Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities
News and Announcements icon
Power Platform Community / Forums / Microsoft Dataverse / Environment Creation /...
Microsoft Dataverse
Unanswered

Environment Creation / Implications

(1) ShareShare
ReportReport
Posted on by SC-10091710-0 2
Hey everyone.
 
I've been trying to determine if the following is a correct way of thinking or if perhaps I've been drawing the wrong conclusions based off of varying documentation I read. This has all been in an effort to establish a more formalized process in terms of deving/pushing PowerPlatform (primarily automate flows) into prod.
 
So essentially - We have a bunch of established tables/processes living in a prod environment now, we are looking to further enable some folks to continue exploring/developing on PowerPlatform. I know typically the personal dev / sandbox environment is what we want, but I guess the questions I'm having a hard time answering are as follows:
 
1) If a sandbox is dataverse enabled, does it have access to all tables in prod? 
1a) If yes, is there a way to restrict changes to live data?
- Mostly as I imagine our initial steps to further enabling PowerPlatform use in the org will be the folks who interact heavily with D365 and add flows for different things within, but obviously we don't necessarily want testing/dev work to be done on live tables. However, wasn't sure the best approach in terms of replicating the prod env to really help ensure that implementing a new flow into prod wouldn't be overly problematic. Further, I wasn't sure if there were some implications here that I wasn't considering.
 
2) Would it be more appropriate to have sample data piped into the sandbox env in some way?
3) Assuming we at some point expand our usage of Dataverse/PowerPlat, is there an easy way to implement security controls surrounding the tables that might necessitate them? Strictly specific critical tables; I'm somewhat aware of business units/security roles; but was unsure about how these are segmented from a security perspective.
 
Ultimately, goal is to explore what constitutes a best practice given our situation; it's also been a little tricky as previously a lot of the work was done just in prod, but for obvious reasons we're looking toward establishing a more formal pipeline of sorts.
Categories:
Microsoft Dataverse
Dataflows
  • Suggested answer
    Jonathan Manrique Profile Picture
    Jonathan Manrique 2,682 on at
    Environment Creation / Implications
    Hi 
     
    You can define an environment as a workspace associated with a database (dataverse) where a series of components (objects) are customized and developed to build a solution. The key is that this environment only has access to those components and that database. Then, moving them between environments depends on your life cycle that you implement (ALM)

    Answering your questions.

    1. It is enabled if when you create it you decide that it has a database. It does not have access to the production table, you will only have access to the tables of the database of the sandbox environment. You do not have to restrict anything because they will not have access to the production tables.
     
    2. It is ideal to have some data that allows you to test the solution
     
    3. Dataverse security is one of the most powerful points, you have the first security which is licensing, then you have security at the role level that in the end is applied to the tables limiting who can CRUD within a table
     
    I'll give you a simple example. You have a development environment where you have the tables you need to support the functionality you build, then you do the development and customization of the components that are necessary for these functionalities. In a second moment you need the users to test, for which you have a test environment and you must move the components from the development environment to the test environment through ALM, and finally once you test and everything is OK, you have a production environment and there you move the components.
     
    Here is some documentation on the environments
     
     
     
    If I have answered your question, please mark your post as Solved.
    If you like my response, please give it a Thumbs Up.
    You can accept more than one post as a solution
    Follow me on Linkedin, I talk about Power Platform
    www.linkedin.com/in/jonathan-manrique-rios
     
  • Suggested answer
    Shashank Bhide Profile Picture
    Shashank Bhide 758 on at
    Environment Creation / Implications
    1) If a sandbox is Dataverse enabled, does it have access to all tables in prod? 
    Answer : Absolutely not, one Dataverse env is one SQL server, completely isolated from other envs (SQL servers) in the same tenant, all the environments can allow/deny access to the same users of the tenant differently. you can check online how security roles work in Dataverse.
     
    2) Would it be more appropriate to have sample data piped into the sandbox env in some way?
    Answer : If you have sample data then you can use the OOB CSV/Excel import to load sample data, when you create a sandbox you can run a process called , see link below.
     
    3) Assuming we at some point expand our usage of Dataverse/PowerPlat, is there an easy way to implement security controls surrounding the tables that might necessitate them? Strictly specific critical tables; I'm somewhat aware of business units/security roles; but was unsure about how these are segmented from a security perspective.
    Answer : That's a very wide questions and the answer is YES, Dataverse has enterprise grade security, but it's difficult to talk about that on this thread, if you've Dataverse architects/tech leads they should be able to guide, or you can look up for the resources online. but yes, the basic concept is of a security role which is assigned to every user, and that security role dictates what a user can or can't do in the environment.
     

Helpful resources

News and Announcements

Welcome to the Power Platform Communities

Quick Links

Welcome to the Power Platform…

We are thrilled to unveil the newly-launched Power Platform Communities!…

Community Update Sept 16…

Power Platform Community Update…

Welcome to the new Power Platform Community!…

We are excited to announce our new Copilot Cookbook Gallery in the Community…

more Community News

Leaderboard

#1
WarrenBelz Profile Picture

WarrenBelz 140,719

#2
RandyHayes Profile Picture

RandyHayes 76,308

#3
Pstork1 Profile Picture

Pstork1 63,355

Leaderboard

Featured topics

Product updates

Microsoft Power Platform Community release plans