and-running-a-generative-ai-platform-based-on-azure-ai/ba-p/4223092

My personal note, don’t underestimate the power of Azure API Management. During my recent projects in terms of B2B and/or B2C interactions and having Dataverse/Dynamics 365 in the back, it was already a productivity saver and an essential proposed component of the architecture. With the introduction of new Generative AI services, it can play even a more central internal role.

AAD Kill chain

AAD Kill chain (aadinternals.com) discusses the Azure AD (now Entra ID) and Microsoft 365 kill chain, a collection of reconnaissance techniques and hacking tools for Microsoft cloud services. Here are the key points:

  • Roles and Targets: The kill chain includes roles like outsider, guest, insider, admin, and on-prem admin, each aiming to escalate their access level.
  • Recon Techniques: Outsiders can extract information using public APIs and DNS queries, while guests and users can gather data using Microsoft APIs.
  • Admin Capabilities: Admins have unlimited access to tenant settings, and on-prem admins can exploit Azure AD Connect credentials to gain cloud admin rights.
  • Security Risks: The document highlights various methods attackers use to gain unauthorized access and the potential harm they can cause.

In summary, good reading for the people needing a security update on what is configurable on M365 level!

Microsoft 365 Desired State Configuration 

Recently I came across this open-source initiative. Certainly helps when you’re having those one or multiple tenants conversations with larger customers.

What is Microsoft365DSC? 

Microsoft365DSC is an open-source initiative led by Microsoft engineers and maintained by the community. It allows administrators to define, automate, and monitor the configuration of Microsoft 365 tenants using PowerShell Desired State Configuration (DSC).

Key Features:

  • Automate: Write and apply configurations for various Microsoft 365 workloads (e.g., SharePoint, Teams, Exchange).
  • Export: Extract and replicate configurations across multiple tenants using ReverseDSC.
  • Synchronize: Keep multiple tenants’ configurations synchronized23.
  • Monitor: Detect and act on configuration drifts automatically.

Why It Should Be of Interest:

  • Efficiency: Automates repetitive configuration tasks, saving time and reducing errors.
  • Consistency: Ensures uniform configurations across multiple tenants.
  • Compliance: Helps maintain configurations in line with industry best practices.
  • Troubleshooting: Facilitates troubleshooting by replicating production configurations in test environments.

This tool is a game-changer for Microsoft 365 administrators looking to streamline their configuration management processes!

Reference: microsoft365dsc.com

Azure API Management and Application Insights

Continuing the Application Insights topic, on some engagements we propose to leverage Azure API Management in front of Dataverse Custom API’s or Azure Logic Apps or Azure Functions.

Setting up APIM is not that hard, but getting the next level insight on what’s happening via Application Insights can be a bit more tedious (if you don’t use Application Insights every day of the week which is the case for myself 😊).

So, I recently found this Azure API Management Hands on Lab including a chapter on how to setup and configure the Application Insights integration. Have fun with it!

https://azure.github.io/apim-lab/apim-lab/6-analytics-monitoring/analytics-monitoring-6-2-application-insights.html

Dataverse Telemetry, what now?

Once you start pouring telemetry data from Dataverse into Application Insights, it’s time to review what’s happening. As we aren’t Application Insights experts, it’s always good to have some pre-defined examples. Well look no further!

The AzureMonitorCommunity created some Alerts, Dashboards, Queries and Workbooks that can get you started. Hereby the direct link towards the Dataverse assets: https://github.com/microsoft/AzureMonitorCommunity/tree/master/Azure%20Services/Dataverse

Besides Dataverse, you’ll find numerous other samples for other Azure services. Happy monitoring!

Using SPN’s to execute Administrative Tasks

This is one that I forget regulary, meaning I know that this has to be done to ensure my Service Connection in an Azure DevOps Pipeline (classic or yaml) can for example execute a Dataverse backup.

So, first create the App Registration on Azure Entra ID.

Add the App Registration as Application User onto the Dataverse environment

In PowerShell, register the Application user as a “Management Application”:

New-PowerAppManagementApp -ApplicationId $ApplicationId

Once this is done, the SPN/Application User, Management Application, Application Registration (what’s in a name….) can execute these more administrative actions.

Back up & running!

No luck,the old site hosting didn’t want to play anymore. Probably due to the initial config pointing towards subfolders and the Direct Admin tool wasn’t able to manage that directly in combination with WordPress (if it works, don’t touch it!).

Anyway, I downloaded my original posts and I’ll retro post them here (for good old times sake).

If any time left, let’s see if we can post something worth while interesting.

Till the next time!

Philip

Things about Microsoft, Power Platform, Dynamics 365, Azure and AI by Philip Verlinden.