Managed Environments

Managing Power Platform at scale can be challenging, especially as more users and citizen developers join your organization. Without proper governance, things can quickly spiral out of control.

That’s where Power Platform Managed Environments come in! They provide admins with powerful tools to enforce governance, improve security, and gain insights with minimal effort.

Let's explore what they are, why they matter, and how you can enable them.

What are they?

Power Platform Managed Environments are environments that exist in a Managed state. When an environment is Managed, a suite of capabilities becomes available that allows admins to manage Power Platform at scale with more control, less effort, and more insights. Any Power Platform environment can be a Managed environment (except Developer type environments). Each environment has a Managed Environments "card" that you can find in the Power Platform Admin Center that shows whether or not the environment is Managed. A link to modify the Managed Environment settings is also present.

Why use them?

Managed Environments should be part of any good organization's plan for Power Platform governance. As organizations grow, and more and more citizen developers and makers join the organization, governance becomes more and more important. These tools allow Administrators to wrap their arms around Power Platform environments and to manage them more effectively. By making an environment Managed, many features are unlocked including:

• Environment groups - used to group environments so Administrators can manage and apply settings/policies to an entire group of environments at once
• Limit sharing - allows Administrators to set rules around sharing Canvas Apps, Power Automate, or Copilot Studio Agents
• Weekly usage insights
• Data policies - allows Administrators to identify which connectors are classified as Business, Non-Business, or Blocked
• Pipelines in Power Platform - an ALM solution configured right within a Power Platform environment
• Maker welcome content - custom content that can be displayed to makers when they login to an environment
• Solution checker - setting that dictates how solutions with critical issues found with the solution checker should be handled. Administrators have the ability to block the import of solutions that have critical issues
• IP Firewall - allows Administrators to only allow user access from a specified range of IP addresses
• IP cookie binding - prevents session hijacking exploits
• Customer Managed Key (CMK) - for customers who wish to manage their own encryption key associated with their Dataverse environment
• Lockbox - used when Microsoft engineers may need to access customer data, in response to a support request or problem identified by Microsoft, requests are sent to Power Platform Administrators that can be Approved or Rejected
• Default environment routing - allows Administrators to automatically send makers to their own Developer environments upon logging into the maker portal
• Virtual Network support for Power Platform - provides a way to integrate the Power Platform with resources inside an organization's virtual network without exposing them over the public internet

Alright, I'm sold, how do I turn them on?

1. Open the Power Platform Admin Center
2. In the new Admin Center experience, click the Manage button on the left side menu
3. Choose an Environment
4. In the ribbon, an Enable Managed Environments button will become available
5. 
6. The Managed Environment settings window will flyout from the left-hand side
7. Modify any settings you wish and click Enable
8. 

Alternatively, if you don't have an existing environment, you can create a new environment and toggle the Make This a Managed Environment button to enable Managed environment settings.

It's as easy as that! Some next steps would be to consider using Environment Groups to organize and manage your Managed Environments.