Merge pull request #281030 from usanth/docs-editor/personal-data-delete-export-1721171799

denrea · web-flow · commit a6b72a3d5274 · 2024-08-02T10:22:04.000-07:00
Update export instructions
diff --git a/articles/devtest-labs/personal-data-delete-export.md b/articles/devtest-labs/personal-data-delete-export.md
@@ -17,190 +17,108 @@ DevTest Labs collects two main pieces of personal data from the user. They are:
 ### User email address
 DevTest Labs uses the user email address to send auto shutdown email notifications to lab users. The email notifies users of their machine being shut down. The users can either postpone or skip the shutdown if they wish to do so. You configure the email address at the lab level or at the VM level.
 
-**Setting email at the lab:**
-
-![Setting email at the lab level](./media/personal-data-delete-export/lab-user-email.png)
-
-**Setting email at the VM:**
-
-![Setting email at the VM level](./media/personal-data-delete-export/vm-user-email.png)
-
-### User object ID
-DevTest Labs uses the user object ID to show month-over-month cost trends and cost by resource information to lab admins. It allows them to track costs and manage thresholds for their Lab. 
-
-**Estimated cost trend for the current calendar month:**
-![Estimated cost trend for the current calendar month](./media/personal-data-delete-export/estimated-cost-trend-per-month.png)
-
-**Estimated month-to-date cost by resource:**
-![Estimated month-to-date cost by resource](./media/personal-data-delete-export/estimated-month-to-date-cost-by-resource.png)
-
-
 ## Why do we need this personal data?
-The DevTest Labs service uses the personal data for operational purposes. This data is critical for the service to deliver key features. If you set a retention policy on the user email address, lab users do not receive timely auto shutdown email notifications after their email address is deleted from our system. Similarly, the lab admin can't view month-over-month cost trends and cost by resource for machines in their labs if the user object IDs are deleted based on a retention policy. Therefore, this data needs to be retained for as long as the user's resource is active in the Lab.
+The DevTest Labs service uses the personal data for operational purposes. This data is critical for the service to deliver key features. If you set a retention policy on the user email address, lab users do not receive timely auto shutdown email notifications after their email address is deleted from our system. Therefore, this data needs to be retained for as long as the user's resource is active in the Lab.
 
-## How can I have the system to forget my personal data?
-As a lab user, if you like to have this personal data deleted, you can do so by deleting the corresponding resource in the Lab. The DevTest Labs service anonymizes the deleted personal data 30 days after it's deleted by the user.
+## How can I have the system forget my personal data?
+As a lab user, you can delete your personal by deleting the corresponding resource in the Lab. The DevTest Labs service anonymizes the deleted personal data 30 days after it's deleted by the user.
 
-For example, If you delete your VM, or removed your email address, the DevTest Labs service anonymizes this data 30 days after the resource is deleted. The 30-day retention policy after deletion is to make sure that we provide an accurate month-over-month cost projection to the lab admin.
+For example, if you delete your VM, or remove your email address, the DevTest Labs service anonymizes this data 30 days after the resource is deleted. The 30-day retention policy after deletion ensures that DevTest Labs provides an accurate month-over-month cost projection to the lab admin.
 
 ## How can I request an export on my personal data?
-You can export personal and lab usage data by using the Azure portal or PowerShell. The data is exported as two different CSV files:
-
-- **disks.csv** - contains information about the disks being used by the different VMs
-- **virtualmachines.csv** - contains information about the VMs in the lab.
-
-### Azure portal
-As a lab user, you can request an export on the personal data that the DevTest Labs service stores. To request for an export, navigate to the **Personal data** option on the **Overview** page of your lab. Select the **Request export** button kicks off the creation of a downloadable excel file in your Lab admin's storage account. You can then contact your lab admin to view this data.
-
-1. Select **Personal data** on the left menu. 
-
-    ![Personal data page](./media/personal-data-delete-export/personal-data-page.png)
-2. Select the **resource group** that contains the lab.
-
-    ![Select resource group](./media/personal-data-delete-export/select-resource-group.png)
-3. Select the **storage account** in the resource group.
-4. On the **Storage account** page, select **Blobs**.
-
-    ![Select Blobs tile](./media/personal-data-delete-export/select-blobs-tile.png)
-5. Select the container named **labresourceusage** in the list of containers.
-
-    ![Select blob container](./media/personal-data-delete-export/select-blob-container.png)
-6. Select the **folder** named after your lab. You find **csv** files for **disks** and **virtual machines** in your lab in this folder. You can download these csv files, filter the content for the lab user requesting an access, and share it with them.
-
-    ![Download CSV file](./media/personal-data-delete-export/download-csv-file.png)
+You can export personal and lab usage data by using Azure PowerShell. DevTest Labs exports the data as a csv file with the date and time of the export requested in the name.
 
 ### Azure PowerShell
 
 ```powershell
 Param (
-    [Parameter (Mandatory=$true, HelpMessage="The storage account name where to store usage data")]
-    [string] $storageAccountName,
-
-    [Parameter (Mandatory=$true, HelpMessage="The storage account key")]
-    [string] $storageKey,
+    [Parameter (Mandatory=$true, HelpMessage="The resource group name of the storage account")]
+[string] $resourceGroupName,
+	
+	[Parameter (Mandatory=$true, HelpMessage="The subscription id of the storage account and DTL")]    
+[string] $subscriptionId,
 
-    [Parameter (Mandatory=$true, HelpMessage="The DevTest Lab name to get usage data from")]
-    [string] $labName,
+    [Parameter (Mandatory=$true, HelpMessage="The storage account name")]
+[string] $storageAccountName,
 
-    [Parameter (Mandatory=$true, HelpMessage="The DevTest Lab subscription")]
-    [string] $labSubscription
-    )
+    [Parameter (Mandatory=$true, HelpMessage="Expire time of the SAS Token")]
+[string] $expiryTime,
 
-#Login
-Login-AzureRmAccount
+    [Parameter (Mandatory=$true, HelpMessage="Date to pull data from")][string] $startTime,
 
-# Set the subscription for the lab
-Get-AzureRmSubscription -SubscriptionId $labSubscription  | Select-AzureRmSubscription
+    [Parameter (Mandatory=$true, HelpMessage="Name of the lab to export")]
+[string] $labName,
 
-# DTL will create this container in the storage when invoking the action, cannot be changed currently
-$containerName = "labresourceusage"
+    [Parameter (Mandatory=$true, HelpMessage="The desired SKU")]
+[string] $desiredSKU,
 
-# Get the storage context
-$Ctx = New-AzureStorageContext -StorageAccountName $storageAccountName -StorageAccountKey $storageKey 
-$SasToken = New-AzureStorageAccountSASToken -Service Blob, File -ResourceType Container, Service, Object -Permission rwdlacup -Protocol HttpsOnly -Context $Ctx
+    [Parameter (Mandatory=$true, HelpMessage="Protocol for SAS token generation")]
+[string] $protocol,
 
-# Generate the storage blob uri
-$blobUri = $Ctx.BlobEndPoint + $SasToken
+    [Parameter (Mandatory=$true, HelpMessage="Permissions given for SAS token")]
+[string] $permissions
 
-# blobStorageAbsoluteSasUri and usageStartDate are required
+# Log in 
+Connect-AzAccount -UseDeviceAuthentication
+ 
+# Set your subscription
+Set-AzContext -SubscriptionId $subscriptionId
+ 
+ 
+# Create a resource group and storage account
+  New-AzStorageAccount -ResourceGroupName $resourceGroupName `
+                     -Name $storageAccountName `
+                     -Location $location `
+                     -SkuName $desiredSKU
+ 
+# Get storage account context
+$storageAccountContext = Get-AzStorageAccount -ResourceGroupName $resourceGroupName -AccountName $storageAccountName
+$storageAccountKeys = Get-AzStorageAccountKey -ResourceGroupName $resourceGroupName -Name $storageAccountName
+ 
+$Ctx = New-AzureStorageContext -StorageAccountName $storageAccountName -StorageAccountKey $storageAccountKeys[0].Value
+
+# Create blob container
+$containerName = "exportlabresources"
+New-AzStorageContainer -Name $containerName `
+                       -Context $Ctx `
+                       -Permission Off
+
+# Get SAS token
+$sasToken = New-AzStorageContainerSASToken `
+-Context $Ctx `
+-Name $containerName `
+-StartTime (Get-Date) `
+-ExpiryTime $expiryTime `
+-Permission $permissions `
+-Protocol $protocol
+
+# Make blob endpoint
+$blobEndpointWithSas = $storageAccountContext.Context.BlobEndPoint + $containerName+ "?" + $sasToken
+
+# Invoke Export Job
 $actionParameters = @{
-    'blobStorageAbsoluteSasUri' = $blobUri    
+    'blobStorageAbsoluteSasUri' = $blobEndpointWithSas    
 }
 
-$startdate = (Get-Date).AddDays(-7)
-
 $actionParameters.Add('usageStartDate', $startdate.Date.ToString())
-
-# Get the lab resource group
-$resourceGroupName = (Find-AzureRmResource -ResourceType 'Microsoft.DevTestLab/labs' | Where-Object { $_.Name -eq $labName}).ResourceGroupName
-    
-# Create the lab resource id
-$resourceId = "/subscriptions/" + $labSubscription + "/resourceGroups/" + $resourceGroupName + "/providers/Microsoft.DevTestLab/labs/" + $labName + "/"
-
-# !!!!!!! this is the new resource action to get the usage data.
-$result = Invoke-AzureRmResourceAction -Action 'exportLabResourceUsage' -ResourceId $resourceId -Parameters $actionParameters -Force
  
-# Finish up cleanly
-if ($result.Status -eq "Succeeded") {
-    Write-Output "Telemetry successfully downloaded for " $labName
-    return 0
-}
-else
-{
-    Write-Output "Failed to download lab: " + $labName
-    Write-Error $result.toString()
-    return -1
-}
+$resourceId = "/subscriptions/" + $subscriptionId + "/resourceGroups/" + $resourceGroupName + "/providers/Microsoft.DevTestLab/labs/" + $labName + "/"
+ 
+$result = Invoke-AzureRmResourceAction -Action 'ExportResourceUsage' -ResourceId $resourceId -Parameters $actionParameters -Force
+
 ```
 
-The key components in the above sample are:
+The key components in the previous sample are:
 
 - The Invoke-AzureRmResourceAction command.
-   
+
     ```
-    Invoke-AzureRmResourceAction -Action 'exportLabResourceUsage' -ResourceId $resourceId -Parameters $actionParameters -Force
+  Invoke-AzureRmResourceAction -Action 'ExportResourceUsage' -ResourceId $resourceId -Parameters $actionParameters -Force
     ```
 - Two action parameters
-    - **blobStorageAbsoluteSasUri** - The storage account URI with the Shared Access Signature (SAS) token. In the PowerShell script, this value could be passed in instead of the storage key.
-    - **usageStartDate** - The beginning date to pull data, with the end date being the current date on which the action is executed. The granularity is at the day level, so even if you add time information, it will be ignored.
-
-### Exported data - a closer look
-Now let’s take a closer look at the exported data. As mentioned earlier, once the data are successfully exported, there will be two CSV files. 
-
-The **virtualmachines.csv** contains the following data columns:
-
-| Column name | Description |
-| ----------- | ----------- | 
-| SubscriptionId | The subscription identifier that the lab exists in. |
-| LabUId | Unique GUID identifier for the lab. |
-| LabName | Name of the lab. |
-| LabResourceId | Fully qualified lab resource ID. |
-| ResourceGroupName | Name of the resource group that contains the VM | 
-| ResourceId | Fully qualified resource ID for the VM. |
-| ResourceUId | GUID for the VM |
-| Name | Virtual machine name. |
-| CreatedTime | The date-time at which the VM was created. |
-| DeletedDate | The date-time at which the VM was deleted. If it's empty, deletion hasn't occurred, yet. |
-| ResourceOwner | Owner of the VM. If the value is empty, then it's either a claimable VM or created by a service principal. |
-| PricingTier | Pricing tier of the VM |
-| ResourceStatus | Availability state of the VM. Active, if still exists or Inactive, if the VM has been deleted. |
-| ComputeResourceId | Fully qualified virtual machine compute resource identifier. |
-| Claimable | Set to true if the VM is a claimable VM | 
-| EnvironmentId | The environment resource identifier within which the Virtual machine was created in. It's empty when the VM wasn't created as part of an environment resource. |
-| ExpirationDate | Expiration date for the VM. It's set to empty, if an expiration date hasn't been set.
-| GalleryImageReferenceVersion |  Version of the VM base image. |
-| GalleryImageReferenceOffer | Offer of the VM base image. |
-| GalleryImageReferencePublisher | Publisher of the VM base image. |
-| GalleryImageReferenceSku | Sku of the VM base image |
-| GalleryImageReferenceOsType | OS type of the VM base image |
-| CustomImageId | Fully qualified ID of the VM base custom image. |
-
-The data columns contained in **disks.csv** are listed below:
-
-| Column name | Description | 
-| ----------- | ----------- | 
-| SubscriptionId | ID of the subscription that contains the lab |
-| LabUId | GUID for the lab |
-| LabName | Name of the lab | 
-| LabResourceId | Fully qualified resource ID for the lab | 
-| ResourceGroupName | Name of the resource group that contains the lab | 
-| ResourceId | Fully qualified resource ID for the VM. |
-| ResourceUId | GUID for the VM |
- |Name | The name of the attached disk |
-| CreatedTime |The date and time at which the data disk was created. |
-| DeletedDate | The date and time at which the data disk was deleted. |
-| ResourceStatus | Status of the resource. Active, if the resource exists. Inactive, when deleted. |
-| DiskBlobName | Blob name for the data disk. |
-| DiskSizeGB | The size of the data disk. |
-| DiskType | Type of the data disk. 0 for Standard, 1 for Premium. |
-| LeasedByVmId | Resource ID of the VM to which the data disk has been attached. |
-
-
-> [!NOTE]
-> If you are dealing with multiple labs and want to get overall information, the two key columns are the **LabUID** and the **ResourceUId**, which are the unique ids across subscriptions.
-
-The exported data can be manipulated and visualized using tools, like SQL Server, Power BI, etc. This feature is especially useful when you want to report usage of your lab to your management team that may not be using the same Azure subscription as you do.
-
+  - **blobStorageAbsoluteSasUri** - The storage account URI with the Shared Access Signature (SAS) token. In the PowerShell script, this value could be passed in instead of the storage key.
+  - **usageStartDate** - The beginning date to pull data, with the end date being the current date on which the action is executed. The granularity is at the day level, so even if you add time information, it will be ignored.
+    
 ## Next steps
 See the following article: 
 
diff --git a/articles/devtest-labs/report-usage-across-multiple-labs-subscriptions.md b/articles/devtest-labs/report-usage-across-multiple-labs-subscriptions.md
@@ -30,17 +30,7 @@ Before you can export DevTest Labs resource usage, you have to set up an Azure S
     > [!NOTE]
     > The date parameter doesn't include a time stamp so the data includes everything from midnight based on the time zone where the lab is located.
 
-Once the export is complete, there will be multiple CSV files in the blob storage with the different resource information.
-  
-Currently there are two CSV files:
-
-* *virtualmachines.csv* - contains information about the virtual machines in the lab
-* *disks.csv* - contains information about the different disks in the lab 
-
-These files are stored in the *labresourceusage* blob container. The files are under the lab name, lab unique ID, date executed, and either `full` or the start date of the export request. An example blob structure is:
-
-* `labresourceusage/labname/1111aaaa-bbbb-cccc-dddd-2222eeee/<End>DD26-MM6-2019YYYY/full/virtualmachines.csv`
-* `labresourceusage/labname/1111aaaa-bbbb-cccc-dddd-2222eeee/<End>DD-MM-YYYY/26-6-2019/20-6-2019<Start>DD-MM-YYYY/virtualmachines.csv`
+Once the export is complete, there will be a CSV file in the blob storage with the different resource information.
 
 ## Exporting usage for all labs
 
