[CoE Starter Kit - Feature]: DLP Editor V2 to support policies with single environment scope

[annsarP]

Is your feature request related to a problem? Please describe.

Hi! While using DLP Editor V2 I found out that this app is not supporting DLP with single environment scope (policies created by environment admins).

We can't create a copy (which of course make sense since tenant-level admins can create tenant-level dlp policies):

or see which environment (1) is assigned to this policy:

Describe the solution you'd like

Would it be possible to:

• add information which environment is assigned to policy in details screen,
• create copy of environment-level policy on environment or tenant-level?

Describe alternatives you've considered

No response

Additional context?

No response

AB#929

[Jenefer-Monroe]

Can you please try in the DLP Impact Analysis [Preview] app? It is the replacement of the former.

[annsarP]

Hi! I tested DLP Impact Analysis [Preview] app, and I faced following issues:

• When I select single environment DLP Policy I can go trough steps by clicking "Next" button but there's no "Scope" on the list of the steps (I can reach it using "Next" button, so it's available, but just not listed): same for the list of environments:

• When we go to "Review" step app shows 0 environments selected, even though as you can see on the previous screen, 1 environment has been added to the policy:

• If I try to copy environment I got notification that it has been created, while it wasn't. If it's not possible for PP Admin to create copy of this kind of environment it would be good to either disable Copy button for single environment DLP policies or to show error message:

I know the app is in the Preview stage but I thought it would be helpful to share this feedback. 😊

[Jenefer-Monroe]

Thank you for the update! Sending over to the area owner.

[manuelap-msft]

That's unfortunately a limitation of the Power Platform for Admin connector, it only works for tenant level policies not environment level policies.

PP Admins are also not able to create environment level policies in the Admin Center, that's an action only available to Environment Admins. The workaround is to create a tenant level policy that's only assigned to one environment.

[Jenefer-Monroe]

closing out as no further action for starter kit team

[annsarP]

That's unfortunately a limitation of the Power Platform for Admin connector, it only works for tenant level policies not environment level policies.

PP Admins are also not able to create environment level policies in the Admin Center, that's an action only available to Environment Admins. The workaround is to create a tenant level policy that's only assigned to one environment.

I see. So would there be possibility to add requested blockers or infos (errors) in app while trying to manage this kind of environments? I think currently it might be confusing for admins if they receive information that copy was created while it wasn't :/

[manuelap-msft]

Yes, we can look into adding an info banner / warning. Putting on our feature backlog.