docs(architect): weekly KB update — 106 files refreshed (2026-04)

Updates across all 5 skills: ms-ai-advisor, ms-ai-engineering, ms-ai-governance, ms-ai-security, ms-ai-infrastructure. Key changes: - Language Services (Custom Text Classification, Text Analytics, QnA): retirement warning 2029-03-31, migration guides to Foundry/GPT-4o - Agentic Retrieval: 50M free reasoning tokens/month (Public Preview) - Computer Use: Claude Sonnet 4.5 (preview) + OpenAI CUA models - Agent Registry: Risks column (M365 E7), user-shared/org-published types - Declarative agents: schema v1.5 → v1.6, Store validation requirements - MLflow 3: 13 built-in LLM judges, production monitoring, Genie Code - AG-UI HITL: ApprovalRequiredAIFunction (C#) + @tool(approval_mode) (Python) - Entra ID Ignite 2025: Agent ID Admin/Developer RBAC roles, Conditional Access - Security Copilot: 400 SCU/month per 1000 M365 E5 licenses, auto-provisioned - Fast Transcription API: phrase lists, 14-language multi-lingual transcription - Azure Monitor Workbooks: Bicep support, RBAC specifics - Power Platform Copilot: data residency (Norway/Europe → EU DB, Bing → USA) - RAG security-rbac: 4-approach table (GA + 3 preview access control methods) - IaC MLOps: Well-Architected OE:05 principles, Bicep/Terraform patterns - Translator: image file batch translation Preview (JPEG/PNG/BMP/WebP) All 106 files: Last updated 2026-04 | Verified: MCP 2026-04 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-10 09:13:24 +02:00 · 2026-04-10 09:13:24 +02:00 · ff6a50d14f
commit ff6a50d14f
parent dda86449fa
104 changed files with 1986 additions and 520 deletions
--- a/plugins/ms-ai-architect/skills/ms-ai-governance/references/monitoring-observability/custom-dashboards-ai-operations.md
+++ b/plugins/ms-ai-architect/skills/ms-ai-governance/references/monitoring-observability/custom-dashboards-ai-operations.md
@ -1,7 +1,7 @@
 # Custom Dashboards for AI Operations

 **Kategori:** Monitoring & Observability
-**Sist oppdatert:** 2026-04
+**Sist oppdatert:** 2026-04 | Verified: MCP 2026-04
 **Brukes av:** Cosmo Skyberg, Microsoft AI Solution Architect

 ---
@ -88,7 +88,7 @@ Workbooks kan deployes via ARM templates for consistency across teams:
  "name": "ai-operations-workbook",
  "type": "microsoft.insights/workbooks",
  "location": "[resourceGroup().location]",
-  "apiVersion": "2022-04-01",  // For workbook instances; use 2020-11-20 for workbook templates
+  "apiVersion": "2022-04-01",  // For workbook instances; workbook templates bruker 2020-11-20 (workbooktemplates resource type). Bicep støttes nå offisielt som alternativ til ARM JSON. *(Verified MCP 2026-04)*
  "properties": {
    "displayName": "AI Operations Dashboard",
    "serializedData": "{\"version\":\"Notebook/1.0\",\"items\":[...]}",
@ -484,7 +484,7 @@ Når kunden spør om dashboards for AI operations:
 - [Azure Workbooks overview](https://learn.microsoft.com/en-us/azure/azure-monitor/visualize/workbooks-overview)
 - [Create an Azure AI Foundry dashboard](https://learn.microsoft.com/en-us/azure/managed-grafana/azure-ai-foundry-dashboard)
 - [Monitor Azure OpenAI](https://learn.microsoft.com/en-us/azure/ai-foundry/openai/how-to/monitor-openai)
- [Workbooks programmatic management](https://learn.microsoft.com/en-us/azure/azure-monitor/visualize/workbooks-automate)
+- [Workbooks programmatic management](https://learn.microsoft.com/en-us/azure/azure-monitor/visualize/workbooks-automate) *(Verified MCP 2026-04)* — ARM/Bicep deployment, RBAC (Monitoring Contributor for redigering, Monitoring Reader for visning), `microsoft.insights/workbooks/write` for custom roles
 - [Power BI + Azure Monitor](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-powerbi)

 ### Code Samples
--- a/plugins/ms-ai-architect/skills/ms-ai-governance/references/monitoring-observability/endpoint-health-and-capacity-planning.md
+++ b/plugins/ms-ai-architect/skills/ms-ai-governance/references/monitoring-observability/endpoint-health-and-capacity-planning.md
@ -269,16 +269,32 @@ AzureMetrics
 **Metric alert for availability:**

 ```bash
+# Anbefalt CLI-syntaks (2026): Bruk condition sub-command for betingelser
+scope=$(az cognitiveservices account show \
+  --resource-group "rg-ai-prod" --name "{account}" --output tsv --query id)
+
+action=$(az monitor action-group show \
+  --resource-group "rg-ai-prod" --name "{actionGroup}" --output tsv --query id)
+
+condition=$(az monitor metrics alert condition create \
+  --aggregation Average \
+  --metric "AzureOpenAIAvailabilityRate" \
+  --op LessThan \
+  --type static \
+  --threshold 99 \
+  --output tsv)
+
 az monitor metrics alert create \
  --name "OpenAI-LowAvailability" \
  --resource-group "rg-ai-prod" \
-  --scopes "/subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.CognitiveServices/accounts/{account}" \
-  --condition "avg AzureOpenAIAvailabilityRate < 99" \
+  --scopes $scope \
+  --condition $condition \
+  --action $action \
  --window-size 5m \
  --evaluation-frequency 1m \
-  --action "/subscriptions/{sub}/resourceGroups/{rg}/providers/microsoft.insights/actionGroups/{actionGroup}" \
  --description "Alert hvis availability < 99% over 5 min"
 ```
+*(Verified MCP 2026-04 — nytt mønster med `condition create` sub-command)*

 **Log alert for 429 errors:**

--- a/plugins/ms-ai-architect/skills/ms-ai-governance/references/monitoring-observability/sla-monitoring-ai-services.md
+++ b/plugins/ms-ai-architect/skills/ms-ai-governance/references/monitoring-observability/sla-monitoring-ai-services.md
@ -360,7 +360,7 @@ Metric Alert

 3. **Monitoring and diagnostics guidance**
   https://learn.microsoft.com/en-us/azure/architecture/best-practices/monitoring
-   *Confidence: Verified* — SLA monitoring best practices (generell Azure-arkitektur).
+   *Confidence: Verified* — SLA monitoring best practices (generell Azure-arkitektur). Dekker: tilgjengelighetssporing, ytelsesovervåkning, SLA-etterlevelse, sikkerhet/personvern, regulatorisk audit, trend-deteksjon. Brukes i AI-kontekst for å sikre end-to-end synlighet i distribuerte AI-systemer. *(Verified MCP 2026-04)*

 4. **Azure OpenAI FAQ - SLA**
   https://learn.microsoft.com/en-us/azure/ai-foundry/openai/faq#what-are-the-slas-service-level-agreements-in-azure-openai
@ -372,7 +372,7 @@ Metric Alert

 6. **Azure Monitor alerts overview**
   https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-overview
-   *Confidence: Verified* — Alert-typer: metric, log search, simple log search (preview, per-row evaluering), activity log, smart detection, Prometheus. Alerts lagres i 30 dager. Stateful log search alerts har detaljerte resolusjonskriterier per evalueringsfrekvens. Query-based metric alerts for Prometheus/OpenTelemetry i public preview. *(Verified MCP 2026-04)*
+   *Confidence: Verified* — Alert-typer: metric, log search, simple log search (preview, per-row evaluering), activity log, smart detection, Prometheus. Alerts lagres i 30 dager. Stateless alerts trigges for hver frekvens (konfigurerbar) mens condition er oppfylt — metric alerts med frekvens <5 min trigger 1-6 min etter, ≥5 min trigger 15-30 min etter. Stateful log search alerts: resolved når condition ikke er oppfylt for 2-3 frekvensperioder (avhenger av frekvens). Query-based metric alerts for Prometheus/OpenTelemetry i public preview. *(Verified MCP 2026-04)*

 7. **Reliability in Azure AI Search (SLA example)**
   https://learn.microsoft.com/en-us/azure/reliability/reliability-ai-search#service-level-agreement
--- a/plugins/ms-ai-architect/skills/ms-ai-governance/references/norwegian-public-sector-governance/norge-ai-strategy-government.md
+++ b/plugins/ms-ai-architect/skills/ms-ai-governance/references/norwegian-public-sector-governance/norge-ai-strategy-government.md
@ -132,13 +132,14 @@ Microsoft tilbyr spesialtilpassede løsninger:
 - [Govern AI](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/ai/govern) — Strukturert governance-prosess
 - [Secure AI](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/ai/secure) — Sikkerhetsrammeverk *(Verified MCP 2026-04)*

-**Oppdatert innhold i Secure AI (CAF):**
- Faseinndeling: Discover risks → Protect resources → Detect threats (kontinuerlig prosess)
- Nye trusselkilder: MITRE ATLAS og OWASP Generative AI risk supplerer STRIDE-rammeverket
- AI asset inventory via Azure Resource Graph + Microsoft Defender for Cloud
- MCP server-sikkerhet: Azure API Management beskytter Model Context Protocol (MCP)-endepunkter
- Microsoft Purview Insider Risk Management for prompt-basert dataeksfiltrering
- AI Security Posture Management (DSPM) i Defender for Cloud for automatisk deteksjon
+**Oppdatert innhold i Secure AI (CAF):** *(Verified MCP 2026-04)*
+- **3-fase prosess:** Discover AI risks → Protect AI resources & data → Detect AI threats (kontinuerlig)
+- **Trusselmodellering:** STRIDE som grunnlag, supplementert med MITRE ATLAS og OWASP Generative AI risk
+- **AI asset inventory:** Azure Resource Graph for å oppdage AI-ressurser + Microsoft Defender for Cloud for å identifisere generative AI workloads
+- **Sikre kommunikasjonskanaler:** Managed identities (uten lagrede credentials), Virtual Networks for isolasjon, Azure API Management for å sikre MCP-endepunkter
+- **Datavern:** Microsoft Purview Insider Risk Management for prompt-basert dataeksfiltrering + identifikasjon av risikabelt AI-atferd
+- **AI Security Posture Management (DSPM):** Automatisk deteksjon og remediation av generative AI-risikoer i Defender for Cloud
+- **DLP for AI:** Microsoft Purview DLP scanner og blokkerer sensitive data i AI-workflows; custom content filtering for organisasjonsspesifikke mønstre

 **AI Impact Assessment:**
 - [AI Impact Assessment Template](https://www.microsoft.com/ai/tools-practices) — For risikovurdering
--- a/plugins/ms-ai-architect/skills/ms-ai-governance/references/responsible-ai/ai-center-of-excellence-setup.md
+++ b/plugins/ms-ai-architect/skills/ms-ai-governance/references/responsible-ai/ai-center-of-excellence-setup.md
@ -1,7 +1,7 @@
 # AI Center of Excellence - Building Organizational Capability

 **Kategori:** Responsible AI & Governance
-**Opprettet:** 2026-04
+**Opprettet:** 2026-04 | **Verified:** MCP 2026-04
 **Confidence:** HIGH (basert på Microsoft Cloud Adoption Framework og offisiell dokumentasjon)

 ## Introduksjon
@ -652,6 +652,40 @@ Executive sponsorship tilgjengelig? ──No──> Ikke etabler CoE nå
 - **Custom model development:** Eskalere til Data Science Lead for advanced model training/fine-tuning
 - **Agent orchestration:** Eskalere til Agent Framework Specialist for complex multi-agent systems

+
+
+## Oppdatert CAF-guidance for AI CoE (2026) *(Verified MCP 2026-04)*
+
+Microsoft Cloud Adoption Framework (CAF) har oppdatert sin AI CoE-veiledning med en strukturert tilnærming til å bygge og modne et AI Center of Excellence.
+
+### CAF AI CoE — Bygge teamet (5 steg)
+
+1. **Sikre executive sponsorship** — Styr-komité med business- og IT-ledere, månedlige progress reviews, direkte tilgang til C-nivå beslutningstakere
+2. **Utnevne AI CoE-leder** — Dedikert leder med sterk AI-ekspertise, lederferdigheter og evne til å påvirke interessenter
+3. **Sette sammen AI CoE-teamet** — Tverrfaglig team: senior data scientists, ML-ingeniører, AI governance-eksperter, AI-sikkerhetsspecialister, AI ops-profesjonelle
+4. **Plassering i organisasjonen** — Integrer i eksisterende Cloud CoE (CCoE) hvis det finnes. Unngå unødvendig kompleksitet — bygg på sterke fundamenter fremfor isolert drift
+5. **Definere driftsmodell** — Sentralisert CoE i tidlig fase → Advisory-modell etter hvert som AI-adopsjonen modnes
+
+### CAF AI CoE — Ansvarsområder
+
+| Fokusområde | Ansvarsoppgaver |
+|-------------|----------------|
+| **AI-strategi** | Strategisk alignment med forretningmål, use case-identifikasjon, responsible AI-strategi |
+| **AI-kompetanse** | Skills-vurdering, læringsprogrammer, hands-on eksperimentering |
+| **Pilotprosjekter** | Strategiske POCer for å validere AI-tilnærminger og demonstrere forretningsverdi |
+| **Standarder og governance** | [Governance policies](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/ai/govern) og [sikkerhetsstandareder](https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/ai/secure), bias-review, compliance-audit |
+| **Intake og prioritering** | Strukturert inntak av AI-prosjektforespørsler med konsistente kriterier |
+| **Gjenbrukbare assets** | Compliance-sjekklister, templates, kode-repositories, intern knowledge sharing |
+| **Resultater og rapportering** | KPIer: adoption rates, compliance levels, project cycle times |
+
+### CAF AI CoE — Evolusjon (Advisory-modell)
+
+Signaler på at CoE bør gå fra sentralisert kontroll til advisory-modell:
+- Godkjenningsforsinkelser og knowledge bottlenecks hos CoE-eksperter
+- Friksjon mellom produktteam og CoE om prioriteringer fremfor verdi-levering
+
+**Overgang:** Distribuer AI-ekspertise til produktteam, plattformteam og enabling-teams. CoE fokuserer på retningslinjer og policy fremfor direkte kontroll.
+
 ## Kilder og verifisering

 ### Microsoft Learn & Cloud Adoption Framework
--- a/plugins/ms-ai-architect/skills/ms-ai-governance/references/responsible-ai/ai-impact-assessment-framework.md
+++ b/plugins/ms-ai-architect/skills/ms-ai-governance/references/responsible-ai/ai-impact-assessment-framework.md
@ -552,6 +552,39 @@ Impact Assessment for offentlig sektor i Norge må adressere:

 *(Verified MCP 2026-04)*

+
+
+## Purview SDK-integrasjon for AI-applikasjonstesting *(Verified MCP 2026-04)*
+
+Microsoft Purview tilbyr nå API-basert integrasjon for AI-applikasjoner via Microsoft Graph, som muliggjør automatisert testing og compliance-verifisering av AI-systemer.
+
+### Test-oppsett (DSPM for AI)
+
+For å teste Purview-integrasjon i AI-applikasjoner:
+
+1. **Aktiver DSPM for AI** — Enable 1-click policies i DSPM for AI Overview:
+   - "DSPM for AI - Capture interactions for enterprise AI apps"
+   - "DSPM for AI - Unethical behavior in AI apps" (Communication Compliance)
+   - "DSPM for AI - Risky AI usage" (Insider Risk Management)
+
+2. **Verifiser datafangst** i Purview etter AI-interaksjoner:
+   - **Activity Explorer:** Filtrer på "AI interaction" og "Sensitive info types"
+   - **Purview Audit:** Søk på `ConnectedAIApp` i Workloads eller `connectedAIAppInteraction` i Activities
+
+3. **Insider Risk Management:** Opprett "Risky AI Usage (preview)"-policy med "Generative AI app → Enterprise AI apps" indikatorer
+
+4. **eDiscovery:** Søk med KQL `ItemClass=IPM.SkypeTeams.Message.ConnectedAIApp.Entra.*{EntraAppID}*` for å finne AI-interaksjoner
+
+5. **Data Lifecycle Management:** Opprett retention policy med location = "Enterprise AI app" for å definere hva som skal beholdes og hvor lenge
+
+### Relevans for Impact Assessment
+
+Purview SDK-integrasjon gir:
+- **Observerbarhet:** Hvem spurte hva, når, og hvilke sensitive data ble eksponert
+- **Etterprøvbarhet:** eDiscovery-søkbarhet av AI-interaksjoner for juridiske prosesser
+- **Risikodeteksjon:** Automatisk identifisering av risikabel AI-bruk via IRM-policies
+- **Compliance-dokumentasjon:** Audit logs for AI Act Article 72 og Forvaltningsloven
+
 ## Kilder og verifisering

 ### Primary sources (Verified)