Power Platform Governance
Now that Microsoft Power Platform is growing and more and more customers have users who ask, or are already creating apps, it becomes more and more important to have good governance on the platform.
Fortunately, Microsoft has come up with a lot of great tools to help us with just that.
A Power Platform environment is a container that can be used to distinguish applications that, for example, need different security settings, roles, audiences, etc.
It is also used to distinguish between Development, Test/QA and Production environment.
There are several types of Environments on the Power Platform, including a Default environment that comes with your Microsoft 365 tenant.
The default environment has special characteristics, all licensed user in your Microsoft 365 tenant is automatically assigned to Environment Maker roles, that means they have access to create Power Apps in this environment. The default environment is intended for personal exploration and increased productivity by expanding functionality in Microsoft 365. It is not recommended to run apps in production in the Default environment. Another best practice is to rename Default too a more descriptive name to show it’s real purpose, such as “Personal Productivity.”
The default environment cannot be deleted, and storage space is limited to 32 GB.
Trial environment, intended for quick testing of functionality and is automatically deleted after 30 days. Limited to a user. Can be changed to a Production environment.
Sandbox environment, not intended for production. Typically used for development and testing. A sandbox environment can be reset so that all data is deleted or copied so that production data is updated for testing.
Production environment, as the name says, this is the type of environment you should create for your production applications and data. You can have multiple Production environment in your tenant.
Teams environment, Microsoft has just released Project Oakdale, this is Power Apps for Teams and contains a Common Data Service database for each Team where a Power App is being developed. Your tenant will then get a Microsoft team environment for each of these Teams.
This will make developing Power Apps even more accessible to Citizen Development and only make good governance even more important.
When you create a Power Platform environment, you choose, among other things, which region your environment will be created in. Best practice is to create the one where the user who will run the application exists, possibly close to where data is stored. As of today, the following regions are available.
An environment can also be used to apply different rules for which connectors should be allowed to use. Among other things, it can be used to control which systems Power Apps created in the Default environment should be allowed to connect to. This is configured via so-called Data Loss Prevention (DLP) Prevention policies.
Unmanaged and Managed Solutions
In a larger environment, it is recommended to build solutions on the Power Platform as so-called Solutions. Simply explained, a Solution can contain one or more Power Apps, Power Automate flows, entities to the database, etc. All of this is packaged as a solution and allows you to move everything from one environment to another, or to another Microsoft 365 tenant.
There are two types of Solutions, Managed and Unmanaged, Unmanaged solutions are typically used during development. An Unmanaged solution can be configured, customized, and modified. During development, solutions are exported as Unmanaged and stored in a source code system.
In any type of Power Platform environment other than development, you typically want to use a Managed Solution. A Managed Solution is locked, and you can not directly change it.
Application Lifecycle Management
To support Application Lifecycle Management processes, Microsoft has released Power Platform Build Tools for Azure Devops. It allows us to create pipelines on Devops to automate processes such as copying solutions to source code system, copying solutions between the different Power Platform environments such as from Development to Test and to Production. We can automate and make solutions into Managed Solution in environment other than development, etc.
On the 22 September 2020 Microsoft announced that GitHub actions for Power Platform is now available in preview. so now we have much the same functionality on GitHub
Power Platform Center of Excellence starter kit
Microsoft has released a Center of Excellence starter kit for Power Platform. This is installed as a solution to a Power Platform environment in the Microsoft 365 tenant.
The Power Platform CoE kit provides a tool to get started developing a strategy to deploy, maintain and support power platform, focusing on Power Apps and Power Automate.
The Power Platform CoE kit gives you an overview of your Power Platform environments, you see who and where applications are made, and where automations with Power Automate are made, and by who. You can decide what information needs to be in place for a Power App to comply with your company’s application policies, and what happens to Power Apps that do not follow these policies.
There are modules to support and contribute to an active internal Power Platform community of app makers.
The Power Platform CoE kit is built up by a set of Power Apps, Power Automate flows and Power Bi reports to automate management tasks and report on Power Platform.