Getting DLP Policy Details In Power Platform Environment

Introduction

 
When a power platform for the tenant is configured for the first time, a default environment is created. While developing PowerApps or PowerAutomate (FLOW), it is oftentimes required to get to know the Business Category and Non-Business Category connectors. When an environment is created in the Power platform environment, the environment gets provisioned with a default set of Business category and Non-Business Category connectors. The point to keep in mind is that connectors in the same category can talk to each other, but cannot talk across the category. In other words, connectors in the Business category can talk to other connectors in the Business category only, but not to connectors in the Non-Business category and vice versa. More about the connectors can be found in the references section (community.dynamicscrm.com). For this blog, we will focus on retrieving Business Data Connectors in a CSV. In the summary, there is also a hint to get the Non-Business Data Connectors.
 
Please note that you do not need to be a PowerPlatform Admin or global admin to run this script. if you have read access to a specific environment, you can run this script.
Recently, MSFT has made the PowerShell commands 'public' for powerplatform. Using these commands you can get powerapps in an environment, flows in the environment and connection information for all connectors, and much more. Please refer to the references section in link #2 if you want to learn more.
 
Prerequisites
 
Below are the prerequisites required before we go and run the script.
  1. Installing PowerShell required modules.
  2. Getting the policy name where the connector information needs to be extracted. 

Installing PowerShell Required Modules

 
Before we get the information we need to have the following modules of powershell installed:
  • Microsoft.PowerApps.Administration.Powershell
  • Microsoft.PowerApps.Powershell
Below are the commands. Please note that to run these commands you need to have local admin privileges on your machine.
  1. Install-Module -Name Microsoft.PowerApps.Administration.PowerShell  
  2. Install-Module -Name Microsoft.PowerApps.PowerShell -AllowClobber  

Getting the Environment Policy Name

 
To get a policy name, perform the following steps:
  • Go to https://admin.powerplatform.com and click on 'Data policies'.
  • Select the policy you want to get the details for. This is required to get the name of the policy.
  • Under the policy name, you can see the name of the policy.
 

PowerShell Script

 
Before running the PS Script, please make sure to update the following variables:
  • Update the variable $outputFile in the below script according to your settings. In this case, I have created a folder in C drive called 'Output' (C:\Output\) which means my final output will be saved here.
  • Update the policy name with respect to your environment policy name in the variable $businessCategoryConnectors.
Below is the final script that is tested throughly and working as expected. It basically takes the environment name and credentials during the runtime and generates the output in the output folder defined before the start of the script. 
  1. $currentTime = $(Get-Date).ToString("yyyymmddhhmmss");  
  2. $outputFile="C:\Output\ConnectorsInfo-"+$currentTime+".csv";  
  3. Add-Content -Path $outputFile -Value "Connector ID,Connector Name,Connector Type";  
  4. Add-PowerAppsAccount  
  5. $businessCategoryConnectors = Get-AdminDlpPolicy '(Default) Policy 08:29:45 01-14-2017' | Select –ExpandProperty BusinessDataGroup  
  6. foreach($connector in $businessCategoryConnectors)  
  7. {  
  8.     $connectorID = $connector.id;  
  9.     $connectorName = $connector.name;  
  10.     $connectorType = $connector.type;  
  11.     Add-Content -Path $outputFile -Value "$connectorID,$connectorName,$connectorType";  
  12. }  
Output
 
The output for the script is generated at the directory mentioned in $outputFile variable. In this case, it is generated at C:\Output\ConnectorsInfo-[UniqueID Generated by PS function]. Below is the screen capture for reference.
 
 
Below is how the output CSV looks like. This has Connect ID, Connect Name, and Connector Type for all the connectors in a specified environment. 
 
 

Summary

 
In this blog, we have seen how to retrieve the connector information for policy. Similarly, for getting the non-business category, connectors in the PS script replace the 'BusinessDataGroup' property with 'NonBusinessDataGroup'. This will be your assignment :). 
 
References
  • https://www.c-sharpcorner.com/article/environments-in-powerapps/
  • https://docs.microsoft.com/en-us/power-platform/admin/powerapps-powershell
  • https://community.dynamics.com/crm/b/crminthefield/posts/monitoring-the-power-platform-power-automate--connectors-and-connections