[CoE Starter Kit - QUESTION] Filtering apps and flow before auditing by user (excempt users)

[richardrenshaw-LBHF]

Does this question already exist in our backlog?

• [X] I have checked and confirm this is a new question.

What is your question?

We are just starting to roll out or implementation of the CoE and have hit rather a snag!

We are members of a shared tenant and only want to CoE to be applied to our branch of the tenant. Which is configurable in all but the Default environment.

As we cannot prevent development in the default environment - is there a way to filter what the CoE will catalogue and action from the default environment? (without customising the CoE components / writing new flows to do this)

What solution are you experiencing the issue with?

Core

What solution version are you using?

4.11

What app or flow are you having the issue with?

Admin - Sync Template

What method are you using to get inventory and telemetry?

Cloud flows

AB#3594

[manuelap-msft]

Hello,

you can include/exclude environments, including the Default environment from processes. This is done in the Power Platform Admin View (model driven app) > Environments > select an Environment. In the Settings tab you can choose what CoE kit processes apply to this environment, and you can also exclude the environment from inventory here

We've also got an FAQ article on setting up the CoE kit for only a subset of environments (e.g. only the ones you look after) https://learn.microsoft.com/en-us/power-platform/guidance/coe/faq#setting-up-coe-for-a-subset-of-environments

Other than include/exclude, there's no further granular options beyond that (e.g. only include apps from this maker/department).

Does that meet your requirement? If not, could you explain how you would like to govern the Default environment so we can come up with some suggestions for you.

[richardrenshaw-LBHF]

Hi there, thank you for the swift response.

I have currently excluded the default environment from all COE flows / actions. Reason for this is that we share the default environment between 3 distinct business units and I cannot include the other two as I cannot send them comms, administrate their apps and flows etc. Annoying but it is what it is!

That said, I would ideally like to be able to audit the default environment but be able to have more granular control over what is audited and acted on, based on the makers email address. E.G IF email address ends with '@scenario1.com' then include in CoE, else ignore.

A previous person had modified countless flows to achieve this - but I am hoping for a more elegant solution.

[Jenefer-Monroe]

How are the flows in default segregated? Is it by maker? Would Jon Doe's apps always be yours but Phil Jonson's always be someone elses to manage?

[richardrenshaw-LBHF]

Thank you for your continued attention, I apprecate it :)

we are segregated by the domain in a makers email address. The tenant is shared between three authorities:

EG - my authority is @lbhf.gov.uk, then we also have @wcc.gov.uk and @rbkc.gov.uk

So my requirement is to either

• only audit and action flows and apps created by people who have @lbhf.gov.uk
• OR force @lbhf.gov.uk makers to a different default environment (which so far, I have not been able to figure out!)

This only applies to default, as any other environment is easy to exclude / control.

[Jenefer-Monroe]

I dont think we could do something that bespoke but we have heard of the request to expect individual USERS from compliance and inactivity flows. You could then augment the kit with your own flow to detect authorities and exempt or not depending on values. I can add this to the rewrite FC which we hope to tackle in a few months.

[richardrenshaw-LBHF]

Thanks Jenefer.

To clarify, would that user excemption be environment specific, or apply to the whole of the CoE. I'm only interested in restricting things on the default environment for our purposes.

[Jenefer-Monroe]

the common ask that we would be able to implement is for the tenant as a whole.