Archive

Posts Tagged ‘Managed Environments’

Power Platform | Managed Environments (preview)

As a Power Platform Admin its imperative to get your environment insights such as how many Apps in are not being used or how many Apps were shared with security groups or what are the implied DLP policies etc. So far there was no inbuilt feature in Power Platform to get the these insights.

If you are familiar with Center of Excellence (CoE) Kit you must be knowing on how to get insights of unused Apps and many other metrics. However Center of Excellence (CoE) Kit needs to be installed separately.

With Managed Environments (preview) feature this gap is being addressed in Power Platform.

Managed Environments

  • Managed Environment is a suite of capabilities that allows admins to manage Power Platform at scale with more control, less effort, and more insights.
  • Admins can enable Managed Environments on any type of environment (i.e., Default/Trial/Sandbox/PROD).

There are four primary elements of Managed Environments:

Enable Managed Environments:

  • Admins can enable Managed Environments using the Power Platform admin center or by using PowerShell.
  • To enable or Edit Managed Environment connect to Admin Center.
  • On the command bar, for an unmanaged environment, select Enable Managed Environments. For a managed environment, select Edit Managed Environments.
  • Configure Managed Environments settings and then select Enable.
  • Copy and restore environment lifecycle operations requires the Managed Environments property to be the same between source and destination.
  • Users with either the global admin, Power Platform service admin or Dynamics 365 admin Azure Active Directory roles are allowed to enable Managed Environments.
  • Users with the Delegated Admin role aren’t allowed to change the Managed Environments property in an environment.
  • Users with the Environment Admin (i.e., System Administrator) security role aren’t allowed to change the Managed Environments property in an environment.

Weekly Digests:

  • Once you opt for Weekly digest (i.e., Checking the ‘Include this environment’ checkbox) in the ‘Enable Managed Environments’ pane, Analytics about your top apps and flows, your most impactful makers, and inactive resources you can safely clean up are distilled and delivered to your mailbox once per week.

Sharing Limits:

Managed Environments allow admins to influence how broadly makers can share canvas apps. There are two sharing controls.

Sharing controlSystem behavior when checked?
Exclude sharing with security groupsMakers cannot share canvas apps with any security group.
Admins get the option to proceed with setting a limit on individuals shared to.
Limit total individuals who can be shared toMakers cannot share canvas apps with more individuals than specified in the text box.
  • Limit total individuals who can be shared to is only enabled if Exclude sharing with security groups is checked.
  • Sharing rules are enforced when makers attempt to share an app. Sharing rules do not change the audience apps in an environment that are already shared with.
  • Once sharing rules are set in the Power Platform admin center it may take up to 1 hour for the latest sharing rules to be propagated in the system and enforced.

Data Policies:

  • A principal capability of Managed Environments is enforcing Data loss prevention (DLP) policies.
  • New environment filters have been introduced to the data policies page in the Power Platform admin center that will help you identify all the data policies that are applied to an environment.
  • The environment filters are exclusively available for managed environments.
  • Open the Edit Managed Environments settings panel for a managed environment. In the Data policies section, select the See active data policies for this environment.
  • The data policies page opens in a new tab and displays only the data policies applied to the managed environment.

License considerations:

  • Managed Environments represents a value-add on top of existing premium Power Platform capabilities.
  • All low code assets (apps/flows) in a managed environment become premium and can be licensed using any of the Power Platform licensing options (per user, per app/flow or pay-as-you-go) or Dynamics 365 licenses that give premium usage rights.
  • Users must have a qualifying license to access the assets.
  • During the public preview the premium license requirement for applications and flows within a managed environment is not enforced.

Please refer the docs for more info.

Note:

🙂