AvePoint Docs
Graph API
My support tickets
Graph API
My support tickets
English

Home > Power Platform Management > Environments > View Environment Details and Manage Settings

Export to PDF

View Environment Details and Manage Settings

In EnPower, you can view the detailed information of your environments with the report table on the Environments page or on the detail pages of each environment.

On the environment detail page, information and manageable settings are in the following tabs:

- **Basics** – You can view and manage its basic information, such as the URL, type, and region of the environment, as well as the DLP policies applied to it. - **Resources** – You can view the number of flows and apps created in the environment. - **Custom connectors** – You can view the custom connectors and their builders. - **Teams** – For environments using a database with Dataverse, permissions can be managed by teams. You can view and manage the teams with EnPower. - **Users** – For environments using a database with Dataverse, permissions can be managed by teams. You can view and manage the users added to the environment. - **EnPower** **policy** – When an EnPower policy is applied to this environment, you can view whether the environment is compliant with the policy and fix violations or send violation notifications in this tab. For details on EnPower policies, refer to [Policies](#missing-link). - **Governance details** – You can view the detailed governance information of an environment, including the renewal information, contact information, and metadata. > ***Note**: A subscription to Cloud Governance for Power Platform is required for the governance details.

Manage Basic Settings

To manage the basic environment settings on the Environment details page, you can click Edit on the upper-right of the page or click the Edit (Edit) button in each field. Then update relevant information or settings.

The manageable basic environment settings include:

- **Display name** – The display name of the environment. - **Environment admins** – This is manageable for environments without Dataverse. An environment admin can perform all administrative actions in an environment. Add or remove people from the Environment Admin security role. - **Environment makers** – This is manageable for environments without Dataverse. An environment maker can create new resources in an environment. Add or remove people from the Environment Maker security role. - **DLP policies** – You can apply or remove DLP policies for environments. The DLP policy applied in EnPower complies with the scope setting of the policy. When the scope setting is “Add multiple environments”, the policy will be assigned to the selected environment. When the scope setting is “Exclude certain environments”, the selected environment will be excluded from the scope of this policy. - **Security group** – Apart from default environments and developer environments, you can add security groups to environments to restrict environment access to people in a specific security group. If an environment has no security group, the environment can be accessed by everyone.

Manage Environment Teams

You can manage the teams in the business units of environments with EnPower, including creating or deleting teams, managing the security roles of a team, or changing the business unit of a team.

Create or Delete Teams

To create a team in an environment, complete the following steps:

  1. On the Environment > Environment details > Teams page, click Create.

  2. In the Create team panel, complete the required configurations, including:

    • Team name – Enter the name of the team.

    • Description – Enter the description for the team.

    • Business unit – Select the business unit of the team. You will be able to assign the security roles under the selected business unit to this team.

    • Administrator – Add an administrator to the team.

    • Team type – Select the team. You can select from the following team types:

      • Owner – An owner team owns records and has security roles assigned to the team. Team members are added manually to the owner team.

      • Access – An access team doesn’t own records and doesn’t have security roles assigned to the team.

      • Microsoft Entra ID Security Group – Similar to the owner team, a Microsoft Entra ID security group team can own records and can have security roles assigned to the team. Team members are dynamically derived (added and removed) when they access the environment based on their Microsoft Entra ID group membership.

      • Microsoft Entra ID Office Group – Similar to the owner team, a Microsoft Entra ID Office group team can own records and can have security roles assigned to the team. Team members are dynamically derived (added and removed) when they access the environment based on their Microsoft Entra ID group membership. The difference between Microsoft Entra ID Office Group and Microsoft Entra ID Security Group is the group type in Microsoft Entra ID.

  3. Click Create and next, the team will be created, and you can add users to the created team.

  4. Click Add and next, the selected users will be added to the team and then you need to assign the security roles in the specified business unit to the team.

  5. Click Save to save your configurations for the created team.

To delete a team, select the team and click Delete. The process will start to delete the selected team.

*Note: The team will be permanently deleted after deletion, and the default team in each business unit cannot be deleted.

Manage Security Roles

To manage the security roles of a team, complete the following steps:

  1. Select the team to manage security roles for. Click Manage security roles.

    *Note: The security roles of the default team in each business unit cannot be managed.

  2. Select the security roles to assign to the team. The manageable roles are the roles in the business unit of the team.

  3. Click Save to save the changes.

Change Business Unit

To change the business unit of a team, complete the following steps:

  1. Select the team to change the business unit for. Click Change business unit.

    *Note: The business unit of the default team in each business unit cannot be changed.

  2. Select the business unit you want to change to.

  3. Click Save to save the change. The records in the team will be moved to the new business unit.

Manage Team basics and Members

To manage the team basics, complete the following steps:

  1. Select the team to manage the administrator for. Click Edit in the ribbon.

  2. In the Edit team panel, you can update the name, description as well as the administrator of the team.

  3. Click Save to update the team.

To manage team members, complete the following steps:

  1. Select the team to manage the members for. Click Manage team members.

  2. In the Manage team members panel, click Add. Then search for users to add to the team. Click Save to save the added users.

  3. You can also select the users in the member list and click Remove to remove the selected users from the team.

Manage Environment Users

If the environment is using a database with Dataverse, all users will be automatically added to the environment unless the environment is restricting user access by a security group. You can add users to environments to grant users the permission to access the environment. However, the added users are only able to access resources in the environment when specific security roles are assigned to them.

With EnPower, you can add users to environments and manage user settings in Environment > Environment details > Users page.

You can also select a user and click Synchronize to retrieve the latest user information and settings from Microsoft.

Add Users

To add users to an environment, complete the following steps:

  1. On the Environment > Environment details > Users page, click Add.

  2. In the Add user panel, search for the user to add to the environment. You can add one user to the environment at a time. The user should meet the following requirements:

    • Enabled in Microsoft Entra ID

    • Has an active license

    • Member of the environment’s security group

  3. Click Add to add the user.

Manage User Settings

To manage the user settings, complete the following steps:

  1. Click the name of the user to go to the User details page. On the detail page, you can manage the following settings by clicking the Edit (Button: Edit) button:

    • Business unit – Change the business unit of a user

    • Position – Select a new position for the user.

    • Client Access License (CAL) information – Update the Access Mode for the user’s CAL information.

  2. You can also click the name of the roles and teams of the user to manage the security roles of the user and teams that the user is in.

  3. Update the settings in the corresponding management panels and click Save to save the changes.

View and Manage EnPower Policy Compliance

In EnPower, you can create policies that monitor the DLP policy setting, flow action settings, and security group settings of environments. If an EnPower policy is applied to the environment, you can view the policy compliance status, fix the detected violations, and send violation notifications on the Environment details > EnPower policies page. The information displayed includes:

- **EnPower** **policy details** – Including the name of the applied policy, the status of the policy monitor, and the detailed settings in the applied policy. > ***Note**: To display the policy details correctly when you are monitoring flow settings, make sure **Collect Power Automate flow triggers and actions counts** is enabled in data retrieval settings. For the setting details, refer to [Settings](#missing-link). - **Scan job details** – Including the status of the scan job, the start time of the last scan job, and the start time of the next scan time. - **Violation details** – If violations are detected, the out-of-policy users that violate the security group settings or the out-of-policy flows that violate the flow action settings are listed. If there are out-of-policy settings or flows in this environment that violate the applied EnPower policy, click **Send** **email** and specify the users to notify. For the template that can be used for the notification, refer to [Settings](#missing-link). Or click **Fix violations** to update the environment settings and resources to comply with the EnPower policy.

For more information on EnPower policies, see Policies.

Manage Metadata

In the Governance details tab on Environment details page, the metadata of the environment you added in Cloud Governance can be edited by the following steps:

  1. In the Metadata section, click the Edit (image351) button on the upper-right.

  2. In the Edit metadata panel, fill in your updates in each field.

  3. Click Save.

Enable or Disable Managed Environments

To enable Managed Environments for one or multiple environments, complete the following steps:

  1. Select the environments to update the Managed Environments status.

    *Note: When multiple environments are selected, ensure that the environments are in the same tenant.

  2. Click Enable Managed Environments on the ribbon.

  3. Configure the Managed Environments’ settings, including:

    • Limit sharing – Select whether to set limits on the sharing of canvas apps.

    • Usage insights – Configure whether to send the environment’s usage insights and the recipients of the insights.

  4. Click Enable to save the changes.

To disable Managed Environments for environments, complete the following steps:

  1. Select the environments to disable the Managed Environments for.

  2. Click Disable Managed Environments on the ribbon.

  3. In the confirmation window, click Apply to disable.

Manage Policies

You can apply the Data Loss Prevention (DLP) policy you have created in the Power Platform admin center to your environment in EnPower. Apart from that, you can also define policies in EnPower and apply the EnPower policy to environments to monitor its DLP policy, actions in flows, and security group members.

Apply DLP Policy

To apply the DLP policy to environments, complete the following steps:

  1. Select the environments you want to apply the DLP policy to. The selected environments should be in the same tenant.

  2. Click Apply DLP policy on the ribbon.

  3. In the Apply DLP policy panel, select the DLP policy to apply.

    To check whether the DLP policy to apply will impact existing apps and flows in the environment, click Analyze impact. The process will start to analyze the impact. When the process is finished, the impact analysis report will be available to be downloaded in the Process Center.

  4. Click Apply to apply the DLP policy.

Note the following:

- The DLP policy will be applied to the selected environments even when its scope setting is set to "Exclude certain environments". If an environment was originally in the policy’s excluding list, it will be removed from the list once the policy is applied to the environment in EnPower. - Only the impact on canvas apps and cloud flows can be analyzed via the impact analysis.

Manage EnPower Policy

To apply EnPower policy to environments or remove the applied policy, complete the following steps:

  1. Select the environments. The selected environments should be in the same tenant.

  2. Click Manage EnPower policy on the ribbon.

  3. In the Manage EnPower policy panel, select Apply EnPower policy or Remove policy in the Operation field.

    To apply a policy, select one in the EnPower policy field. You can click View details to view the detailed settings of the policy.

  4. Click Apply. The policy is then applied or removed.

For more information on EnPower policies, see Policies.