Skip to content

eva-foundry/98-system-analysis

BranchesTags

Repository files navigation

98-system-analysis -- Workspace Subscription Inventory Reference

EVA Ecosystem Integration

Tool Purpose How to Use
37-data-model Single source of truth for all project entities GET http://localhost:8010/model/projects/98-system-analysis
29-foundry Agentic capabilities (search, RAG, eval, observability) C:\eva-foundry\eva-foundation\29-foundry
48-eva-veritas Trust score and coverage audit MCP tool: audit_repo / get_trust_score
07-foundation-layer Copilot instructions primer + governance templates MCP tool: apply_primer / audit_project

Agent rule: Query the data model API before reading source files.

Invoke-RestMethod "http://localhost:8010/model/agent-guide"   # complete protocol
Invoke-RestMethod "http://localhost:8010/model/agent-summary" # all layer counts

Purpose: Official workspace reference for Azure subscription inventories, cost analysis, and infrastructure documentation
Owner: AI CoE Infrastructure Team
Status: Active -- Workspace-level subscription management
Last Updated: March 3, 2026
Related: 97-workspace-notes (workspace home), 07-foundation-layer (governance)

?? Overview

98-System-Analysis is the Official Workspace Reference for Azure Subscription Inventories -- single source of truth for all Azure resource inventories, cost analysis, and infrastructure documentation across ALL EVA subscriptions.

This project provides comprehensive Azure inventory management across multiple subscriptions with automated collection, cost analysis, and infrastructure documentation. It manages three Azure subscriptions with 1,484+ total resources across Government and personal environments.

Key Capabilities:

  • Full subscription inventory with detailed resource enumeration
  • Cost optimization analysis (FinOps opportunities)
  • RBAC and security analysis
  • Resource reusability scoring
  • APIM integration readiness assessment
  • Automated cleanup and archival

?? Quick Start

Daily Inventory Collection

# Navigate to inventory directory
cd C:\eva-foundry\98-system-analysis\inventory

# Run full subscription inventory (5-10 min)
.\Get-AzureInventory-Enhanced.ps1 -SkipConnectivityTests

# View results
Get-ChildItem .\.eva-cache -File | Sort-Object LastWriteTime -Descending | Select-Object -First 5

Generate Reports for All Subscriptions

# 1. EsDAICoESub (Government Dev/Stage - 1,250 resources)
az account set --subscription "EsDAICoESub"
.\Get-AzureInventory-Enhanced.ps1 -SkipConnectivityTests

# 2. EsPAICoESub (Government Production - 203 resources)
.\Get-ProductionInventory.ps1 -SkipConnectivityTests

# 3. MarcoSub (Personal - 31 resources)
az account set --subscription "MarcoSub"
.\Get-AzureInventory-Enhanced.ps1 -SkipConnectivityTests

?? Directory Structure

98-system-analysis/
??? inventory/                          # Core inventory scripts
?   ??? Get-AzureInventory-Enhanced.ps1 # Weekly full subscription (5-10 min)
?   ??? Get-ProductionInventory.ps1     # Quarterly production refresh
?   ??? .eva-cache/                     # Inventory output directory
?   ?   ??? azure-inventory-*.json      # Full resource inventory
?   ?   ??? azure-connectivity-*.md     # Network analysis
?   ?   ??? azure-rbac-analysis-*.md    # RBAC permissions
?   ?   ??? azure-reusability-report-*.md # Reusability scoring
?   ?   ??? other-subscriptions/        # Non-default subscriptions
?   ?       ??? EsPAICoESub/           # Production inventory
?   ?       ??? MarcoSub/              # Personal subscription
?   ??? *.md                           # Documentation

?? Core Scripts

1. Get-AzureInventory-Enhanced.ps1 ? PRIMARY SCRIPT

Purpose: Complete subscription inventory with advanced analysis
Execution Time: 0.8-1.0 minutes (with --SkipConnectivityTests)
Output: JSON inventory + 3 analysis reports

What it collects:

  • All resources (1000+) with detailed configurations
  • RBAC role assignments and permissions
  • Resource reusability scoring (sandbox deployment readiness)
  • APIM integration candidates
  • FinOps cost optimization opportunities
  • Connectivity testing (TCP/HTTP endpoints) - optional

Usage:

# Standard weekly run (fast)
.\Get-AzureInventory-Enhanced.ps1 -SkipConnectivityTests

# Full run with connectivity tests (slower)
.\Get-AzureInventory-Enhanced.ps1

# Skip cost estimation
.\Get-AzureInventory-Enhanced.ps1 -SkipConnectivityTests -SkipCostEstimation

Output Files:

  • azure-inventory-{SUB}-{TIMESTAMP}.json (4-5 MB)
  • azure-connectivity-{SUB}-{TIMESTAMP}.md
  • azure-rbac-analysis-{SUB}-{TIMESTAMP}.md
  • azure-reusability-report-{SUB}-{TIMESTAMP}.md

2. Get-ProductionInventory.ps1 ?? PRODUCTION

Purpose: Wrapper for production (EsPAICoESub) subscription inventory
When to use: Quarterly or before major production changes
Hardcoded: Subscription ID 802d84ab-3189-4221-8453-fcc30c8dc8ea

Usage:

.\Get-ProductionInventory.ps1 -SkipConnectivityTests

?? Current Subscription Status (March 3, 2026)

EsDAICoESub (Government Dev/Stage)

  • Resources: 1,250 across 42 resource groups
  • Account: marco.presta@hrsdc-rhdcc.gc.ca
  • Subscription ID: d2d4e571-e0f2-4f6c-901a-f88f7669bcba
  • Marco Resources:* 31 (marco-sandbox-openai, marco-eva-*, marcoeva.azurecr.io)
  • Sandbox Resources: 69 (EsDAICoE-Sandbox RG)
  • Last Inventory: March 3, 2026 @ 08:56 AM
  • Location: .eva-cache/azure-inventory-EsDAICoESub-*.json

Key Services:

  • 51 Cognitive Services (OpenAI, AI Services, Document Intelligence)
  • 42 App Services
  • 17 Container Registries
  • 17 Virtual Networks
  • 12 Cosmos DB accounts
  • 9 Container Apps
  • 3 API Management instances

EsPAICoESub (Government Production)

  • Resources: 203 across 11 resource groups
  • Account: marco.presta@hrsdc-rhdcc.gc.ca
  • Subscription ID: 802d84ab-3189-4221-8453-fcc30c8dc8ea
  • Last Inventory: March 3, 2026 @ 08:58 AM
  • Location: .eva-cache/other-subscriptions/EsPAICoESub/

Key Services:

  • 5 Cognitive Services
  • 4 App Services
  • 4 Key Vaults
  • 3 Container Registries
  • 3 Virtual Networks
  • 2 Container Apps
  • 1 Cosmos DB

MarcoSub (Personal)

  • Resources: 31 in EVA-Sandbox-dev resource group
  • Account: marcopresta@yahoo.com
  • Subscription ID: c59ee575-eb2a-4b51-a865-4b618f9add0a
  • Last Inventory: March 3, 2026 @ 10:43 AM
  • Location: .eva-cache/other-subscriptions/MarcoSub/
  • Status: ?? Infrastructure deployed, Container Apps failed (no images)

Key Services:

  • 5 Cognitive Services (OpenAI, Foundry, Document Intelligence, AI Services)
  • 4 Container Apps (msub-eva-data-model, brain-api, faces, roles-api) - FAILED
  • 3 Web Apps (backend, enrichment, func)
  • 1 Cosmos DB (msub-sandbox-cosmos)
  • 1 Container Registry (msubsandacr202603031449.azurecr.io)
  • 1 API Management (msub-sandbox-apim)
  • 1 Key Vault (msubsandkv202603031449)
  • 1 Azure Search, 2 Storage Accounts, Log Analytics, Event Hub, Data Factory

Issue: Container Apps show "Failed" status due to missing container images in ACR.

?? Maintenance (March 3, 2026 Cleanup)

Total Cleanup Completed:

  • 412 files removed (204 stale cache + 190 archive + 12 obsolete scripts + 6 duplicate files)
  • ~500 MB disk space recovered
  • All inventory data refreshed to March 3, 2026

Kept (Core 4 Scripts):

  1. Get-AzureInventory-Enhanced.ps1 (35 KB) - Weekly full subscription
  2. Get-ProductionInventory.ps1 (4 KB) - Quarterly production refresh

Deleted (Obsolete):

  • Get-AzureInventory.ps1 (v2.0.0 - replaced by Enhanced)
  • Get-FreshAzureInventory.ps1 (unused wrapper)
  • Extract-SandboxResources.ps1 (replaced)
  • sandbox.ps1, Compare-SandboxInventory.ps1 (nice-to-have wrappers)
  • 7 old test/diagnostic scripts (Test-, Generate-, DIAGNOSE-*)

?? Key Learnings (March 3, 2026)

Azure Inventory Best Practices

  1. Always use -SkipConnectivityTests for speed (0.8 min vs 5-10 min)
  2. Run full inventory weekly, not daily (expensive API calls)
  3. Keep only fresh timestamped files (avoid confusion with stale data)
  4. Organize by subscription (use other-subscriptions/ folder pattern)
  5. Clean up regularly (old inventories accumulate fast)

Script Execution Patterns

# FAST: Skip connectivity tests (recommended)
.\Get-AzureInventory-Enhanced.ps1 -SkipConnectivityTests

# FASTER: Also skip cost estimation
.\Get-AzureInventory-Enhanced.ps1 -SkipConnectivityTests -SkipCostEstimation

# FULL: Complete analysis (5-10 minutes)
.\Get-AzureInventory-Enhanced.ps1

Data Model Integration

Query infrastructure from data model before running commands:

$base = "https://marco-eva-data-model.livelyflower-7990bc7b.canadacentral.azurecontainerapps.io"

# Get all infrastructure resources
Invoke-RestMethod "$base/model/infrastructure/" | Select-Object id, type, service, status

# Get marco* resources
Invoke-RestMethod "$base/model/infrastructure/" | Where-Object { $_.azure_resource_name -like 'marco*' }

?? Analysis Reports Explained

1. Connectivity Report (azure-connectivity-*.md)

  • TCP/HTTP endpoint testing (if not skipped)
  • Network troubleshooting information
  • Firewall and NSG analysis

2. RBAC Analysis (azure-rbac-analysis-*.md)

  • Role assignments by principal
  • Permission mapping
  • Over-privileged accounts detection

3. Reusability Report (azure-reusability-report-*.md)

  • Resources scored 0-100 for sandbox deployment
  • Score ?50: Ready to reuse
  • Score <50: Needs modification or is stateful
  • Categories: Compute, Storage, AI/ML, Networking

?? FinOps Insights

Cost Optimization Opportunities by Subscription:

Subscription Resources Reusable (?50) APIM Candidates FinOps Opportunities
EsDAICoESub 1,250 20 150 397
EsPAICoESub 203 20 14 54
MarcoSub 31 20 12 4

Total: 1,484 resources, 60 highly-reusable, 176 APIM-ready, 455 cost optimization opportunities

?? Troubleshooting

Issue: "Script not found"

Solution: Scripts are in 98-system-analysis/inventory/, not system-analysis/inventory/

cd C:\eva-foundry\98-system-analysis\inventory

Issue: Container Apps show "Failed" status

Root Cause: No container images pushed to ACR
Solution:

  1. Build Docker images for apps
  2. Push to ACR: {ACR_NAME}.azurecr.io/eva/{app-name}:latest
  3. Update Container App revisions

Issue: Inventory taking too long

Solution: Always use -SkipConnectivityTests (reduces from 10 min to <1 min)

Issue: Stale data confusion

Solution: Run cleanup script to remove old timestamped files:

# Remove files older than today
$today = Get-Date -Format "yyyyMMdd"
Get-ChildItem .\.eva-cache -Recurse -File | 
    Where-Object { $_.Name -notlike "*$today*" } | 
    Remove-Item -Force

?? References

?? Next Steps

  1. Weekly Task: Run Get-AzureInventory-Enhanced.ps1 -SkipConnectivityTests on EsDAICoESub
  2. Quarterly Task: Run Get-ProductionInventory.ps1 on EsPAICoESub
  3. Build Container Images: Fix MarcoSub Container Apps by pushing images to ACR
  4. Cost Optimization: Review FinOps opportunities (455 total across subscriptions)
  5. Cleanup: Archive old inventory files monthly

Version: 1.0.0
Created: March 3, 2026
Last Inventory Run: March 3, 2026 @ 10:43 AM
Total Resources Tracked: 1,484 across 3 subscriptions

About

Azure subscription inventory reference - cost analysis and infrastructure documentation for EsDAICoESub, EsPAICoESub, and MarcoSub

Topics

infrastructure azure inventory finops cost-analysis eva-foundry

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages