How does Architecture Dashboard work

Last updated
Save as PDF

Architecture Dashboard includes the following pieces:

Architecture Dashboard LifeTime Plugin: A LifeTime plugin that's published in a platform installation (on-premises or cloud) with probes to collect data and communicate with the SaaS.
Architecture Dashboard SaaS: A "Software as a Service" app that processes and shows all data collected from the Plugin.

Architecture Dashboard diagram

Communication

Communications between the Architecture Dashboard plugin and the Architecture Dashboard SaaS are always initiated by the plugin. This reduces connectivity requirements on your side since all that needs to be ensured is connectivity from the Plugin in the LifeTime environment to the Architecture Dashboard SaaS endpoint.

The plugin can use a forward proxy to connect to the Architecture Dashboard SaaS endpoint.

Data collected in plugin and sent to SaaS

Architecture Dashboard collects the following data from your infrastructure:

Platform metamodel data, including infrastructure activation code, environments information (name and Platform Server version), teams, list of apps and modules (including name and identifier), and platform configurations.
Modules and dependency information for code analysis.
LifeTime Analytics data for runtime performance analysis.
Upon acceptance of the agreement, during Architecture Dashboard set up: users information (name, username, email address, user creation date, last login date) and LifeTime permissions.
Optionally: Discovery snapshot data (architectural references, applications, and modules) for architecture analysis.

Data of each installation is kept in the OutSystems cloud and isolated from all other installations using the platform's multi-tenant mechanisms. This ensures data from one installation is not accessible by users of other installations.

Data in transit

The Plugin and SaaS share data in binary format through a well-known HTTPS endpoint.
IP or DNS addresses aren't transmitted.
No ports besides the defaults need to be open for the correct use of Architecture Dashboard Probes.
No firewall issues should arise, although you need to be able to access the endpoint detailed in How to set up Architecture Dashboard.

Data at rest in SaaS

Data of each installation is kept isolated from all other installations using the platform's multi-tenant mechanisms. This ensures data from one installation isn't accessible by users of other installations.

More information about security and compliance

Read more about security and compliance in the following FAQ sections:

Permissions

The permissions that IT users have while using Architecture Dashboard with an infrastructure, depend on the role and permissions set in LifeTime for the code-analysis environment of that infrastructure.

The set of permissions that an IT user has for the code-analysis environment is determined by the permissions of the assigned roles, and also by how the roles are assigned.

Roles and their permissions can be assigned as a default role, as a role for a team, or as role for an app.

The permissions of a role assigned for a team override the permissions for the team's apps assigned by the default role.

The permissions of a role assigned for an app override the permissions for the specific app assigned by the default role and of roles assigned for a team.

The following tables map the Architecture Dashboard permissions to the LifeTime permissions and to the way the roles are assigned to IT users.

Main features permissions

LifeTime permission	LifeTime role assignment	Architecture Dashboard permission
LifeTime permission	LifeTime role assignment	View teams	View apps and modules	Open findings report	Export findings report	Resolve findings
No Access / Access	Assigned as default role	No	No	No	No	No
	Assigned for a team	No	No	No	No	No
	Assigned for an app	No	No	No	No	No
List Applications / Monitor and Add Dependencies	Assigned as default role	No	All apps^A	No	No	No
	Assigned for a team	Assigned team	Team's apps^B	Team's apps^B	No	No
	Assigned for an app	No	Assigned app	Assigned app	No	No
Open and Debug Applications	Assigned as default role	No	All apps^A	All apps^A	No	No
	Assigned for a team	Assigned team	Team's apps^B	Team's apps^B	No	No
	Assigned for an app	No	Assigned app	Assigned app	No	No
Change and Deploy Applications / Full Control	Assigned as default role	All teams	All apps^A	All apps^A	All apps^A	All apps^A
	Assigned for a team	Assigned team	Team's apps^B	Team's apps^B	Team's apps^B	Team's apps^B
	Assigned for an app	No	Assigned app	Assigned app	Assigned app	Assigned app

A- Specific apps may not appear if a lower permission is attributed by a role assigned specifically for those apps or assigned for teams assigned to those apps. ; B- Specific apps may not appear if a lower permission is attributed by a role assigned specifically for those apps.

Maintenance and operations permissions

LifeTime permission	LifeTime role assignment	Architecture Dashboard permission
LifeTime permission	LifeTime role assignment	Ignore modules	Enable AI auto-classification	Override module AI auto-classification	Update probes
Open and Debug Applications or lower	Assigned as default role	No	No	No	No
	Assigned for a team	No	No	No	No
	Assigned for an app	No	No	No	No
Change and Deploy Applications	Assigned as default role	All modules^A	No	No	No
	Assigned for a team	Team's modules^B	No	No	No
	Assigned for an app	Assigned app's modules	No	No	No
Full Control	Assigned as default role	All modules^A	Yes	All modules	Yes
	Assigned for a team	Team's modules^B	No	No	No
	Assigned for an app	Assigned app's modules	No	No	No

A- Specific modules may not appear if a lower permission is attributed by a role assigned specifically for those modules' apps or by a role assigned for teams assigned to those modules' apps. ; B- Specific modules may not appear if a lower permission is attributed by a role assigned specifically for those modules' apps.

Training

Documentation