Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article describes how to install the CoE Starter Kit and provides guidance on:
- The identity to use to install and run the solutions.
- The environment type to use for your solutions.
- All prerequisites needed to use the CoE Starter Kit.
Before setting up the CoE Starter Kit
Before you set up the CoE Starter Kit, review the following prerequisites and recommendations to ensure a successful installation and configuration.
Which identity should I use to install the CoE Starter Kit?
The CoE Starter Kit requires access to your tenant's Power Platform environments. The identity you set up for the CoE Starter Kit requires the following licenses and roles:
Microsoft Power Platform service admin or global tenant admin.
Note
Dynamics 365 service admin isn't supported, since it:
- Can't gather all environment types; for example, the teams type.
- Doesn't allow privilege escalation.
Power Apps Per User license (nontrial) and Microsoft 365 license.
Power Automate Per User license, or Per Flow licenses (nontrial).
Power BI Premium per user or per capacity (if using data export for inventory).
The identity must have access to an Office 365 mailbox that meets all requirements to use the Office 365 Outlook connector.
If you'd like to collect usage information, such as app launches and unique users per app, you must have access to an Azure app registration. The app registrations need to have permissions to read data from the Microsoft 365 audit log to complete the setup. You only need this app registration if you're using Cloud flows for inventory.
To share the Power BI report that's part of the CoE Starter Kit, make sure the identity has a Power BI Pro license.
These roles and licenses must be available to a user directly and permanently.
Configure multifactor authentication for the account by following the recommended settings for conditional access and multifactor authentication in Power Automate.
What's the best way to communicate with admins, makers, and users?
Consider how you want to communicate with different groups of people, or personas, before you start the setup.
- Admin persona:
- Power Platform admins communicate with each other.
- Power Platform makers contact Power Platform admins.
- Maker persona:
- Power Platform admins contact Power Platform makers.
- Power Platform makers communicate with each other.
- User persona:
- Power Platform admins contact Power Platform users.
We recommend using three Microsoft 365 Groups, one for each persona. This group type is an email-enabled security group and can be associated with a Microsoft team for collaboration between the people in the group.
Important
As part of the inventory of a tenant's Power Platform resources, makers are added to the group you define for the Power Platform Maker persona.
To add makers to the group, the admin or service account setting up the inventory components must be an owner of the group. You can share apps and other resources relevant to makers with this group.
Individual as an admin
Some processes in the CoE Starter Kit send Power Automate approvals and adaptive cards for Microsoft Teams.
These cards can't be assigned to a group. You need an individual named admin to receive these communications:
- Individual to receive chat bot chats
- Individual to receive approvals
What data source should I use for my Power Platform inventory?
The CoE Starter Kit uses processes to gather information about your Power Platform inventory, helping you manage, govern, and nurture Power Platform adoption in your tenant.
The CoE Starter Kit offers two mechanisms to gather this data:
Data export (preview)
You can export Power Platform inventory and usage data directly into Azure Data Lake Storage using the data export feature in the Power Platform admin center. Because the admin center provides the data, this mechanism is highly efficient. To use this option, set up the data export process for your tenant.
Important
The CoE Starter Kit using data provided by data export for inventory is currently in experimental preview. We recommend to first test the kit in a dedicated test environment.
Learn more in How can I try out the data export feature?
Cloud flows
Cloud flows use Power Platform admin connectors to query and crawl your tenant and store inventory and usage data in Dataverse tables.
This method is suitable for small to medium sized tenants but can cause performance issues in tenants where Power Platform inventory exceeds 10,000 objects (combined number of environments, apps, flows).
How can I try out the data export feature?
Enable the data export feature in your tenant.
Proceed with the CoE Starter Kit configuration only when you see inventory data files in your storage account. The initial data export can take up to five days.
Download the version of the CoE Starter Kit that integrates with data export and use the setup wizard to configure the feature in your tenant.
Post your feedback by raising an issue on GitHub. Your feedback is critical to this process.
Learn more in Frequently asked questions about the Data Export integration.
Plan your upgrade strategy
A new version of the CoE Starter Kit is released monthly, usually in the first full week of each month. This release cadence is important to know so you can review, organize, plan, and test the latest version.
Important
We recommend upgrading the CoE Starter Kit solution at least every three months. With the fast pace of change for Power Platform, leaving updates longer than three months can result in unexpected issues with your next update.
We recommend testing upgrades in a dedicated test environment before upgrading your production environment. Focus your test efforts on your favorite features of the CoE Starter Kit. Verify that components you use continue to work when you add new features.
In your test environment, set the ProductionEnvironment variable to no. A no setting means no emails are sent to makers and end users as you test features.
Learn more in Updating the Center of Excellence (CoE) Starter Kit.
Create your environments
We recommend creating two environments to install the CoE Starter Kit solution, one for testing and one for production.
Create two production environments to install the CoE Starter Kit solutions:
- Create an environment with a database.
- Choose English as the default language.
- Don't add sample apps and datasets.
- Set the security group to None to allow open access. Some parts of the CoE Starter Kit use approval actions and require makers to be able to interact with the environment.
- After you import the solution and complete the setup steps, set the ProductionEnvironment environment variable to no in your test environment. This configuration lets you test the CoE Starter Kit processes without impacting makers and end users.
Important
Using data export as a mechanism to retrieve inventory and telemetry is currently in preview. We recommend you test this feature in a dedicated test environment before using it in production.
Validate data loss prevention (DLP) policies
The DLP policy applied to your CoE Starter Kit environment must allow the following connectors to be used together in the business group:
- Approvals
- Azure Resource Manager
- HTTP
- HTTP with Microsoft Entra ID (preauthorized)
- Microsoft Dataverse
- Microsoft Dataverse (legacy)
- Microsoft Teams
- Office 365 Groups
- Office 365 Outlook
- Office 365 Users
- Power Apps for Admins
- Power Apps for Makers
- Power Automate for Admins
- Power Automate Management
- Power Platform for Admins
- Power Platform for Admins V2
- Power Query Dataflows
- RSS
Note
The CoE Starter Kit collects information about who owns a resource, such as an app or a flow.
- If the resource is owned by an interactive user, the Office 365 Users connector is used to collect the owner details.
- If the resource is owned by a service principal (app user), the HTTP with Microsoft Entra ID (preauthorized) connector makes a call to Microsoft Graph to retrieve the app user name to correctly mark ownership of resources to avoid them being marked as orphaned (without an owner).
The HTTP and HTTP with Microsoft Entra (preauthorized) connectors connect to graph.microsoft.com for commercial tenants.
If your tenant is in Government Community Cloud (GCC), GCC High, or DoD, check your service root endpoint for Microsoft Graph.
You can't set up DLP endpoint filtering for these connectors, as DLP Policies don't support dynamic endpoint evaluation.
Check that no other DLP policies apply to this environment. Learn more in Combined effect of multiple DLP policies.
Download and install
If you haven't already, download the CoE Starter Kit solution and Power BI dashboard files.
The content package contains files that support various features of the CoE Starter Kit. The setup instructions walk you through when to use each file.
| Filename | Description |
|---|---|
| admintaskanalysis_core_x_xx_managed.zip | Power Platform admin task planner components. |
| BYODL_CoEDashboard_MMMYYYY.pbit | CoE Dashboard Power BI template file. Required during configuration of the Power BI dashboard if using experimental data export feature. |
| CenterofExcellenceAuditComponents_x.xx_managed.zip | Governance components solution file. Required during setup of the governance components. Has a dependency on core components being installed first. |
| CenterofExcellenceCoreComponents_x.xx_managed.zip | Core components solution file. Required during setup of the core components in a production environment. |
| CenterofExcellenceInnovationBacklog_x.xx_managed.zip | Innovation Backlog components solution file. Required during setup of the Innovation Backlog components. |
| CenterofExcellenceNurtureComponents_x.xx_managed.zip | Nurture components solution file. Required during setup of the Nurture components. Has a dependency on core components being installed first. |
| MakerAssessmentStarterData.xlsx | Provides a set of starter questions and answers for the Maker Assessment app. Required during configuration of the Maker Assessment app. |
| microsoft-video-hub-starter-data.xlsx | Provides a set of starter videos for the Video hub app. |
| Power Platform Administration Planning.pbit | Power Platform admin task planner Power BI template file. Required during configuration of the Power Platform admin planning component. |
| PowerPlatformAdminAnalytics-DF-MMYYYY | Dataflow file required during configuration of the Power BI dashboard if using experimental data export feature. |
| PowerPlatformGovernance_CoEDashboard_MMMYYYY.pbit | CoE Governance and Compliance Dashboard Power BI template file. Required during configuration of the Power BI dashboard. |
| Production_CoEDashboard_MMMYYYY.pbit | CoE Dashboard Power BI template file. Required during configuration of the Power BI dashboard. |
| Pulse_CoEDashboard.pbit | Pulse survey Power BI template file. Required during configuration of Pulse survey components. |
| Sample-task-data.xlsx | Provides a set of tasks for the Power Platform admin task planner components app. Required during configuration of the Power Platform admin planning component. |
| ToolIcons.zip | Provides a set of starter icons for the Innovation Backlog. Required during configuration of the Innovation Backlog. |
What's next after installing the CoE Starter Kit?
Important
We recommend upgrading the CoE Starter Kit solution at least every three months. With the fast pace of change for Power Platform, leaving updates longer than three months can result in unexpected issues with your next update.
If you already installed the CoE Starter Kit, check instructions to:
- Update the CoE Starter Kit with a new release.
- Extend and customize CoE Starter Kit components.