Login
Contents x
Microsoft Azure - Send Assets to Microsoft Power BI
  • 20 Dec 2022
  • 3 Minutes to read
  • Print
  • Dark
    Light
  • PDF
Contents

Microsoft Azure - Send Assets to Microsoft Power BI

  • Updated on 20 Dec 2022
  • 3 Minutes to read
  • Print
  • Dark
    Light
  • PDF

Microsoft Azure - Send Assets to Microsoft Power BI (Send Data to Microsoft Power BI) inserts the assets retrieved from the saved query supplied as a trigger (or entities selected in the asset table) to the Microsoft Power BI table supplied.
When used with a saved query as a trigger, only the fields configured in the saved query are inserted to the supplied table.

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

General Settings

  • Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonious. You can change the name according to your needs.
  • Add description (optional) - Click to add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
  • Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
  • Action name - The name of the Main action. A default value is added by Axonious. You can change the name according to your needs.
  • Configure Action Conditions - Toggle on to enter a condition statement. See Configuring Enforcement Action Conditions to learn more about condition statement syntax.

Required Fields

These fields must be configured to run the Enforcement Set.

  1. Azure Client ID - The Application ID of the Axonius application, as detailed in the Required Permissions section.

  2. Azure Client Secret - A user created key for the Axonius application, as detailed in the Required Permissions section.

  3. Workspace ID - Workspace ID in PowerBI.

  4. Dataset Name (required, default: AxoniusDataset) - the dataset name in PowerBI. In Power BI, click Datasets in the left pane.
    PowerBIDatasets_2

  5. Table Name (required, default: AxoniusTable) - the table name in PowerBI. Select a dataset and the tables in that dataset are listed below in Explore related reports.
    PowerBITables

    Notes:
    • If no table with the supplied name exists in the dataset, it will be created.
    • When a change is made to a table, the table is recreated with the new data (if any). Power BI does not have an Update Table function.

Additional Fields

These fields are optional.

  1. Azure Tenant ID - Microsoft Azure Active Directory ID.

  2. Microsoft Username and Microsoft Password (required) - Microsoft Account credentials.

  3. Include Fields from Saved Query - If enabled, the fields specified in the saved query will be sent to Power BI.

  4. Map Axonius fields to Power BI fields - Use the Field Mapping Wizard to map Axonius fields to fields in Power BI. In this way you can transfer data found in Axonius into Power BI. The wizard shows you which fields exist on the Axonius system, allowing you to map them easily.

    NOTE

    For details, see Axonius to External Field Mapping.

  5. Verify URL (required, default: False ) - Verify the SSL certificate offered by Power BI. For more details, see SSL Trust & CA Settings.

  6. HTTPS proxy (optional, default: empty) - A proxy to use when connecting to the server.

APIs

Axonius uses the Microsoft Power BI Rest API Push Dataset.

Required Permissions

Preferred Methodology for Creating Permissions

  1. Create an application in the Microsoft Azure Portal. For details, see Creating an application in the Microsoft Azure Portal.

  2. This application requires the Power BI Service → Tenant.ReadWrite.All Application access.

Note:

If you already have an Azure client configured for the Azure adapter, you can add this permission to the existing application.

PowerBIPermission1

  1. In Power BI, Go to Settings → Admin portal → Tenant Settings → Developer settings → Enable Allow service principals to use Power BI APIs.

  2. Either apply this change to the entire organization or include a specific security group and include your new Service Principal (the application we just created) into the group. In this example, the Service Principal is a member of the axonius-powerbi security group.

PowerBIPermission2

  1. Within the specific workspace → access, include the Service Principal or security group as a contributor.
    powerbipermission3

  2. When using this method, the Tenant ID is required for the Service Principal.

Creating Permissions Using a Master User

You can also use Delegated permissions and a user account to send data to Power BI.

Note:

Common Microsoft security practices, such as Conditional Access, may block this approach.

  • To connect with delegated permissions, you must register an Azure AD application with Power BI.
  • The application needs to have Power BI Service → Dataset.ReadWrite.All Delegated access.
  • When using this method, the Username and Password of the Master user account is needed.

For more details about other Enforcement Actions available, see Action Library.

What's Next
Change password!
Changing your password will log you out immediately. Use the new password to log back in.
Change profile
Success!
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
Logout