ARM Templates vs Bicep vs Terraform vs Pulumi

ARM templates, they are instructions that run against Azure to create resources.  

ARM templates will update settings such as tags when added, deleted or updated using json.

If a dependent resource is called e.g. storage, the ARM template creates the storage and if variables are supplied it shall use them.  Removing or changing the dependency won't update the dependent resource, it will create a new storage resource and point to the new storage. 

Note: Templates don't remove dependent resources if they are pulled from the ARM template. It will not upgrade to the latest instructions. I.e. it does not take the infrastructure to desired state config (DSC).

There is a DSC modules for ARM templates, but i believe this is more for VM's.

Bicep is a domain specific language which is DSC, it's json and way easier to build up your infrastructure.

Bicep will run ARM templates "under the hood" and provide the full desired state.  Bicep is a Microsoft Azure only concept and can be used for private cloud infrastructure.  

Terraform is an open source DSL to build IaC, and it works on AWS, Azure and GCP (and Oracle ...).

Terraform is created by HashiCorp, HashiCorp have an amazing tooling set that uses the Terraform language to build, and changes Infrastructure.  Uses the HCL Language.

AWS CloudFormation is the native way to build IaC on AWS.  Supports json and YAML.

Pulumi is an exciting competitor to Terraform.  Can us multiple languages and easy to write new modules.  Code is compiled and uses appropriate cloud API's to create IaC.   Compare Terraform to Pulumi.  Uses TypeScript/JS, Python or C#.  Pulumi is Open Source, and there is a free tier SaaS offering on Pulumi Cloud.

Common Dev setup could be: TypeScript with Pulumi created using VS code npm for packages.  

Pulumi needs a program yaml file, tells it the language to use and other setup.  2 types of providers: Terraform bridge providers and native provides.  There are over 150 connectors most are Terraform .  Support multiple languages e.g. TypeScript, C#, Python Java, YAML.  Easy to integrate into CI/CD/DevOps.  Pulumi is basically a command line tool that can be called from DevOps including Pulumi Cloud.

Pulumi (Any) vs Terraform (HCL lang) vs AWS: CDK (TS, C#, Py, Go, Java) or CloudFormations (YAML)  vs Azure: ARM/Bicep (DSL).

Nutanix - new to me but looks like VMWare using IaC for multi-cloud basically Terraform but manage and monitor.  Very likely to be wrong here.

Summary:

Use what the organisation uses, Bicep is great if you only are using Azure, and for smaller work/specific DTAP IAC using ARM templates is a well trodden route.  If the organisation wants multi-cloud (do not take multi-cloud lightly) then Terraform and even Hashicorp using Terraform is the way to go.  Terraform and Pulumi are for multi-cloud/run at a higher level than CloudFormation, ARM/Bicep.

Note: Resist multi-cloud at all costs, I've heard ridiculous reasoning like we don't want to be tied to only AWS or Azure.  That's cool but costs go up exponentially with multi-cloud, it's not even the infra that costs, it's the management overhead and testing/verification.  Which parts can be changed.  A business would need a really good reason to go to multiple vendors.

Power Apps issue with OptionSets Syntax irregularity

Problems: OptionSets in Power Apps (Canvas apps can be a little nasty to work with, today I took a couple of hours  trying to use an OptionSet to filter results.  This should have taken 5 minutes but there is a weird behavior when using switch or if statements to dynamically filter using options sets.

Hypothesis:  using if/switch logic when using an OptionSet in Dataverse to filter results in the code being change/interpreted incorrectly at run time. 

Resolution:  Use a variable to hold the dynamic OptionSet choice as shown above.  I hope this post can help anyone having issues relating to Option sets for filtering and updating.

In the example below I show how to Insert a new Row using a Patch where the row contains an OptionSet.  It's ugly but, it works...

On the Save...

Set(orgType, Blank());

If(

    <ddlOrgType.Value> = "Personal", Set(orgType, 'Org Type'.'Sole Trader'),

    <ddlOrgType.Value> = "Incorporated", Set(orgType, 'Org Type'.'Limited Company'),

    <ddlOrgType.Value> = "Partnership", Set(orgType, 'Org Type'.'Partnership')

    );

Insert the new row for Subject

Deploying a Canvas App direct to mobile devices

Overview:  Canvas apps have a feature called "Wrap" that can take a canvas app via a solution and allow it to be access naively on iOS and Droid.  This allow users to open the canvas app without going thru the Power Apps client on their mobile device.  The apps can be shipped using the app stores/marketplace or Microsoft Intune for enterprise deployment.

Enable the feature in your dev/un-managed environment using the "Power Platform Admin centre":

There is a great wizard that takes care of a lot of the underlying work such as registering the app in Azure Portal AAD.

Use the Wrap wizard (you'll need a lot of access rights on the Power Platform and Azure Portal)

Pick your package types, this post outlines the full process for Android (apk). Below shows the iOs file needed for the Apple store but you can distribute using InTune.

 

ALM Power Platform - Problem Solving

 Use the logical name of the embedded canvas app

Problem:  I have embedded canvas apps inside a Model app that I deploy via a solution.  When I move from Development to Test, the users reported that they don't have access "This app isn't opening correctly" "It looks like you don't have access to this app."  And when I dive deeper, I see the Model app in Test is point to the Development Canvas App; not the test canvas app.

Initial Hypothesis: My thinking is that the Model App in Test is pointing to the Canvas App in Dev.  In dev, I point to the test canvas app and it works.  The workaround is to Open the managed solution in the Test environment and change the AppId  to the App Id of the canvas App in TEST.   It works but it's an awful work around.  This tells me that my App Name is not working, as the Static App name is used before the AppId (looks for the app name in the current environment) and then the AppId when the app Name doesn't resolve, I believe the app name is not working.  

I changed the AppId (to a non-existing guid) and the app wouldn't load in dev.  The app name should be the logical name and not the display name.    

"The App Name property specifies the name of the canvas app to embed. The model-driven form looks for the canvas app with the specified name in the current environment. If a canvas app with that name can't be found in the environment, the canvas app control will use the App ID to load the canvas app. Enter the App Name for an existing canvas app."  Add an embedded canvas app on a model-driven form - Power Apps | Microsoft Learn

Resolution:  Open the table > Forms > Form containing the canvas app

Or, another alternative is to use Environment variables for all the canvas AppID's and change them per DTAP environment on the deployment.

More Info:

Share an embedded canvas app - Power Apps | Microsoft Learn

Guidelines and troubleshooting when working with embedded canvas apps - Power Apps | Microsoft Learn - scroll to "Known issues and limitations with embedded canvas apps", "The App Name property value is missing or is incorrectly defined"

Embed a canvas app on a model-driven form - Power Apps | Microsoft Learn

Reporting from Dataverse HLD options

Overview:  Recently I was looking at reporting from the Dataverse/CDS and I drew up these options that give the business various options but the overhead grew as the solution improves.  Client is on the MS stack so I have looked at the reporting options, There are a ton of variations but this is a good start for my options.

Reporting options from the Dataverse

Synapse, can be replace by any Data warehouse or Data lake solution and as Dataverse is not massive could also just use regular SQL Server for reporting.

Power BI can be replaced with other tools such as Tablau but for embedding and the MS stack, Power BI makes the most sense.

Continuous Validation with Azure

I listened to Jen Perrin from Microsoft today with Scott Hasselmann on testing for Power Apps from the Ignite 2022 conference.  Chaos Studio is a tool to faking issues such as network faults, and coming backup after say 10 minutes, and it helps determine the behavior that happens.  

I have been thinking and doing continuous monitoring for awhile in SaaS products, thus can be as simple as checking you API's and SPA's are working and checking every few hours and notifying key people as early as possible.  More advanced options are running postman and/or selenium tests that run thru various tests such as login in add and cleaning up some data.  Continuous Validation is fantastic as you can perform scenarios from a specific target.

The tooling and Playwright (which i played with a few years ago) on Azure looks amazing and well suited for the Power Platform.  This is a massive area to improve software, and reliability. 

Power Apps Portal and Power Automate licencing thoughts

Update: 13 August 2023 - Power Apps Licencing has change considerably since this post, for example here is updated information on Power Automate licencing.

My Technical Working Notes for Microsoft Technology: App Insights for Power Platform - Part 9 - Power Automate Licencing (pbeck.co.uk)  A major change in naming and cost has been release August 2023.

Overview:  The Total Cost of Ownership (TCO) is key to any project.  I recently was asked about a project that wanted to use Power Apps for external user access, the data is in the dataverse/CDS) and their are tons of workflows.  The cost of buying a per app licence for external users is a non-started (without volume discount $5 or £3.80 per user per month  and the only viable options left are:

Design by Cost:

Write the front end using free to distribute front end application (i.e. ReactJs, Angular, C#, Flutter, Blazor,...) and all the flows using the per-flow licencing model.  Per-flow licencing is crazy expensive as it is per flow and my users have lots of flows when the login once a year.  So per flow is also not an option with a custom front-end.  At Ignite 2022, Microsft announce a new Power Automate Embedded SDK with pay as you go pricing, this may be a good option, but's its untested.

The $5/month/app plan doesn't really work as users login over the last few months of the year and all users would need to be licenced all year around so $60 is way too high.  The Power Apps Pay-as-you-go Plan allows costs $10/£7.45 per user that logs in during a month.  So in my case an average user logs in 2 times in a year with the monthly consideration, so i'm still looking at $20 per year.

User/Per App/month: £3.80

User/Month (multiple apps): £15.10

Active User/app/month Pas-as-you-go  £7.45

Power Apps Portals/Power Pages/Dynamics Portals is my last hope.  The licencing is based on per login per 24 hrs.  So a user that logs in three times in a 24 hr period is considered 1 licence.  If the user logs in on 4 different dates at any point in the year, the client is changed for 4 logins.  Need to buy the licences in advance each month.  Sold in blocks, the smallest being 100 logins in a month.  At the lowest levels, cost is $2 per 24 hour login, but this reduces to a much lower cost relatively quickly.   With our expected numbers, we'd get onto Tier 3, and the cost per login is $0.70 per login.  If an average user logs in 4 times a year on separate dates, our cost is basically $2.80 per user per year.

Note there is also a Page Portals Capacity licence required.  We are expecting an average of 175k page views, which cost a further $200.

13 Oct 2022: Licencing for Power Pages change yesterday, 1) monthly anonymous active users 2) monthly authenticate active users.  Prepaid is cheaper than pay as you go, assuming you get you numbers right.  https://www.microsoft.com/en-us/licensing/news/power_pages_general_availability#:~:text=Today we are announcing licensing and pricing details,to purchase through prepaid subscription and pay-as-you-go plans.

Summary: In this case, Power Pages is the best option.