MicrosoftDocs
diff --git a/‎articles/active-directory-b2c/partner-dynamics-365-fraud-protection.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory-b2c/partner-dynamics-365-fraud-protection.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/cloud-infrastructure-entitlement-management/TOC.yml
Lines changed: 161 additions & 0 deletions b/‎articles/active-directory/cloud-infrastructure-entitlement-management/TOC.yml
Lines changed: 161 additions & 0 deletions
diff --git a/‎articles/active-directory/cloud-infrastructure-entitlement-management/cloudknox-all-reports.md
Lines changed: 59 additions & 0 deletions b/‎articles/active-directory/cloud-infrastructure-entitlement-management/cloudknox-all-reports.md
Lines changed: 59 additions & 0 deletions
@@ -168,7 +168,7 @@ In the provided [custom policies](https://github.com/azure-ad-b2c/partner-integr
 
 For additional information, review the following articles:
 
-- [Microsoft DFP samples](https://github.com/Microsoft/Dynamics-365-Fraud-Protection-Samples)
+- [Microsoft DFP samples](https://github.com/azure-ad-b2c/partner-integrations/tree/master/samples/Dynamics-Fraud-Protection)
 
 - [Custom policies in Azure AD B2C](./custom-policy-overview.md)
 
 
@@ -0,0 +1,161 @@
+  - name: CloudKnox Permissions Management
+    href: index.yml
+  - name: Overview
+    expanded: true
+    items:
+      - name: What's CloudKnox Permissions Management?
+        href: cloudknox-overview.md
+  - name: How-to guides
+    expanded: true
+    items:
+    - name: Onboard CloudKnox on the Azure AD tenant
+      expanded: true
+      items:
+      - name: Enable CloudKnox in your organization 
+        href: cloudknox-onboard-enable-tenant.md
+      - name: Onboard an AWS account
+        href: cloudknox-onboard-aws.md
+      - name: Onboard an Azure subscription
+        href: cloudknox-onboard-azure.MD
+      - name: Onboard a GCP project
+        href: cloudknox-onboard-gcp.md
+      - name: Enable or disable the controller after onboarding is complete
+        href: cloudknox-onboard-enable-controller-after-onboarding.md
+      - name: Add an account/ subscription/ project after onboarding is complete
+        href: cloudknox-onboard-add-account-after-onboarding.md
+    - name: View risk metrics in your authorization system
+      expanded: false
+      items:
+      - name: View key statistics and data about your authorization system
+        href: cloudknox-ui-dashboard.md
+      - name: View data about the activity in your authorization system
+        href: cloudknox-product-dashboard.md
+    - name: Configure settings for data collection
+      expanded: false
+      items:
+      - name: View and configure settings for data collection
+        href: cloudknox-product-data-sources.md
+      - name: Display an inventory of created resources and licenses 
+        href: cloudknox-product-data-inventory.md
+    - name: Manage organizational and personal information
+      expanded: false
+      items:
+      - name: View personal and organization information
+        href: cloudknox-product-account-settings.md
+    - name: View information about identities, resources, and tasks
+      expanded: false
+      items:
+      - name: View analytic information with the Analytics dashboard
+        href: cloudknox-usage-analytics-home.md
+      - name: View analytic information about users
+        href: cloudknox-usage-analytics-users.md
+      - name: View analytic information about groups
+        href: cloudknox-usage-analytics-groups.md
+      - name: View analytic information about active resources
+        href: cloudknox-usage-analytics-active-resources.md
+      - name: View analytic information about active tasks
+        href: cloudknox-usage-analytics-active-tasks.md
+      - name: View analytic information about access keys
+        href: cloudknox-usage-analytics-access-keys.md
+      - name: View analytic information about serverless functions
+        href: cloudknox-usage-analytics-serverless-functions.md
+    - name: Manage roles/policies and permission requests
+      expanded: false
+      items:
+      - name: View roles/policies and requests for permission in the Remediation dashboard
+        href: cloudknox-ui-remediation.md
+      - name: View information about roles/policies
+        href: cloudknox-howto-view-role-policy.md
+      - name: View information about active and completed tasks
+        href: cloudknox-ui-tasks.md
+      - name: Create a role/policy
+        href: cloudknox-howto-create-role-policy.md
+      - name: Clone a role/policy
+        href: cloudknox-howto-clone-role-policy.md
+      - name: Modify a role/policy
+        href: cloudknox-howto-modify-role-policy.md
+      - name: Delete a role/policy
+        href: cloudknox-howto-delete-role-policy.md
+      - name: Attach and detach policies for AWS identities
+        href: cloudknox-howto-attach-detach-permissions.md
+      - name: Add and remove roles and tasks for Azure and GCP identities
+        href: cloudknox-howto-add-remove-role-task.md
+      - name: Revoke access to high-risk and unused tasks or assign read-only status
+        href: cloudknox-howto-revoke-task-readonly-status.md
+      - name: Create or approve a request for permissions 
+        href: cloudknox-howto-create-approve-privilege-request.md
+    - name: Manage users, roles, and their access levels
+      expanded: false
+      items:
+      - name: Manage users and groups
+        href: cloudknox-ui-user-management.md
+      # - name: Define and manage users, roles, and access levels
+        # href: cloudknox-product-define-permission-levels.md
+      - name: Select group-based permissions settings
+        href: cloudknox-howto-create-group-based-permissions.md
+    - name: Use queries to view information about user access
+      expanded: false
+      items:
+      - name: Use queries to see how users access information 
+        href: cloudknox-ui-audit-trail.md
+      - name: Create a custom query
+        href: cloudknox-howto-create-custom-queries.md
+      - name: Generate an on-demand report from a query
+        href: cloudknox-howto-audit-trail-results.md
+      - name: Filter and query user activity
+        href: cloudknox-product-audit-trail.md
+    - name: Set activity alerts and triggers 
+      expanded: false
+      items: 
+      - name: View information about activity triggers
+        href: cloudknox-ui-triggers.md
+      - name: Create and view activity alerts and alert triggers
+        href: cloudknox-howto-create-alert-trigger.md
+      - name: Create and view rule-based anomalies and anomaly triggers
+        href: cloudknox-product-rule-based-anomalies.md
+      - name: Create and view statistical anomalies and anomaly triggers
+        href: cloudknox-product-statistical-anomalies.md
+      - name: Create and view permission analytics triggers
+        href: cloudknox-product-permission-analytics.md
+    - name: Manage rules for authorization systems
+      expanded: false
+      items:
+      - name: View rules in the Autopilot dashboard
+        href: cloudknox-ui-autopilot.md
+      - name: Create a rule
+        href: cloudknox-howto-create-rule.md 
+      - name: Generate, view, and apply rule recommendations
+        href: cloudknox-howto-recommendations-rule.md 
+      - name: View notification settings for a rule
+        href: cloudknox-howto-notifications-rule.md
+    - name: Create and view reports 
+      expanded: false
+      items: 
+      - name: View system reports in the Reports dashboard
+        href: cloudknox-product-reports.md
+      - name: View a list and description of system reports
+        href: cloudknox-all-reports.md
+      - name: Generate and view a system report
+        href: cloudknox-report-view-system-report.md
+      - name: Create, view, and share a custom report
+        href: cloudknox-report-create-custom-report.md
+      - name: Generate and download the Permissions analytics report
+        href: cloudknox-product-permissions-analytics-reports.md
+  - name: Troubleshoot
+    expanded: false
+    items:
+    - name: Troubleshoot issues
+      href: cloudknox-troubleshoot.md
+  #- name: Training material
+    #expanded: false
+    #items:
+    #- name: Get started with CloudKnox training videos
+      #href: cloudknox-training-videos.md
+  - name: Reference
+    expanded: false
+    items:
+    - name: FAQs
+      href: cloudknox-faqs.md
+    - name: Glossary
+      href: cloudknox-multi-cloud-glossary.md
+
@@ -0,0 +1,59 @@
+---
+title: View a list and description of all system reports available in CloudKnox Permissions Management reports
+description: View a list and description of all system reports available in CloudKnox Permissions Management.
+services: active-directory
+author: Yvonne-deQ
+manager: karenh444
+ms.service: active-directory
+ms.subservice: ciem
+ms.workload: identity
+ms.topic: overview
+ms.date: 02/23/2022
+ms.author: v-ydequadros
+---
+
+# View a list and description of system reports
+
+> [!IMPORTANT]
+> CloudKnox Permissions Management (CloudKnox) is currently in PREVIEW.
+> Some information relates to a prerelease product that may be substantially modified before it's released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
+CloudKnox Permissions Management (CloudKnox) has various types of system reports that capture specific sets of data. These reports allow management, auditors, and administrators to:
+
+- Make timely decisions.
+- Analyze trends and system/user performance.
+- Identify trends in data and high risk areas so that management can address issues more quickly and improve their efficiency.
+
+This article provides you with a list and description of the system reports available in CloudKnox. Depending on the report, you can download it in comma-separated values (**CSV**) format, portable document format (**PDF**), or Microsoft Excel Open XML Spreadsheet (**XLSX**) format.
+
+## Download a system report
+
+1. In the CloudKnox home page, select the **Reports** tab, and then select the **Systems reports** subtab.
+1. In the **Report Name** column, find the report you want, and then select the down arrow to the right of the report name to download the report.
+
+    Or, from the ellipses **(...)** menu, select **Download**.
+
+    The following message displays: **Successfully started to generate on demand report.**
+
+
+## Summary of available system reports
+
+| Report name                | Type of the report                | File format              | Description               | Availability                | Collated report?                 |
+|----------------------------|-----------------------------------|--------------------------|---------------------------| ----------------------------|----------------------------------|
+| Access Key Entitlement and Usage Report                | Summary </p>Detailed                | CSV                 | This report displays: </p> - Access key age, last rotation date, and last usage date availability in the summary report. Use this report to decide when to rotate access keys. </p> - Granted task and Permissions creep index (PCI) score. This report provides supporting information when you want to take the action on the keys.                | AWS</p>Azure                 | Yes      |
+| All Permissions for Identity                 | Detailed                 | CSV                | This report lists all the assigned permissions for the selected identities.                | Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP)            | N/A      |
+| Group Entitlements and Usage       | Summary                | CSV                | This report tracks all group level entitlements and the permission assignment, PCI. The number of members is also listed as part of this report.                 | AWS, Azure, or GCP                 | Yes      |
+| Identity Permissions                 | Summary                | CSV                 | This report tracks any, or specific, task usage per **User**, **Group**, **Role**, or **App**.                 | AWS, Azure, or GCP                 | No      |
+| Identity Privilege Activity Report                | Summary                | PDF                | This report helps monitor the **Identity Privilege** related activity across the authorized systems. It captures any Identity permission change. </p>This report has the following main sections: **User Summary**, **Group Summary**, **Role Summary & Delete Task Summary**. </p>The **User Summary** lists the current granted permissions along with high-risk permissions and resources accessed in 1-day, 7-day, or 30-days durations. There are subsections for newly added or deleted users, users with PCI change, high-risk active/inactive users. </p>The **Group Summary** lists the administrator level groups with the current granted permissions along with high-risk permissions and resources accessed in 1-day, 7-day, or 30-day durations. There are subsections for newly added or deleted groups, groups with PCI change, High-risk active/inactive groups. </p>The **Role Summary** and the **Group Summary** list similar details. </p>The **Delete Task** summary section lists the number of times the **Delete Task** has been executed in the given period.                | AWS, Azure, or GCP                 | No      |
+| PCI History                 | Summary                 | CSV                 | This report helps track **Monthly PCI History** for each authorized system. It can be used to plot the trend of the PCI.                 | AWS, Azure, or GCP                 | Yes      |
+| Permissions Analytics Report (PAR)  |     Detailed                 | CSV                 | This report lists the different key findings in the selected authorized systems. The key findings include **Super identities**, **Inactive identities**, **Over-provisioned active identities**, **Storage bucket hygiene**, **Access key age (AWS)**, and so on. </p>This report helps administrators to visualize the findings across the organization and make decisions.                	| AWS, Azure, or GCP                | Yes      |
+| Role/Policy Details                 | Summary                 | CSV                | This report captures **Assigned/Unassigned** and **Custom/system policy with used/unused condition** for specific or all AWS accounts. </p>Similar data can be captured for Azure and GCP for assigned and unassigned roles.                | AWS, Azure, or GCP                 | No      |
+| User Entitlements and Usage     | Detailed <p>Summary                 | CSV                 | This report provides a summary and details of **User entitlements and usage**. </p>**Data displayed on Usage Analytics** screen is downloaded as part of the **Summary** report. </p>**Detailed permissions usage per User** is listed in the Detailed report.                 | AWS, Azure, or GCP                | Yes      |
+
+
+## Next steps
+
+- For information on how to view system reports in the **Reports** dashboard, see [View system reports in the Reports dashboard](cloudknox-product-reports.md).
+- For information about how to create, view, and share a system report, see [Create, view, and share a custom report](cloudknox-report-view-system-report.md).
+- For information about how to create and view a custom report, see [Generate and view a custom report](cloudknox-report-create-custom-report.md).
+- For information about how to create and view the Permissions analytics report, see [Generate and download the Permissions analytics report](cloudknox-product-permissions-analytics-reports.md).