cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
grantreid
Resolver I
Resolver I

Duplicating DLP's

‎01-03-2021 05:24 PM

I wanted to check that  I'm approaching this the right way and haven't missed something.... 

 

We have a default DLP which is applied to the default and newly created environments. However, whenever someone wants a custom connector in their prod environment, a new DLP has to be created to allow it. This requires all 50ish connectors from the default DLP to be added to this new DLP, along with the custom connector. 

I find it frustrating the DLP's are exclusive not inclusive.  Now... every time we make a change to the default DLP, whenever a new Microsoft connector is added or changed, we have to update every other DLP!!!! I find this counter productive.

 

1. Is there a way to copy DLP's?   I'm currently sitting here with split screens, with the new and old side by side manually mirroring the business connectors.   I'm pondering creating a powershell script... 

 

2. Am I correct with the "exclusive" aspect? What's the logic with this?  Shouldn't it be that you have a base level DLP which applies across the board and in Environment X, you can also use connector Y granted by an additional DLP?  This would be a more common scenario than needing to reduce/restrict the default DLP connectors.

Message 1 of 12
1,402 Views
0 Kudos
11 REPLIES 11
RossCampbell
Frequent Visitor

‎05-17-2022 06:07 PM

In the interest of anyone else trying to figure this out i finally got something that works. It creates a new environment and copies a DLP of your choice to that env. The new DLP sets the default connector group to blocked also.

 

Bare in mind i haven't ever worked in Powershell, or with the PowerAppsAdmin module, before. I make no assertions around the following and you should test them yourself before using them.

 

2 files are attached:

  1. 'function Add-ConnectorToDataGroup_v2'.txt' - run this first to create the requisite functions (you may have to run the commented install, import & add commands in 'NewEnvAndDlp_v1.txt' first).
  2. 'NewEnvAndDlp_v1.txt' - run this, it will prompt you for new environment name & description, new DLP name and the name of the DLP you want to copy [hint: this performs a search of type *query* on existing policies, my standard DLP is called 'Restricted(Default) - DLP' so i can simply enter 'default' ] .  Make sure that the return codes you get are of the '200' type (as shown in attached image 'Expected.png'). 

 

 

 

 

 

 

Preview file
44 KB
NewEnvAndDLP.zip
Message 11 of 12
923 Views
0 Kudos
grantreid
Resolver I
Resolver I

‎05-17-2022 07:01 PM

Looks so much better than what I've got.  Kinda happy I didn't share 😄

Message 12 of 12
216 Views

Helpful resources

Announcements
Power Apps News & Annoucements carousel

Power Apps News & Announcements

Keep up to date with current events and community announcements in the Power Apps community.

Community Call Conversations

Introducing the Community Calls Conversations

A great place where you can stay up to date with community calls and interact with the speakers.

Power Apps Community Blog Carousel

Power Apps Community Blog

Check out the latest Community Blog from the community!

View All
Users online (3,856)