Tag: managed environment

Exam AB-410: Intelligent Applications Builder Associate

Time for another exam post (I’ll actually be doing 2 posts around new exams this week), this time around building ‘AI Applications’. This is another one of the new ‘AB series’ of exams, which are replacing the older ‘PL series’ of exams. This exam specifically replaces the PL-200 exam, though there’s no mention of the ‘Functional Consultant’ title any longer.

This time, it’s around building intelligent applications. What struck me in the first instance is that it DOESN’T cover using AI to build applications – there’s nothing in it (well, for me at least) that looked at using Copilot or any other AI capabilities within Power Platform to build out components (whether applications or automations). The exam information does mention using AI, but the exam questions (at least the ones I got) didn’t cover it at all. This does feel a bit strange, given how Microsoft keep going on about using AI for building, but given that Copilot for building canvas apps has been deprecated (as an example), I guess that this is following the same trend.

The official description of the proposed exam candidate is:

As a candidate for this Microsoft Certification, you’re a professional who builds AI-powered solutions in Microsoft Power Platform by using Microsoft Copilot, natural language prompts, and low-code tools. You create apps, data models, and flows that connect to agents, AI models and prompts, and visualizations to enrich these experiences.

In this role, your responsibilities include:

  • Developing Dataverse data models, model-driven apps, and canvas apps.
  • Integrating agents and Copilot features into canvas apps, model-driven apps, and Power Pages sites.
  • Creating cloud flows and business logic.

You collaborate with:

  • Environment and security administrators for policies, roles, identity, and authentication.
  • Governance teams on responsible AI principles, application lifecycle management (ALM), solutions, pipelines, and monitoring.
  • Agent developers, solution architects, and other app builders for business solution building.
  • Business stakeholders to gather requirements, iterate business solutions, and promote user adoption.

The overall information for the exam can be found at Microsoft Certified: Intelligent Applications Builder Associate, and there is an official Learning Path available for it.

There is a LOT of different stuff in this exam, but I like it – it shows the breadth of knowledge (& experience) that’s needed in order to build out what’s needed for applications. Canvas apps were somewhat lightweight (at least for me), but I’m absolutely LOVING the focus & usage on Business Process Flows and Business Rules. Yes they’ve been around for a loooong time, and there’s nothing cool, sexy or new about them, but they’re absolutely essential to the ways of working with data & records!

As I’ve posted before around my exam experiences, it’s not permitted to share any of the exam questions. This is in the rules/acceptance for taking the exam. I’ve therefore put an overview of the sorts of questions that came up during my exam. (Note: exams are composed from question banks, so there could be many things that weren’t included in my exam, but could be included for someone else!). It’s also in beta at the moment, which means that things can obviously change for when it comes out of beta.

I’ve tried to group things as best together as I feel (in my recollection), to make it easier to revise:

  • Environments
    • Environment types
    • When to use different types of environments
  • Dataverse
    • Table relationships
    • Record deletion rules, including how they can affect child records
    • Executing logic on record forms – client side vs server side, what is used for each
    • Executing synchronous behaviour – what this is, what can be used for it
    • Different options for validation logic, how they work, and when to use
    • Adding icons for tables
    • Creating/configuring forms
    • Creating/configuring views
    • Custom pages – what they are, when they should be used
    • Column options – what they are, how/when to use. Covering items such as rollups, formula, autonumbering, etc
  • Business rules
    • What they are, and when to use
    • Different types of actions
    • Business required vs Business recommended
    • Scope options – what each one means, and how they actually work/affect data
  • Approvals
    • What they are
    • How to configure, including different types of approvals
  • Business process flows
    • When to use
    • What the different components are (eg steps, stages etc)
    • How to configure
    • Triggering Power Automate flows
    • Usage of them on existing records vs new records
  • Power Automate
    • Trigger types – differences between them, when to use
    • Handing connections
    • Handling time-outs/retries
    • Handling/configuring Run After behaviour
    • Concurrency – what is it, when to use, how to configure
    • Connecting to AI Builder
    • Conditions – what they are, how/when to use
    • Branching logic – what this is, how/when to use
  • Canvas Apps
    • Triggering record submission and saving
    • Triggering Power Automate flows
    • Configuring properties for buttons (different formula types)
    • PCF controls – what they are, what they’re used for, creating them, reusability
    • Power FX commands – selecting right syntax to be used for code examples, managing retries, managing errors
    • Variable types – what they’re used for, differences between them
    • Collections – what they’re used for, how to use them
    • Optimising data loading – how to do this, what to consider, what to use
  • Integrations
    • Connecting to Microsoft components (inside and outside of Power Platform)
    • Connecting to custom API’s
    • Connecting to external API’s
  • Security
    • Security roles
    • Security teams & access teams
    • Entra ID security groups
    • Giving access to applications
    • Checking user access rights
    • Dataverse record ownership – different types of record ownership, differences between them, how to set up/configure
    • Restricting access to tables, views & forms
    • Hierarchy security – different options available, differences between them and when to use them
  • Auditing
    • Global level
    • Table level
    • Row level
    • Retention settings
    • Change tracking – enabling it, when it should be used
  • Application Lifecycle Management (ALM)
    • What solutions are used for
    • Unmanaged vs managed solutions
    • Exporting & importing solutions between environments
    • Adding components to solutions (new vs existing components, and how to do this)
  • AI
    • Using AI to summarise records – how to set up, configure and use it
    • Using AI Builder – capabilities, how to set it up & use it, how to call it from different component types, how to use outputs
    • How to update AI Builder prompts

I hope that this is helpful for anyone who’s thinking of taking it – good luck, and please do drop a comment below to let me know how you found it!

I’d also be interested in your thoughts/opinions around the direction that Microsoft has taken for this!

The CoE toolkit is dead, Long Live Managed Environments!

Possibly a slightly drastic headline, but let me explain the background to this. I’ve been working with the Power Platform CoE toolkit for over 6 years, with using it to educate and help customers with their Power Platform governance journey. Though it’s never been an ‘official’ Microsoft product (ie it’s not supported at all), the Power CAT team created it and have given it much love over the years (the GitHub repository for this is testimony to the efforts of the team).

My general approach to Power Platform governance has been to use both Managed Environments and the CoE toolkit – Managed Environments being the platform base, and the CoE toolkit being the way that customers can then built on the top of things, to meet their own needs.

For the European Power Platform Conference (EPPC) 2025, I had submitted a session with the above title, as based on what I was seeing I was figuring that the CoE toolkit would be announced as being end of life at some point. Microsoft had been (& continues to be) doubling down on Managed Environment capabilities – possibly due to the licensing needed for them (so more revenue – yes I’m being cynical here!), and kept on announcing new features for it.

In the meanwhile, no real new functionality seemed to be coming out for the CoE toolkit in a while. Bugs were being addressed, but for the most part that seemed to be it.

We’ve all seen this pattern happen before, so I thought it would be a good idea to talk about Managed Environment capabilities, and how organisations could look to pivot from current use of the CoE toolkit to them.

Now leaving aside that the session I did was actually entitled ‘The CoE (toolkit) is done for – Long live Managed Environments’ (EPPC did not like the usage of the word ‘dead’ in the title, lol), I had prepped the session without issues, and was ready to deliver it. Imagine my surprise a few weeks before the event, when some people in Microsoft reached out to me to say that I was possibly overexagerating the situation a bit, and that it wasn’t dead, it was just on hold (pending new platform capabilities being developed for it to use).

I had my own thoughts about this, having seen similar patterns before, but kept my thoughts quiet. In my mind, the CoE toolkit is great, but Microsoft seemed to be focusing on all things Copilot and AI, which the CoE toolkit wasn’t at all.

Well, the news is now public. There’s now an announcment on the official Microsoft Power Platform Center of Excellence (CoE) Starter Kit learn page:

Microsoft then goes on to say:

The Power Platform Center of Excellence (CoE) Starter Kit has historically helped organizations establish governance, visibility, and best practices for Power Platform adoption.

Today, you can find these core capabilities directly in the Microsoft Power Platform admin center through in-product experiences such as Inventory, Usage, Monitor, and Actions. These experiences provide real-time visibility into resources, usage, operational health, and governance insights in a centralized, enterprise-scale experience.

As Microsoft continues to invest in delivering these capabilities natively in product, the CoE Starter Kit is no longer receiving ongoing feature investments or updates.

As said above, this isn’t really coming as a surprise to me – I feel I had seen the writing on the wall for a while. Don’t get me wrong – Managed Environment are great, and the capabilities being developed by the team responsible for it are getting better and better, but licensing can be a challenge.

After all, when dealing with large organisations, it’s something that they have to pay for, and we all know how resistant they can be to such things. Yes, I know the arguments for licensing premium SKU’s (I deal with customers on this regularly), but it’s another barrier to overcome.

What could be interesting to see over time is the influence & use of AI in this area – rather than (admin) users needing to go in and do things, or view data, to use AI to be able to carry out the tasks for us. Dataverse is already MCP enabled (though some of the actions through the admin connectors aren’t available), but it could be something to consider in the future.

So what are your thoughts on this? Are you and your organisation heavily invested in the CoE toolkit, and will look to continue to use it? Or do you have a different journey planned out? Please drop a comment – I’d love to hear!

Ignite ’24 – Power Platform Governance Announcements

Being at Microsoft Ignite ’24 in Chicago is an amazing experience. Even MORE amazing are the announcements that the Power Platform Governance team has come out with. I’ve been fortunate enough to have been given early access to some of the features, and they’re really awesome. Below, I’ve summarised what I believe to be the top picks to look at

Power Platform Admin Centre.

We’ve all been used to the PPAC experience that’s been around for a number of years. It’s been useful, but limited in various functions. Well, there’s not just been a facelift, but an entirely NEW PPAC experience for us. Here are some screenshots:

There’s a massive amount of stuff to look through (& play with) – my overall impressions are that this will definitely help move forward with security, governance & everything that’s needed. More importantly, especially with the focus & mentions of Copilot & Copilot Studio, there’s a section reserved for that, which is going to be critical for IT admins:

The new PPAC experience is also taking over the role that was previously played by the Power Platform CoE Starter Toolkit. Functionality is (slowly) being shifted into the main PPAC experience. One of these that’s already a great start is the Inventory capability:

Behind the scenes, this is data being captured at the tenant level, which is being stored in Dataverse (no, we don’t YET have access to the data natively, though I’m told it’s on the roadmap to be able to query). The performance of this works extremely well, though there are still a few little bugs that are being worked out 🙂

But more importantly, this also covers Copilot Studio components – to date there has not really been anything around to report on this properly…but now there is!

Managed Environments

We all know the conversation around Managed Environments, and sometimes needing to persuade organisations that premium licensing will actually give ROI to them. Well, with the new features that have been announced this week, this just got a WHOLE lot easier! Let’s take a look at some of these items

Environment Rules

Initially when Managed Environments launched, there were just a few rules that could be applied. We were told that more were coming….and indeed they are! Still more to come that the team is working on, but the number of rules has increased massively:

Some of my favorites here are the ability to manage Copilot – it’s going to be SO important as to how these are handled (especially with all of the emphasis on it coming out of Ignite). Being able to set/enforce authentication options, sharing options & various other settings is going to be KEY to proper Copilot governance.

It also now gives options for backup retention policies. I’ve written previously about how to ‘hack’ longer backups for environments (Environment types, capabilities & backups) – we’re now able to set longer backups for pure Power Platform environments within needing to enable Dynamics 365 applications within them (though of course you may still want to do this if you can see yourself using Dynamics 365 in the environment in the future – it’s still not possible to upgrade the environment type at a later point).

However there’s also something else new around environments. Previously if just looking at an environment from the main list of environments within PPAC, it wasn’t easy to see if it belonged to a Managed Environment group or not. Now it is – more so, you’re not able to tweak any settings on the general environment page that are being managed at the Environment Group level!

DLP Capabilities

One of the main challenges to date with DLP has been around the inability to block certain connectors (eg the Microsoft standard connectors). With Managed Environments, the team has now enabled organisations to be able to block ANY connectors that they wish to! If you’re not running Managed Environments, the existing limitations will still apply – you do need to be using Managed Environments for this! This will also be made available through the Power Platform API & Admin SDK tools in the coming weeks.

Preferred Group

Whilst we’ve had environment routing around now for a while (being able to auto-route new makers to a specific environments, which could be within a Managed Environment group), we haven’t had the ability to handle new environments being created & auto populated into an environment group.

Well, this is now changing. We’re now going to have the ability to auto set policies, so that when a new environment is created, it can automatically be added to a Managed Environment group. Obviously with this happening, the rules & policies applied at the group level will automatically be applied to the new environment as well! This will be a decent relief to Power Platform administrators – to date we’ve been able to set up things like DLP policies to auto-apply to new environments, but managing them otherwise needed to be done manually…well, no more!

Security Personas

Until now, security & governance within Power Platform have been a ‘one size fits all’ approach. Different types of people would access PPAC etc, but there wasn’t really a way to differentiate the different personas. This is now changing:

In summary, incredible steps forward, and I know that there’s a LOT more in the works that should be coming in the next weeks & months. I’m really excited about all of this, and using the capabilities to continue enabling & empowering organisations from a security & governance point of view.