PowerApps 中的环境管理Environments administration in PowerApps

PowerApps 管理中心内,管理已创建的环境及已将已添加到其环境管理员角色的环境。In the PowerApps admin center, manage environments that you've created and those for which you have been added to the Environment Admin role. 从管理中心可执行以下管理操作:From the admin center, you can perform these administrative actions:

  • 创建环境。Create environments.
  • 重命名环境。Rename environments.
  • 授予或撤销用户或组的环境管理员或环境创建者角色。Add or remove a user or group from either the Environment Admin or Environment Maker role.
  • 为环境预配 Common Data Service 数据库。Provision a Common Data Service database for the environment.
  • 设置数据丢失防护策略。Set Data Loss Prevention policies.
  • 设置数据库安全策略(由数据库角色设置为开放或受限)。Set database security policies (as open or restricted by database roles).
  • Azure AD 租户全局管理员角色(包括 Office 365 全局管理员)的成员也可以管理自己已在租户中创建的所有环境,并在整个租户范围内设置策略。Members of the Azure AD tenant Global administrator role (includes Office 365 Global admins) can also manage all environments that have been created in their tenant and set tenant-wide policies.

访问 PowerApps 管理中心Access the PowerApps admin center

若要访问 PowerApps 管理中心,请执行以下操作:To access the PowerApps admin center:

若要在 PowerApps 管理中心管理某个环境,必须拥有以下角色之一:To manage an environment in the PowerApps admin center, you must have one of these roles:

  • 环境的“环境管理员”角色,或The Environment Admin role of the environment, OR

  • Azure AD 或 Office 365 租户的“全局管理员”角色。The Global Administrator role of your Azure AD or Office 365 tenant.

此外,还需要 PowerApps 计划 2 或 Flow 计划 2 才能访问管理中心。You also need either PowerApps Plan 2 or Flow Plan 2 to access the admin center. 有关详细信息,请参阅 PowerApps 定价页For more information, see the PowerApps pricing page.

重要

在 PowerApps 管理中心内所做的任何更改都会影响 Flow 管理中心,反之亦然。Any changes that you make in PowerApps admin center affect the Flow admin center and vice versa.

创建环境Create an environment

首先,单击“+ 新建环境”打开一个对话框并创建环境。First, click + New environment to open a dialog box and create an environment.

然后输入以下信息:Then enter the following info:

属性Property 说明Description
环境名称Environment name 输入环境的名称。Enter the name of your environment.
区域Region 选择用于托管环境的位置。Choose the location to host your environment. 建议使用最靠近用户的位置。We recommend using a location closest to your users. 例如,如果应用用户位于伦敦,请选择“欧洲”作为位置。For example, if your app users are in London, choose a Europe location. 如果应用用户位于纽约,请选择“美国”。有关支持的环境区域列表,请参阅支持的区域If your app users are in New York, choose the U.S. See Supported regions for a list of supported environment regions.
为此环境创建数据库Create a database for this environment 选择此复选框为此环境创建 Common Data Service 数据库。Select this check box to create a Common Data Service database for this environment. 可将数据库配置为向环境中的所有用户开放,或者仅限向数据库角色开放。A database can be configured to either be open to all users in the environment or restricted to database roles. 有关详细信息,请参阅配置数据库安全性For more information, see Configure database security.

最后,选择“创建环境”。Finally, select Create an environment.

新环境随即出现在环境表中。The new environment appears in the environments table.

备注

当你创建环境时,系统会自动将你添加到该环境的“环境管理员”角色。When you create an environment, you are automatically added to the Environment Admin role for that environment.

查看环境View your environments

打开管理中心时,默认会显示“环境”选项卡,其中列出了你是其环境管理员的所有环境(如下所示):When you open the admin center, the Environments tab appears by default and lists all the environments for which you are an Environment Admin (as shown below):

如果你是 Azure AD 或 Office 365 租户的“全局管理员”角色的成员,将显示租户中用户创建的所有环境,因为你已自动成为所有这些环境的环境管理员。If you are a member of the Global Administrator role of your Azure AD or Office 365 tenant, all the environments that have been created by users in your tenant appear, because you're automatically an Environment Admin for all of them.

重命名环境Rename your environment

  1. 打开 PowerApps 管理中心,在列表中找到要重命名的环境,然后单击或点击它。Open the PowerApps admin center, find the environment to be renamed in the list, and click or tap it.

  2. 单击或点击“详细信息”。Click or tap Details.

  3. 在“名称”文本框中输入新名称,然后单击“保存”。in the Name text box, enter the new name, then click Save.

删除环境Delete your environment

  1. PowerApps 管理中心单击或点击要删除的环境。In the PowerApps admin center, click or tap the environment that you want to delete.

  2. 单击或点击“详细信息”。Click or tap Details.

  3. 单击或点击“删除环境”以删除该环境。Click or tap Delete environment to delete your environment.

为环境创建 Common Data Service 数据库Create a Common Data Service database for an environment

如果某个环境没有数据库,环境管理员可在 PowerApps 管理中心执行以下步骤创建一个数据库。If an environment doesn't already have a database, an Environment Admin can create one in the PowerApps admin center by following these steps. 只有拥有 PowerApps 计划 2 许可证的用户才能创建 Common Data Service 数据库。Only users with a PowerApps Plan 2 license can create Common Data Service databases.

  1. 在环境表中选择一个环境。Select an environment in the environments table.

  2. 选择“数据库”选项卡。Select the Database tab.
  3. 选择“创建数据库”。Select Create a database.

    预配该数据库后,将显示以下确认消息:When the database is provisioned, this confirmation message appears:

创建数据库后,请选择安全模型。After you create a database, choose a security model. 有关详细信息,请参阅配置数据库安全性For more information, see Configure database security.

管理环境的安全性Manage security for your environments

环境权限Environment permissions

在环境中,Azure AD 租户中的所有用户都是该环境的用户。In an environment, all the users in the Azure AD tenant are users of that environment. 但是,若要让这些用户扮演更高特权的角色,需要将他们添加到特定的环境角色。However, for them to play a more privileged role, they need to be added to a specific environment role. 环境中内置两个角色,在环境中拥有相应的权限:Environments have two built-in roles that provide access to permissions within an environment:

  • “环境管理员”角色可以执行所有环境管理操作,包括:The Environment Admin role can perform all administrative actions on an environment including the following:

    • 授予或撤销用户或组的环境管理员或环境创建者角色。Add or remove a user or group from either the Environment Admin or Environment Maker role.

    • 为环境预配 Common Data Service 数据库。Provision a Common Data Service database for the environment.

    • 查看和管理在环境中创建的所有资源。View and manage all resources created within an environment.

    • 设置数据丢失防护策略。Set data loss prevention policies. 有关详细信息,请参阅数据丢失防护策略For more information, see Data loss prevention policies.

  • 环境创建者角色可以在环境中创建资源,包括应用、连接、自定义连接器、网关和 Microsoft Flow 流。The Environment Maker role can create resources within an environment including apps, connections, custom connectors, gateways, and flows using Microsoft Flow. 环境创建者还可将他们在环境中构建的应用分发到组织中的其他用户。Environment Makers can also distribute the apps they build in an environment to other users in your organization. 他们可与组织中的单个用户、安全组或所有用户共享应用。They can share the app with individual users, security groups, or all users in the organization. 有关详细信息,请参阅在 PowerApps 中共享应用For more information, see Share an app in PowerApps.

若要将用户或安全组分配到某个环境角色,环境管理员可在 PowerApps 管理中心执行以下步骤:To assign a user or a security group to an environment role, an Environment Admin can take these steps in the PowerApps admin center:

  1. 在环境表中选择该环境。Select the environment in environments table.

  2. 在“安全”选项卡中选择“环境角色”。On the Security tab, select Environment roles.
  3. 选择“环境管理员”或“环境创建者”角色。Select either the Environment Admin or Environment Maker role.

  4. 指定 Azure Active Directory 中一个或多个用户或安全组的名称,或指定要添加整个组织。Specify the names of one or more users or security groups in Azure Active Directory, or specify that you want to add your entire organization.

  5. 选择“保存”更新环境角色分配。Select Save to update the assignments to the environment role.

若要删除某个用户或组的所有权限,请单击或点击该用户或组对应的“x”图标。To remove all permissions for a user or a group, click or tap the x icon for that user or group.

备注

分配到这些环境角色的用户或组并不会自动获得对环境内数据库(若有)的访问权限,必须由数据库所有者单独授予。Users or groups assigned to these environment roles are not automatically given access to the environment’s database (if it exists) and must be given access separately by a Database owner. 有关详细信息,请参阅配置数据库安全性For more information, see Configure database security.

数据库安全性Database security

创建和修改数据库架构以及连接到在环境中预配的某个数据库内存储的数据的能力,由该数据库的用户角色和权限集控制。The ability to create and modify a database schema and to connect to the data stored within a database that is provisioned in your environment is controlled by the database's user roles and permission sets. 可通过“安全”选项卡的“用户角色”和“权限集”部分管理环境数据库的用户角色和权限集。有关详细信息,请参阅配置数据库安全性You can manage the user roles and permission sets for your environment's database from the User roles and Permission sets section of the Security tab. For more information, see Configure database security.

备注

环境管理员无权创建和管理环境数据库的用户角色和权限集。Environment Admins do not have access to create and manage user roles and permission sets for an environment's database. 这种超级权限仅限于“数据库所有者”用户角色的成员。This power is limited to members of the Database owner user role.

数据策略Data policies

组织的数据必须受到保护,防止与不应有权访问这些数据的受众共享。An organization's data must be protected so that it isn't shared with audiences that should not have access to it. 若要保护这些数据,可以创建并实施策略来定义可共享的特定于使用者服务和连接器的业务数据。To protect this data, you can create and enforce policies that define which consumer services and connector-specific business data can be shared with. 用于定义如何共享数据的策略称为数据丢失防护 (DLP) 策略。Policies that define how data can be shared are referred to as data loss prevention (DLP) policies. 可以通过 PowerApps 管理中心的“数据策略”部分管理环境的 DLP 策略。You can manage the DLP policies for your environments from the Data Policies section of the PowerApps admin center. 有关详细信息,请参阅数据丢失防护策略For more information, see Data loss prevention policies.

常见问题Frequently asked questions

可以创建多少个环境?How many environments can I create?

每个用户最多可以创建两个环境。Each user can create up to two environments.

可以预配多少个数据库?How many databases can I provision?

每个用户最多可以预配两个数据库。Each user can provision up to two databases.

是否可以重命名环境?Can I rename an environment?

可以,可在 PowerApps 管理中心找到此功能。Yes, this functionality is available from the PowerApps admin center. 有关详细信息,请参阅环境管理See Environments Administration for more details.

是否可以删除环境?Can I delete an environment?

可以,可在 PowerApps 管理中心找到此功能。Yes, this functionality is available from the PowerApps admin center. 有关详细信息,请参阅环境管理See Environments Administration for more details.

环境管理员是否可以查看和管理环境的所有资源(应用、流、API 等等)?As an Environment Admin, can I view and manage all resources (apps, flows, APIs, etc.) for an environment?

可以,可在 PowerApps 管理中心找到查看环境的应用和流的功能。Yes, the ability to view the apps and flows for an environment is available from the PowerApps admin center. 有关详细信息,请参阅查看应用See View Apps for more details.

哪个许可证包含 Common Data Service?Which license includes Common Data Service?

PowerApps 计划 2。PowerApps Plan 2. 有关包含此许可证的所有计划的详细信息,请参阅 PowerApps 定价页See PowerApps pricing page for details on all the plans that include this license.

是否可以在环境外部使用 Common Data Service?Can the Common Data Service be used outside of an environment?

不。No. Common Data Service 需要一个环境。Common Data Service requires an environment.