In case the world wasn't confusing enough we have new vocabulary and technical terms expanding at an ever increasing pace in the world of the Cloud.
This causes even more noise when you start talking about Software as a Service and empowering the business user with their own "environment" or offering them a shared environment or simply adding to the default environment.
What is an Environment?
"Each [Power Platform] environment is created under an Azure AD tenant, and its resources can only be accessed by users within that tenant. An environment is also bound to a geographic location, like the US. When you create an app in an environment, that app is routed to only data centers in that geographic location. Any items that you create in that environment (including connections, gateways, flows using Microsoft Power Automate, and more) are also bound to their environment’s location." https://docs.microsoft.com/en-us/power-platform/admin/environments-overview
Now come to the table with the perspective of Azure IaaS, Infrastructure as a Service. A technical team that has numerous Azure VMs and an IaaS footprint. How do they add Software as a Service to their world and include connection between their new SaaS environment(s) and their existing IaaS environments?
In the world of IaaS on Azure you have access to the Azure Resource Manager and Administrator portal.
What is the Azure Resource Manager? "Azure Resource Manager is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure subscription. You use management features, like access control, locks, and tags, to secure and organize your resources after deployment." https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-overview
In the world of SaaS the resourcing of azure is managed by the SaaS offering.
In the Power Platform world we access most of the Azure management through the new Administrator Portal on Azure found at https://admin.powerplatform.microsoft.com or through each of the individual component/module administrator centers (https://admin.powerapps.com/environments, https://admin.flow.microsoft.com/environments, etc.)
What is an Azure Forest?
"A forest contains domains, and domains contain other types of objects. This reference architecture creates an AD DS forest in Azure with a one-way outgoing trust relationship with an on-premises domain. The forest in Azure contains a domain that does not exist on-premises. Because of the trust relationship, logons made against on-premises domains can be trusted for access to resources in the separate Azure domain."
SO when working with IaaS and SaaS it is helpful if you get them configured in the same domain.
What is an Azure Domain?
"Azure AD DS integrates with your existing Azure AD tenant, which makes it possible for users to sign in using their existing credentials. You can also use existing groups and user accounts to secure access to resources, which provides a smoother lift-and-shift of on-premises resources to Azure.
Azure AD DS replicates identity information from Azure AD, so works with Azure AD tenants that are cloud-only, or synchronized with an on-premises Active Directory Domain Services (AD DS) environment. The same set of Azure AD DS features exist for both environments.
- If you have an existing on-premises AD DS environment, you can synchronize user account information to provide a consistent identity for users.
- For cloud-only environments, you don't need a traditional on-premises AD DS environment to use the centralized identity services of Azure AD DS."
How about that!
Software as a Service = An application or set of applications that is hosted (such as hosted on Azure) as a software offering. The infrastructure and hosting is mostly managed by the SaaS company.
"Software as a service (SaaS [1]) is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by Microsoft.[2] "
Infrastructure as a Service = A hosted infrastructure (such as a domain in an Azure Data Center) where a company might have many services, virtual machines, and other functions, but most is managed by the purchasing company.
"Infrastructure as a service (IaaS) is an instant computing infrastructure, provisioned and managed over the internet. It’s one of the four types of cloud services, along with software as a service (SaaS), platform as a service (PaaS), and serverless.
IaaS quickly scales up and down with demand, letting you pay only for what you use. It helps you avoid the expense and complexity of buying and managing your own physical servers and other datacenter infrastructure. Each resource is offered as a separate service component, and you only need to rent a particular one for as long as you need it. A cloud computing service provider, such as Azure, manages the infrastructure, while you purchase, install, configure, and manage your own software—operating systems, middleware, and applications." https://azure.microsoft.com/en-us/overview/what-is-iaas/
Org or Organization = An individual instance of a Dynamics 365 for CE database