Each environment is controlled by security to control who can manage and access the environment. The security access is different depending on whether there is a CDS database in the environment or not.
Without a CDS database, access is controlled by users being given any one of the following roles in the environment:
- Environment maker
- Environment admin
These roles are not Microsoft 365 administration roles; they are roles within the CDS environment.
For more details on security in environments, refer to https://docs.microsoft.com/power-platform/admin/environments-overview#environment-permissions.
Users do not need a role to run an app; instead, apps are shared with users.
Once a CDS database has been added to an environment, access is controlled by security roles within CDS. Users must have a security role to be able to access data in the CDS database.
Environments can be linked to an Office 365 security group. Once linked, only users in...