Deploy from Azure Marketplace

Note: The deployment steps detailed below are intended for Azure Marketplace deployment. The steps for manual/local deployment via Bicep can be found here.

Create a managed application

1. Type "Marketplace" in the Azure portal search bar and select said option as it appears.

   

Warning: Azure Marketplace can be opened in 2 ways: Method 1 - Opening it as shown in step 1, which takes you here:

Method 2 - Opening it directly (not from the Azure portal), which takes you here:

To follow the deployment steps detailed below, you need to access Azure Marketplace using Method 1. The steps below will not align if you use Method 2.

1. Search for the EmbedFAST and select the application from the search results.

1. Select a tier from the dropdown menu, then select Create.

   
2. Fill the form as detailed below:

   

• Project details

  • Subscription: Choose the subscription where you want to keep the managed application.

  • Resource group: Choose the resource group where you want to keep the managed application.

• Instance details

  • Region: Select a region that has the subscription selected in the previous field.

• Application details

  • App name: Create and enter a name. Marketplace will validate if this name is available for resources that will be deployed.

  • App service pricing plan: Select an SKU value.

• SQL details

  • Server admin login: Username for the SQL Server login.

  • Password: A strong password for the SQL Server.

  • Confirm password: Confirm password.

• Managed Application Details

  • Application Name: Create and enter a name. This will be the name of the managed application where the Azure resources for the tool will reside.

  • Managed Resource Group: This field will be prepopulated when the form is opened. By default, the managed resource group name will be in this format: "mrg-powerbiloadanalyzer-", but you can change it to any name you want.

1. Click on Next to validate your inputs.

2. Review the details shown on the Review + create page. Select Create to finalize the process. A managed application will be created under the selected resource group, where all the resources are deployed with one click.

   
3. Select the managed application.

   
4. Click on the Managed resource group value on right side of the page if you want to go to the managed resource group where all the resources are deployed.

   

Load the post-deployment script and PowerShell file to Visual Studio Code 

1. Download the PowerShell files.

2. Extract the folder and open it in Visual Studio Code (VS Code). The loaded files should look like this:

   

Open a terminal window

From the top menu bar, select Terminal -> New Terminal to access the PowerShell terminal window.

Executing the PowerShell script while bypassing the execution policy

This step is required to bypass an execution policy that doesn't allow the ZIP file to work with the PowerShell scripts.

1. Execute command “powershell -ExecutionPolicy Bypass -File ".\PostDeploytmentScript.ps1"” in the terminal. This command will execute a PowerShell script named "PostDeploytmentScript.ps1" while bypassing the execution policy.

   
2. The system will display a variety of prompts. Provide the information as requested. More details regarding the prompts are provided below.

Enter your subscription ID

Follow the steps below to find your subscription ID:

1. Type “Subscriptions" in the Azure portal search bar and select said option as it appears.

   
2. Once on the page, you will see a list of resource groups displayed. Select the resource group that you have created earlier in the prerequisites section.

3. Select the desired resource group from the list where you want to deploy your resources.

4. Copy the subscription ID as shown below.

   
5. In the PowerShell terminal, paste/enter the subscription ID from the previous step.

Enter your tenant ID

Navigate to your Azure Active Directory --> Overview and copy the tenant ID as shown below. Paste/enter the ID into the PowerShell terminal.

Log into Azure through the PowerShell pop-up window

Choose an account to log into Azure with.

Enter your managed resource group name

This is the name of the managed resource group in your subscription where EmbedFAST’s resources will be deployed to. The managed resource group is created under the resource group that was created earlier in the prerequisites section. Follow the steps below to find the name of your managed resource group:

1. Type “Resource groups" in the Azure portal search bar and select said option as it appears.

2. Find and select the managed application as shown in the image below:

   
3. Copy the name of the managed resource group.

   
4. Paste/enter the managed resource group name in the PowerShell terminal like the previous steps.

Enter your application name

Provide the name of your app (as selected in the previous step).

Enter your Azure AD Client ID

This client ID is obtained from the overview page of the app registration previously created for the EmbedFAST API as part of the pre-deployment steps. Follow the steps below to find your client ID:

1. Type “App registrations" in the Azure portal search bar and select said option as it appears.

1. Click on Owned applications to see a list of applications you registered, including the ones for the API and Power BI Service done in the pre-deployment steps.

1. Next to the Display name column is the Application (client) ID column which contains the information needed. Find the application registration created for the EmbedFAST API on the list and note down its client ID.

2. Alternatively, clicking the app's name takes you to its summary page where you can also find the client ID and copy it directly to your clipboard.

Enter your service principal application ID

This application ID is obtained from the overview page of the app registration previously created for the Power BI Service as part of the pre-deployment steps.

Note:

You can follow steps 1-3 detailed above to obtain your service principal application ID for the Power BI Service. After step 3, find the application registration created for the Power BI Service on the list and note down its client ID.

Enter your service principal object ID

The object ID is obtained from the enterprise application created for the Power BI Service, which is created by default once we create an app registration for it. Follow the steps below to find the ID:

1. Type "Enterprise applications" in the Azure portal search bar and select said option as it appears.

1. Search for the name of the app registration created for Power BI Service in the search bar. Your enterprise application will be under the same name.

   
2. Click on the application's name to access its details page.

3. Copy the object ID from the Object ID field displayed on the application details page, as shown below.

   

Enter your service principal name

On the same page where the object ID was obtained from, you can find the name of your service principal at the top left corner of your page.

Enter your service principal client secret

Follow the steps below to create a client secret:

Note: The client secret will only be visible at the time of creation. Take note of it and store it securely for future use for whenever the client secret is required.

1. Type “App registrations" in the Azure portal search bar and select said option as it appears.

   
2. Click on Owned applications to see a list of applications you registered. Search for the application created for the Power BI Service on this page.

   
3. Click on the application's name to access its details page.

4. Select Certificates & secrets (under Manage) from the left pane.

1. Click on New client secret to create a client secret.

1. Enter a description and select when the secret expires. Click on Add to add the client secret.

1. Copy the value of the newly created client secret as shown below.

Reminder: Take note of the client secret and store it securely for future use for whenever it is required. The client secret is only visible at the time of creation and will NOT be visible again.

Other details

• Enter the sender email: Provide an email address. This email will be used for sending subscription emails to other users.

• Enter the sender email password: Provide the password for the email address provided in the previous step.

Initial post-deployment steps

Entering the email password prompted in the previous step completes the deployment process and prompts a menu to appear:

Enter "1" as your selection. A post-deployment operation will run that will perform the operations detailed below:

• Add your client IPv4 address to Set Server Firewall.

• Grant the necessary permissions to the service principal app registration on the Database. It will give admin access on the Database created.

• Add the Power BI App service principal as an external Azure AD user.

• Grant permissions to the user.

Note: If an error occurs (e.g., “Client with IP address ‘IP-Address’ is not allowed to access the server”), you have the option to manually include the IP in the server's firewall rules. Follow the steps detailed below to do so:

1. Type “Resource groups" in the Azure portal search bar and select said option as it appears.

2. Find and select the managed application as shown in the image below:

   
3. Click on the Managed resource group value on right side of the page, it will take you to the managed resource group where all the resources are deployed. /

   
4. Select the SQL server deployed with the application's name.

   
5. Select Networking (under Security) from the left pane.

6. Click on Add a firewall rule.

   
7. Enter the IP address that was not allowed to access the server in the Start IP and End IP fields. Select OK to save the changes.

   

This completes the deployment process.