GOVERNANCE POWER PLATFORM: ENVIRONMENTS
Environment permissions
Within the Power Platform environment, there are two intrinsic roles that dictate user permissions:
- Environment Admin Role: This role grants comprehensive administrative rights within an environment. Key functions include:
- Adding or removing users or groups from the Environment Admin or Environment Maker roles.
- Setting up a Dataverse database for the environment.
- Overseeing and managing all resources developed within the environment.
- Implementing data loss prevention policies. Further details can be found here: Manage data loss prevention policies.
- Once the database is established, the System Administrator role can be used as an alternative to the Environment Admin role.
- Environment Maker Role: This role enables users to:
- Construct resources within the environment, including apps, connections, custom connectors, gateways, and flows via Power Automate.
- Share the apps they've developed with others in the organization, be it individual users, security groups, or the entire workforce. For a detailed guide, see here: Share an app in Power Apps.
Important Points:
- Simply being assigned to these environment roles doesn't grant users automatic access to the environment's database (if one is present). Database access must be provided separately.
- Assignment to either role can be facilitated by an environment admin. A step-by-step procedure is outlined in the guide on how to configure user security for resources within an environment: Configure user security to resources in an environment.
