Introduction to Center of Excellence

  • 6 minutes

In an organization, a Center of Excellence (CoE) is like a hub for innovation and improvement. It brings together people who share similar business goals to exchange knowledge and success stories. It also helps maintain consistency and order within the organization. When set up properly, a CoE can support the growth of citizen developers while keeping things organized. It fosters innovation, breaks down barriers between teams, and helps everyone work toward the same business goals instead of just focusing on individual targets.

Now, let's talk about the Microsoft Power Platform CoE Starter Kit. Think of it as a toolbox filled with templates and tools that are designed to make your journey into the Microsoft Power Platform (especially Power Apps and Power Automate) smoother. It's the result of input from various organizations on how to kickstart your journey, and it keeps getting better with updates, which typically happen in the first full week of each month.

It's important to note that the CoE Starter Kit isn't the entire CoE package. Building a CoE requires people, communication, and well-defined processes. The tools in the kit are like stepping stones to help you reach your goal, but you need to put some thought into designing a CoE that works best for your organization's unique needs and preferences.

This kit offers some nifty automation and tools to help your organization create the monitoring and automation needed to support a CoE. It's based on a Microsoft Dataverse data model and comes with workflows to gather information from all your tenant environments. You can find multiple apps and Power BI analytics to visualize and work with the data you collect. Plus, it offers templates and recommended ways of doing things to help you set up your CoE effectively. This learning document focuses on getting started with the initial configuring of the CoE kit in your tenant. It focuses on the core setup components, governance components, audit log data, and the Microsoft Power BI report.

Screenshot of Center of Excellence Power BI dashboard.

Confirm licensing requirements for CoE Kit use

Make sure that you meet the following licensing requirements met before you begin this module:

  • Microsoft Power Platform service admin, global tenant admin, or Microsoft Dynamics 365 service admin.

  • Power Apps Per User license (non-trial) and Microsoft 365 license.

  • Power Automate Per User license, or Per Flow licenses (non-trial).

  • Power BI Premium per user or per capacity (if using Data Export for inventory)

  • Have access to an Office 365 mailbox that has the REST API enabled. It must also meet all requirements to use the Office 365 Outlook connector.

  • If you want to collect usage information, such as app launches and unique users per app, you must have access to an Azure app registration. The app registration needs to have permissions to read data from the Microsoft 365 audit log to complete the setup. You only need this app registration if you're using Cloud flows for inventory.

  • If you want to share the Power BI report that's part of the CoE Starter Kit, you need to have the Power BI Pro license.

You need to have these roles and licenses available continuously; it's not sufficient to have admin access only temporarily via Privileged Identity Management (PIM). The CoE Starter Kit works by using admin connectors in cloud flows (such as Power Apps for Admins) to check for new and updated Power Platform resources and provide admin and governance tooling based on Power Platform resources in your tenant. These connectors require an account that has Power Platform Admin access to retrieve the inventory of all environments - a role with lesser privileges wouldn't see all resources in the inventory. The flows using these connectors run on a schedule and on event-based triggers. If you use an identity that has time-based access via PIM to run these flows, you won't retrieve all of the inventory.

Additionally, whatever account you use should have multifactor authentication configured for conditional access.

Screenshot of Power BI Center of Excellence dashboard.

Plan your upgrade strategy

A new version of the CoE Starter Kit is released monthly, usually in the first full week of each month. This release cadence is important to know so you can review, organize, plan, and test the latest version. Microsoft recommends upgrading the CoE Starter Kit solution at least every three months. With the fast pace of change for the Microsoft Power Platform, leaving updates longer than three months could result in unexpected issues when you do update.

Microsoft recommends testing upgrades in a dedicated test environment, before upgrading your production environment. Focus your test efforts on the features of the CoE Starter Kit that you use. Verify that components you use still work, any new features added to those components meet your requirements.

In your test environment, set the ProductionEnvironment variable to no - this means no emails will be sent to makers and end users as you test features.

Learn more about updating the Center of Excellence (CoE) Starter Kit.

Create the environments

Microsoft recommends creating two environments to install the CoE Starter Kit solutions - one for testing, and one for production use.

  • Create an environment with a database

  • Choose English as the default language

  • Don't add sample apps and datasets

  • Set the security group to None to allow open access. Some parts of the CoE Starter Kit use approval actions and require makers to be able to interact with the environment.

  • After importing the solution and completing the setup steps, set the ProductionEnvironment variable to no in your test environment. This means you can test the CoE Starter Kit processes without impacting makers and end users.

Validate data loss prevention (DLP) policies

The CoE Starter Kit environment must have a data loss prevention (DLP) policy that allows the following connectors to be used together in the business group:

  • Approvals

  • Azure Resource Manager

  • HTTP

  • HTTP with Microsoft Entra ID

  • Microsoft Dataverse

  • Microsoft Dataverse (legacy)

  • Microsoft Teams

  • Office 365 Groups

  • Office 365 Outlook

  • Office 365 Users

  • Power Apps for Admins

  • Power Apps for Makers

  • Power Automate for Admins

  • Power Automate Management

  • Power Platform for Admins

  • Power Query Dataflows

  • RSS

  • SharePoint

  • The HTTP and HTTP with Microsoft Entra connectors connect to https://graph.microsoft.com for commercial tenants; if your tenant is in GCC, GCC High or DoD, check your service root endpoint for Microsoft Graph. You can't set up DLP endpoint filtering for these connectors, as dynamic endpoint evaluation isn't supported by DLP Policies.

  • If you're using the audit log solution, the custom connector used to connect to the Microsoft 365 audit log also must be allowed in your business group. Configure the https://manage.office.com/ endpoint in the business group of your tenant-level policy.

  • Check that no other DLP policies apply to this environment.

  • If you're using the ALM Accelerator for Power Platform components, the environment must have a DLP policy that allows Dataverse (legacy), Power Apps for Makers, HTTP with Microsoft Entra ID, and the ALM Accelerator Custom DevOps connector to be used together. Those connectors must be in the business data–only bucket of the DLP policy for this environment.

Download the solution

After you have your environments set up, you need to download the CoE Starter Kit and Power BI dashboard files to your device. The entire content package can be downloaded directly at aka.ms/CoEStarterKitDownload.

The content package contains various files that support different features of the CoE Starter Kit. The setup instructions walk you through when to use each file.

To learn more about setup see Get started with setup.