cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
New Member

Project Oakdale - governance issues

Hi,

 

2 issues as for today regarding Project Oakdale governance, hoping to get some light and advice

  1. New environments are created  automatically, so Power Platform Admin cannot control them on a daily basis - how can we setup DLP for such Microsoft Teams environments to prevent some connectors from use?
  2. How to deal with 500 environments limit - as users in organization will find P.O. exciting to use they will not be happy, when eventually no new environment can be created

 

3 REPLIES 3
Kudo Kingpin
Kudo Kingpin

Hello  @sgsgt43,

I hope you're well.
Regarding question 1, I agree with you.

One way around this is in the "Scope" use "Add all environments" so whenever an environment gets created the policy will be applied. For us, this option is not what we want though...

We don't want to apply the policy to all environments as we want some environments to not adhere to the policy. Because of this, all our CDS Project Oakdale environments are not adhering to the policy when they get created.

I have a ticket open with Microsoft about this, as there should be a way to avoid this. Currently, we're applying the policy to the CDS Project Oakdale environments manually. We have the COE installed, so whenever a new environment is created a record is created in the COE and we have a Flow to alert us to manually add the CDS Project Oakdale environment into the policy. 

It would be nice in the DLP Policy if we could also set the "Type" of environment to be added to the policy. In this case we'd choose "Teams" environments to be immediately added to the policy.

 

Regarding question 2, I'm not sure, sorry. We'll do some cleanup exercises throughout the years, so remove some of the old environments that were created as tests and never used, much like we do with apps and flows. But is there a technical way to increase this etc, I'm not sure. Sorry.

 

I'll reply back here when I hear from Microsoft about question 1. 

Regular Visitor

@GarryPope , you don't need to have an "apply to all env" DLP policy, but it's definitly a good practice to have a policy that will apply to any "unmanaged env" using the "apply to all env but xxxx". 

This is important not only for Oakdale, but also for any env that gets created by users (trial, developpers, etc)

 

Regarding the 500 limit, you should currently see Okdale envs as "pre-CDS" envs, meaning that it's a transition zone for experimentations and small projects. Important ones should be migrated to CDS for multiple reasons that we can discuss.  If this is a limitation in your organization, you should implement a process to accept oakdale en creation or not, for example by asking the user it's business justification when he creates the new oakdale env. 

The next version of the CoE Starter Kit will include some items to help in this area.

Frequent Visitor

Oakdale seems like a gateway drug to getting a full CDS and license.  

We disabled it until the governance improves.  

Helpful resources

Announcements
New Badges

New Solution Badges!

Check out our new profile badges recognizing authored solutions!

New Power Super Users

Congratulations!

We are excited to announce the Power Apps Super Users!

Power Apps Community Call

Power Apps Community Call: February

Did you miss the call? Check out the Power Apps Community Call here.

Microsoft Ignite

Microsoft Ignite

Join digitally, March 2–4, 2021 to explore new tech that's ready to implement. Experience the keynote in mixed reality through AltspaceVR!

Users online (12,378)