Accessibility Settings
Language Translation
Governor Mike Braun
  Close Menu

All Power Platform environments are associated with a Microsoft Entra Security Group. This security group is typically an agency specific group with agency specific personal identified as the owners.

Prior to the creation of a new Power Platform environment, a request needs to me made to establish the Entra security group. The naming convention of the group needs to start with the state agency identifier followed by some meaningful text to identify its purpose.

Once the Entra security group has been created, an Environment can be created. The following information is needed during environment setup:

  • Name:
  • Get new features early: Yes/No –
  • Type: Sandbox or Production. Sandbox environments are reserved for Development and Testing environments. Production is for released production purposes.
  • Purpose: A brief textual description of the environment’s business justification.
  • Add a Dataverse data store?: Yes/No – if the environment requires a Dataverse backing store. If in doubt, answer Yes.
  • Enable Dynamics 365 apps?: Yes/No – Select yes if this environment is being created to house a Dynamics 365 solution.
  • Deploy sample apps and data?: Yes/No – Enter yes if you would like Dataverse to be populated with sample data.

SharePoint storage is shared across the tenant. Currently, there is no concern on space, even with the thousands of sites we have.  There is no extra charge to agencies for using SharePoint at this time.  The one restriction is that SharePoint cannot be used for cold storage.

Can share with internal and external users. All external users become guest in our Azure/Entra if they are not already.  We use B2B Collaboration which means guest authenticate through their org or providers credentials and we get a token passed to their account in Azure. Guest sign ins are logged.

In order to maintain good business continuity, all flows should be running in the context of a security principal. This ensures that the flow will continue to run should the primary owner leave the state or move to a different agency. In addition, it is recommended that there be at least 2 co-owners identified and assigned to each flow. This type of flow requires the Power Automate Process license type.

  • You should create your own publisher rather than use the default.
  • The primary data point the CoE wants to know is what agency is associated with the custom publisher. In other words, who owns the solution?
  • The secondary data point is who is authoring/developing the associated Power Platform solution and components.
  • Microsoft’s limits on publisher prefixes are:
    • The prefix must be 2 to 8 characters long, can only consist of alpha-numeric, must start with a letter, and cannot start with 'mscrm'.
  • Due to the due to the limitations imposed by Microsoft on custom publishers, we recommend the pattern of “iotlcnc”