Skip to main content

 

 

 

 
Language:
 
Service Studio version:
 
 
OutSystems

How does Architecture Dashboard work

Template:OutSystems/Documentation_KB/ContentCollaboration
  • Edit
    Collaborate with us
    Edit this page on GitHub
  • Architecture Dashboard includes the following pieces:

    Architecture Dashboard SaaS
    A "Software as a Service" that processes and shows all data collected by the Architecture Dashboard LifeTime Plugin.
    Architecture Dashboard LifeTime Plugin
    A LifeTime plugin that's published in a platform installation (on-premises or cloud) with environment probes to collect data and communicate with the Architecture Dashboard SaaS.

    Architecture Dashboard diagram

    Communication

    Communications between the Architecture Dashboard plugin and the Architecture Dashboard SaaS are always initiated by the plugin. This reduces connectivity requirements on your side since all that needs to be ensured is connectivity from the Plugin in the LifeTime environment to the Architecture Dashboard SaaS endpoint.

    The plugin can use a forward proxy to connect to the Architecture Dashboard SaaS endpoint.

    Data collected in plugin and sent to SaaS

    Architecture Dashboard collects the following data from your infrastructure:

    • Platform metamodel data, including infrastructure activation code, environments information (name and Platform Server version), teams, list of apps and modules (including name and identifier), and platform configurations.

    • Modules and dependency information for code analysis.

    • Upon acceptance of the agreement, during Architecture Dashboard set up: users information (name, username, email address, user creation date, last login date) and LifeTime permissions.

    • Optionally: Discovery snapshot data (architectural references, applications, and modules) for architecture analysis.

    Data of each installation is kept in the OutSystems cloud and isolated from all other installations using the platform's multi-tenant mechanisms. This ensures data from one installation is not accessible by users of other installations.

    Data in transit

    • The Plugin and SaaS share data in binary format through a well-known HTTPS endpoint.

    • IP or DNS addresses aren't transmitted.

    • No ports besides the defaults need to be open for the correct use of Architecture Dashboard Probes.

    • No firewall issues should arise, although you need to be able to access the endpoint detailed in How to set up Architecture Dashboard.

    Data at rest in SaaS

    • Data of each installation is kept isolated from all other installations using the platform's multi-tenant mechanisms. This ensures data from one installation isn't accessible by users of other installations.

    More information about security and compliance

    Read more about security and compliance in the following FAQ sections:

    Permissions

    The permissions that IT users have while using Architecture Dashboard with an infrastructure, depend on the role and permissions set in LifeTime for the code-analysis environment of that infrastructure.

    The set of permissions that an IT user has for the code-analysis environment is determined by the permissions of the assigned roles, and also by how the roles are assigned.

    Roles and their permissions can be assigned as a default role, as a role for a team, or as role for an app.

    The permissions of a role assigned for a team override the permissions for the team's apps assigned by the default role.

    The permissions of a role assigned for an app override the permissions for the specific app assigned by the default role and of roles assigned for a team.

    The following tables map the Architecture Dashboard permissions to the LifeTime permissions and to the way the roles are assigned to IT users.

    Main features permissions

    LifeTime permission LifeTime role assignment Architecture Dashboard permission
    View teams View apps and modules Open findings report Export findings report Resolve findings
    No Access /
    Access
    Assigned as default role No No No No No
    Assigned for a team No No No No No
    Assigned for an app No No No No No
    List Applications /
    Monitor and Add Dependencies
    Assigned as default role No All appsA No No No
    Assigned for a team Assigned team Team's appsB No No No
    Assigned for an app No Assigned app No No No
    Open and Debug Applications Assigned as default role No All appsA All appsA No No
    Assigned for a team Assigned team Team's appsB Team's appsB No No
    Assigned for an app No Assigned app Assigned app No No
    Change and Deploy Applications /
    Full Control
    Assigned as default role All teams All appsA All appsA All appsA All appsA
    Assigned for a team Assigned team Team's appsB Team's appsB Team's appsB Team's appsB
    Assigned for an app No Assigned app Assigned app Assigned app Assigned app

    A- Specific apps may not appear if a lower permission is attributed by a role assigned specifically for those apps or assigned for teams assigned to those apps. ; B- Specific apps may not appear if a lower permission is attributed by a role assigned specifically for those apps.

    Maintenance and operations permissions

    LifeTime permission LifeTime role assignment Architecture Dashboard permission
    Ignore modules Enable AI auto-classification Override module AI auto-classification Update probes
    Open and Debug Applications or lower Assigned as default role No No No No
    Assigned for a team No No No No
    Assigned for an app No No No No
    Change and Deploy Applications Assigned as default role All modulesA No No No
    Assigned for a team Team's modulesB No No No
    Assigned for an app Assigned app's modules No No No
    Full Control Assigned as default role All modulesA Yes All modules Yes
    Assigned for a team Team's modulesB No No No
    Assigned for an app Assigned app's modules No No No

    A- Specific modules may not appear if a lower permission is attributed by a role assigned specifically for those modules' apps or by a role assigned for teams assigned to those modules' apps. ; B- Specific modules may not appear if a lower permission is attributed by a role assigned specifically for those modules' apps.

    • Was this article helpful?