Plan your deployment
Your deployment of the Power Platform with Microsoft Dataverse will go more smoothly with some preliminary planning. Microsoft Power Platform adoption best practices provide guidance to help you create and implement the business and technology strategies necessary for your organization to succeed with Microsoft Power Platform.
Administrative roles
There are several administrator roles available to assign to users when you manage your subscription in the Microsoft Online Services environment. Administrator roles define administrative responsibilities for user management and subscription management, for example, billing administration and password administration.
From a Power Platform standpoint, there are two Microsoft Power Platform–related service admin roles you can assign to provide a high level of admin management:
Dynamics 365 admin
Microsoft Power Platform admin
To help administer environments and settings, you can assign users the Microsoft Power Platform admin role to manage Microsoft Power Platform at the tenant level. These admin roles can be assigned from the Microsoft 365 admin center.
Adding an environment to your subscription
Environments are containers that administrators can use to manage apps, flows, connections, and other assets, along with permissions to allow organization members to use the resources. You can add multiple environments to a tenant.
Each environment is created under a Microsoft Entra ID tenant, and its resources can only be accessed by users within that tenant. An environment is also bound to a geographic location, like the United States. When you create an app in an environment, the app is routed only to datacenters in the environment's geographic location. Any items that you create in that environment (including chatbots, connections, gateways, Power Automate flows, and more) are also bound to their environment's location.
Every environment can have zero or one Microsoft Dataverse database, which provides storage for your apps and chatbots. Whether you can create a database for your environment depends on the license you purchase for Power Apps and your permissions within that environment.
When you create an app in an environment, the app is only permitted to connect to the data sources that are also deployed in that same environment, including connections, gateways, flows, and Dataverse databases. For example, consider a scenario where you've created two environments named Test and Dev, and created a Dataverse database in each of the environments. If you create an app in the Test environment, it will only be permitted to connect to the Test database; it won't be able to connect to the 'Dev' database.
Environments have two built-in roles that provide access to permissions within an environment:
Environment Admin - Can perform all administrative actions on an environment, including the following:
Add or remove a user or group from either the Environment Admin or Environment Maker role.
Provision a Dataverse database for the environment.
View and manage all resources created within the environment.
Set data loss prevention policies.
Environment Maker - Can create resources within an environment including apps, connections, custom connectors, gateways, and Power Automate flows.
Non-Production/Sandbox environments
A sandbox environment is any non-production environment. Since it's isolated from production environments, a sandbox environment is the place to safely develop and test application changes with low risk.
Some of the major advantages sandbox environments offer are:
Evaluate new functions pre-production: Test all functionality in a sandbox environment before applying updates to production.
Access control: Restrict access to the sandbox environment by placing it in Administrative Mode, allowing only users with System Administrator or System Customizer roles to access it.
Copy and Restore: Copy customizations and data from a production environment into a sandbox environment
Train: Use a sandbox environment as a training ground after a full copy from production. Users can experience the full capabilities of their production solution without the risk of affecting production data.
Test new apps: Install and test solutions and apps in a sandbox environment before considering them for production. Train users in the sandbox ahead of the app's deployment to production.
You can learn more about working with sandboxed environments here: Sandbox environment.
Production environments
These environments are intended to be used for an organization's permanent work. It can be created (and owned) by either an administrator or anyone with a Power Apps license, provided there's at least 1-GB of available database capacity. A production environment is also created for each existing Dataverse database when the database upgraded to version 9.0 or later. If your business depends on the data in a particular environment, then that environment should be a production environment.
Switching an environment
It's important to spend time planning and designing your implementation, so you implement the correct environment type. However, you'll always have the opportunity to switch the environment type from production to sandbox or sandbox to production if needed.
For example, if you back up a production environment before installing a solution, and then you notice that solution has issues after the installation (or perhaps you're unable to remove the solution), you can restore your backup. Note, however, you can't restore backups into a production environment, so you have to change your environment to sandbox first. Then you can proceed restoring the backup, and then switch the environment back to production. This limitation on restoring backups to production has been placed to avoid accidental overwrites of your production environment.
Dataverse for Teams
Microsoft Dataverse for Teams delivers a built-in, low-code data platform for Microsoft Teams. It provides relational data storage, rich data types, enterprise-grade governance, and one-select solution deployment. A Dataverse for Teams environment is automatically created for the selected team when you either create an app or bot in Microsoft Teams for the first time or install a Power Apps app from the app catalog for the first time. The Dataverse for Teams environment is used to store, manage, and share team-specific data, apps, and flows.
Each team can have one environment, and all data, apps, bots, and flows created with the Power Apps app inside a team are available from that team's Dataverse for Teams database.
Security in Dataverse for Teams is handled similarly to how security is handled in Teams, with a focus on Owners, Members, and Guests.
You can learn more about Dataverse for Teams environments here: Dataverse for Teams.
Environment details
You can see specific details related to your environments by selecting an individual environment in the Power Platform admin center. See some of the details of your environments by selecting an environment. Select See all to see more environment details.
Select Edit to review and edit environment details.
Environment Strategies
Developing an environment strategy means configuring environments and other layers of data security in a way that supports productive development in your organization, while securing and organizing resources. Having a strategy to manage provisioning, access, and resource control within environments is important to:
Secure data and access.
Understand how to use the default environment correctly.
Manage the correct number of environments to avoid sprawl and conserve capacity.
Facilitate application lifecycle management (ALM).
Organize resources in logical partitions.
Support operations (and helpdesk) with identifying apps that are in production by housing them in dedicated environments.
Ensure data is stored and transmitted in acceptable geographic regions (for performance and compliance reasons).
Ensure isolation of applications being developed.
You can learn more about establishing an environment strategy here: Establishing an environment strategy.