Microsoft Power Platform · Environment Roles
Environment Admin
Full administration of a single Power Platform environment. Manage members, environment settings, Dataverse provisioning, backups, and capacity allocation.
Scope: Single Power Platform environment
Permissions
- Members - Add or remove environment members and assign security roles
- Settings - Configure environment-level settings (region, type, security)
- Dataverse - Add or remove a Dataverse database to the environment
- Backups - Create on-demand backups and restore points
- Capacity - Allocate capacity to the environment
- Apps & flows - View and manage all apps and flows in the environment
- Connections - Manage connection references and shared connections
Common use cases
- Business unit IT lead managing their team's environment
- Solution architect during a Power Apps project
- Delegated environment ownership in a federated governance model
Best practices
- Use security groups for environment membership
- Document environment purpose, owner, and lifecycle in CoE inventory
- Schedule periodic backups before major changes
- Pair with Environment Maker for citizen developer enablement
Security considerations
- Can grant Environment Admin to others, expanding the privileged set
- Can view all apps and flows in the environment
- On Dataverse-enabled environments, has System Administrator security role