ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
platform-dev
TenantAtlas/specs/318-admin-surface-scope-shell-context-audit/artifacts/state-captures/direct--environment-access-scopes.json
ahmido 1c27af4f5f spec: add admin surface scope shell context audit (#373) 
## Summary
- add Spec 318 audit artifacts for admin surface scope and shell context consistency after Specs 314-317
- document browser-backed findings for workspace hubs, environment-scoped pages, filtered workspace hubs, and mismatch cases
- capture recommended follow-up specs for baseline compare, baseline ownership, alerts/audit filter contracts, classifier regression coverage, and sidebar scope declarations

## Testing
- not run; analysis-only spec artifacts with no runtime or test code changes

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #373
2026-05-16 18:32:11 +00:00

372 lines
36 KiB
JSON
Raw Permalink Blame History

{
"slug": "direct--environment-access-scopes",
"origin": "direct_extra",
"expectedClassification": "environment-page",
"screenshotPath": "/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/318-admin-surface-scope-shell-context-audit/artifacts/screenshots/direct--environment-access-scopes.png",
"statePath": "/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/318-admin-surface-scope-shell-context-audit/artifacts/state-captures/direct--environment-access-scopes.json",
"notes": {
"classComponent": "App\\Filament\\Resources\\ManagedEnvironmentResource\\Pages\\ManageEnvironmentAccessScopes"
},
"capturedAt": "2026-05-16T17:17:29.720Z",
"state": {
"activeSidebarLinks": [],
"breadcrumbs": [
"Managed Environments YPTW2 View Manage environment access scope Workspace membership defines the role. Explicit environment scopes only narrow which workspace members can see this environment. Back to environment overview",
"Managed Environments YPTW2 View",
"Managed Environments YPTW2 View",
"Managed Environments",
"Managed Environments",
"YPTW2",
"YPTW2",
"View",
"View"
],
"chips": [
"wp YPTW2 (DEV) EN TenantPilot Global search 7",
"wp YPTW2 (DEV) EN TenantPilot Global search 7",
"wp YPTW2 (DEV) EN",
"YPTW2 (DEV)",
"YPTW2 (DEV)",
"YPTW2 (DEV)",
"YPTW2 (DEV)",
"Settings Manage workspaces Integrations Settings",
"Manage workspaces Integrations Settings",
"Manage workspaces",
"Manage workspaces",
"Manage workspaces",
"Managed Environments YPTW2 View Manage environment access scope Workspace membership defines the role. Explicit environment scopes only narr",
"Managed Environments YPTW2 View Manage environment access scope Workspace membership defines the role. Explicit environment scopes only narr",
"Managed Environments YPTW2 View Manage environment access scope Workspace membership defines the role. Explicit environment scopes only narr",
"Managed Environments YPTW2 View Manage environment access scope Workspace membership defines the role. Explicit environment scopes only narr",
"Managed Environments YPTW2 View Manage environment access scope Workspace membership defines the role. Explicit environment scopes only narr",
"Managed Environments YPTW2 View Manage environment access scope Workspace membership defines the role. Explicit environment scopes only narr",
"Managed Environments YPTW2 View",
"Managed Environments YPTW2 View",
"Managed Environments",
"Managed Environments",
"YPTW2",
"YPTW2",
"Manage environment access scope",
"Workspace membership defines the role. Explicit environment scopes only narrow which workspace members can see this environment.",
"Back to environment overview",
"Back to environment overview",
"Back to environment overview",
"Remove environment Archive",
"Identity Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle",
"Identity Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle",
"Identity Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle",
"Identity Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle",
"Identity Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle",
"Identity Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle",
"Identity Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle",
"Identity Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle",
"Identity Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle",
"Identity Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle",
"Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle summary ",
"Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle summary ",
"Name YPTW2",
"Name YPTW2",
"Name YPTW2",
"YPTW2",
"YPTW2",
"YPTW2",
"YPTW2",
"ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf",
"ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf",
"ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf",
"ManagedEnvironment ID",
"ManagedEnvironment ID",
"ManagedEnvironment ID",
"Workspace posture In workspace",
"Workspace posture In workspace",
"Workspace posture In workspace",
"Workspace posture",
"Workspace posture",
"Workspace posture",
"In workspace",
"In workspace",
"In workspace",
"In workspace",
"In workspace",
"Lifecycle summary This environment is active and available across normal management, environment selection, and operational follow-up flows.",
"Lifecycle summary This environment is active and available across normal management, environment selection, and operational follow-up flows.",
"Lifecycle summary This environment is active and available across normal management, environment selection, and operational follow-up flows.",
"This environment is active and available across normal management, environment selection, and operational follow-up flows.",
"This environment is active and available across normal management, environment selection, and operational follow-up flows.",
"This environment is active and available across normal management, environment selection, and operational follow-up flows.",
"This environment is active and available across normal management, environment selection, and operational follow-up flows.",
"Related context MANAGEDENVIRONMENT EDIT Edit tenant Update tenant identity and lifecycle metadata. Management Edit PROVIDER CONNECTIONS Open",
"Related context MANAGEDENVIRONMENT EDIT Edit tenant Update tenant identity and lifecycle metadata. Management Edit PROVIDER CONNECTIONS Open",
"Related context MANAGEDENVIRONMENT EDIT Edit tenant Update tenant identity and lifecycle metadata. Management Edit PROVIDER CONNECTIONS Open",
"Related context MANAGEDENVIRONMENT EDIT Edit tenant Update tenant identity and lifecycle metadata. Management Edit PROVIDER CONNECTIONS Open",
"MANAGEDENVIRONMENT EDIT Edit tenant Update tenant identity and lifecycle metadata. Management Edit PROVIDER CONNECTIONS Open provider connec",
"MANAGEDENVIRONMENT EDIT Edit tenant Update tenant identity and lifecycle metadata. Management Edit PROVIDER CONNECTIONS Open provider connec",
"MANAGEDENVIRONMENT EDIT Edit tenant Update tenant identity and lifecycle metadata. Management Edit PROVIDER CONNECTIONS Open provider connec"
],
"documentTitle": "Manage environment access scope - TenantPilot",
"headings": [
{
"level": "h1",
"text": "Manage environment access scope"
},
{
"level": "h2",
"text": "Identity"
},
{
"level": "h2",
"text": "Related context"
},
{
"level": "h2",
"text": "Provider"
},
{
"level": "h2",
"text": "RBAC"
},
{
"level": "h2",
"text": "Integration"
},
{
"level": "h2",
"text": "Metadata"
},
{
"level": "h2",
"text": "Required permissions"
},
{
"level": "h2",
"text": "Memberships"
}
],
"mainLinks": [
{
"href": "http://localhost/admin/workspaces/3/environments",
"text": "Managed Environments"
},
{
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf",
"text": "YPTW2"
},
{
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf",
"text": "Back to environment overview"
},
{
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf",
"text": "Edit tenant"
},
{
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf",
"text": "Edit"
},
{
"href": "http://localhost/admin/provider-connections?environment_id=4",
"text": "Open provider connections"
},
{
"href": "http://localhost/admin/provider-connections?environment_id=4",
"text": "Open"
},
{
"href": "http://localhost/admin/onboarding/2",
"text": "View completed onboarding"
},
{
"href": "http://localhost/admin/onboarding/2",
"text": "Open"
},
{
"href": "http://localhost/admin/provider-connections?environment_id=4",
"text": "Open Provider Connections"
}
],
"mainText": "Managed Environments YPTW2 View Manage environment access scope Workspace membership defines the role. Explicit environment scopes only narrow which workspace members can see this environment. Back to environment overview Identity Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle summary This environment is active and available across normal management, environment selection, and operational follow-up flows. Related context MANAGEDENVIRONMENT EDIT Edit tenant Update tenant identity and lifecycle metadata. Management Edit PROVIDER CONNECTIONS Open provider connections Inspect consent, credentials, and health for this tenant. Integrations Open ONBOARDING DRAFT View completed onboarding Return to the linked onboarding workflow for this tenant. Workflow Open Provider Provider connection Needs action: set a default provider connection. Open Provider Connections Current connection: YPTW2 PROVIDER microsoft TARGET SCOPE YPTW2 (b0091e5d-944f-4a34-bcd9-12cbfb7b75cf) LIFECYCLE Enabled CONSENT Granted VERIFICATION Healthy LAST CHECK 2026-05-14 20:42:50 DIAGNOSTICS RBAC Status Not configured — Intune RBAC has not been set up for this tenant. Write operations will be blocked. Integration Grant admin consent URL https://login.microsoftonline.com/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/v2.0/adminconsent?client_id=c9110351-1e46-43fe-865d-8a1ce896cc47&redirect_uri=http%3A%2F%2Flocalhost%2Fadmin%2Fconsent%2Fcallback&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default&state=tenantpilot%7C4 Metadata Required permissions Permissions Permission DeviceManagementConfiguration.ReadWrite.All Type application Features policy-sync, backup, restore, settings-normalization, drift Status Granted Permission DeviceManagementConfiguration.Read.All Type application Features policy-sync, backup, settings-normalization, drift Status Granted Permission DeviceManagementApps.ReadWrite.All Type application Features backup, restore Status Granted Permission DeviceManagementApps.Read.All Type application Features policy-sync, backup Status Granted Permission DeviceManagementServiceConfig.ReadWrite.All Type application Features backup, restore, policy-sync Status Granted Permission DeviceManagementServiceConfig.Read.All Type application Features policy-sync, backup Status Granted Permission Policy.Read.All Type application Features conditional-access, backup, versioning Status Granted Permission Policy.ReadWrite.ConditionalAccess Type application Features conditional-access, restore Status Granted Permission Directory.Read.All Type application Features tenant-health Status Granted Permission DeviceManagementRBAC.Read.All Type application Features scope-tags, backup-metadata, assignments Status Granted Permission DeviceManagementRBAC.ReadWrite.All Type application Features scope-tags, foundations, backup, restore Status Granted Permission Group.Read.All Type application Features assignments, group-mapping, backup-metadata, directory-groups, group-directory-cache, drift Status Granted Permission DeviceManagementScripts.ReadWrite.All Type application Features policy-sync, backup, restore, scripts, remediations Status Granted Permission DeviceManagementScripts.Read.All Type application Features policy-sync, backup, scripts, remediations Status Granted Memberships Add explicit access scope Search User Domain Created at spo_admin@yptw2.onmicrosoft.com yptw2.onmicrosoft.com 1 day ago Remove explicit scope Per page 10 25 50",
"path": "/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/access-scopes",
"queryParams": {},
"shellEnvironment": "YPTW2 (DEV)",
"shellWorkspace": "wp",
"sidebarLinks": [
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin",
"text": "Overview"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/inventory",
"text": "Items"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/policies",
"text": "Policies"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/policy-versions",
"text": "Policy Versions"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/inventory/inventory-coverage",
"text": "Coverage"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/finding-exceptions/queue",
"text": "Finding exceptions"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/operations",
"text": "Operations"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/alerts",
"text": "Alerts"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/audit-log",
"text": "Audit Log"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/environment-reviews",
"text": "Reviews"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/reviews/workspace",
"text": "Customer reviews"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/stored-reports",
"text": "Stored reports"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/review-packs",
"text": "Review Packs"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces",
"text": "Manage workspaces"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/provider-connections",
"text": "Integrations"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/settings/workspace",
"text": "Settings"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/backup-schedules",
"text": "Backup Schedules"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/backup-sets",
"text": "Backup Sets"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/restore-runs",
"text": "Restore Runs"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/entra-groups",
"text": "Groups"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/findings",
"text": "Findings"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/baseline-profiles",
"text": "Baselines"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/baseline-snapshots",
"text": "Baseline Snapshots"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/governance/inbox",
"text": "Governance inbox"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/governance/decisions",
"text": "Decision register"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/baseline-compare-landing",
"text": "Baseline Compare"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/evidence",
"text": "Evidence"
},
{
"ariaCurrent": null,
"className": "fi-sidebar-item-btn",
"href": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/finding-exceptions",
"text": "Risk exceptions"
}
],
"sidebarText": "Overview Inventory Items Policies Policy Versions Coverage Monitoring Finding exceptions Operations Alerts Audit Log Reporting Reviews Customer reviews Stored reports Review Packs Settings Manage workspaces Integrations Settings Backups & Restore Backup Schedules Backup Sets Restore Runs Directory Groups Governance Findings Baselines Baseline Snapshots Governance inbox Decision register Baseline Compare Evidence Risk exceptions",
"statusText": "wp YPTW2 (DEV) EN TenantPilot Global search 7 Overview Inventory Items Policies Policy Versions Coverage Monitoring Finding exceptions Operations Alerts Audit Log Reporting Reviews Customer reviews Stored reports Review Packs Settings Manage workspaces Integrations Settings Backups & Restore Backup Schedules Backup Sets Restore Runs Directory Groups Governance Findings Baselines Baseline Snapshots Governance inbox Decision register Baseline Compare Evidence Risk exceptions Managed Environments YPTW2 View Manage environment access scope Workspace membership defines the role. Explicit environment scopes only narrow which workspace members can see this environment. Back to environment overview Identity Name YPTW2 ManagedEnvironment ID b0091e5d-944f-4a34-bcd9-12cbfb7b75cf Domain Status Active Workspace posture In workspace Lifecycle summary This environment is active and available across normal management, environment selection, and operational follow-up flows. Related context MANAGEDENVIRONMENT EDIT Edit tenant Update tenant identity and lifecycle metadata. Management Edit PROVIDER CONNECTIONS Open provider connections Inspect consent, credentials, and health for this tenant. Integrat",
"topNavigationText": "wp YPTW2 (DEV) EN TenantPilot Global search 7",
"url": "http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/access-scopes",
"visibleButtons": [
"Add explicit access scope",
"Remove explicit scope"
]
},
"snapshot": "- navigation:\n - link \"wp\":\n - /url: http://localhost/admin\n - text: wp\n - button \"Environment scope\":\n - generic: YPTW2 (DEV)\n - button \"Language\":\n - generic: EN\n - link \"TenantPilot\":\n - /url: http://localhost/admin\n - generic: TenantPilot\n - generic: Global search\n - searchbox \"Global search\"\n - button \"Notifications\":\n - generic: \"7\"\n - button \"User menu\":\n - img \"Avatar of Ahmed Darrazi\"\n- complementary:\n - navigation:\n - list:\n - list:\n - link \"Overview\":\n - /url: http://localhost/admin\n - generic: Overview\n - generic: Inventory\n - button \"Inventory\" [expanded]:\n - list:\n - link \"Items\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/inventory\n - generic: Items\n - link \"Policies\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/policies\n - generic: Policies\n - link \"Policy Versions\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/policy-versions\n - generic: Policy Versions\n - link \"Coverage\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/inventory/inventory-coverage\n - generic: Coverage\n - generic: Monitoring\n - button \"Monitoring\" [expanded]:\n - list:\n - link \"Finding exceptions\":\n - /url: http://localhost/admin/finding-exceptions/queue\n - generic: Finding exceptions\n - link \"Operations\":\n - /url: http://localhost/admin/workspaces/3/operations\n - generic: Operations\n - link \"Alerts\":\n - /url: http://localhost/admin/alerts\n - generic: Alerts\n - link \"Audit Log\":\n - /url: http://localhost/admin/audit-log\n - generic: Audit Log\n - generic: Reporting\n - button \"Reporting\" [expanded]:\n - list:\n - link \"Reviews\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/environment-reviews\n - generic: Reviews\n - link \"Customer reviews\":\n - /url: http://localhost/admin/reviews/workspace\n - generic: Customer reviews\n - link \"Stored reports\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/stored-reports\n - generic: Stored reports\n - link \"Review Packs\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/review-packs\n - generic: Review Packs\n - generic: Settings\n - button \"Settings\" [expanded]:\n - list:\n - link \"Manage workspaces\":\n - /url: http://localhost/admin/workspaces\n - generic: Manage workspaces\n - link \"Integrations\":\n - /url: http://localhost/admin/provider-connections\n - generic: Integrations\n - link \"Settings\":\n - /url: http://localhost/admin/settings/workspace\n - generic: Settings\n - generic: Backups & Restore\n - button \"Backups & Restore\" [expanded]:\n - list:\n - link \"Backup Schedules\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/backup-schedules\n - generic: Backup Schedules\n - link \"Backup Sets\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/backup-sets\n - generic: Backup Sets\n - link \"Restore Runs\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/restore-runs\n - generic: Restore Runs\n - generic: Directory\n - button \"Directory\" [expanded]:\n - list:\n - link \"Groups\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/entra-groups\n - generic: Groups\n - generic: Governance\n - button \"Governance\" [expanded]:\n - list:\n - link \"Findings\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/findings\n - generic: Findings\n - link \"Baselines\":\n - /url: http://localhost/admin/baseline-profiles\n - generic: Baselines\n - link \"Baseline Snapshots\":\n - /url: http://localhost/admin/baseline-snapshots\n - generic: Baseline Snapshots\n - link \"Governance inbox\":\n - /url: http://localhost/admin/governance/inbox\n - generic: Governance inbox\n - link \"Decision register\":\n - /url: http://localhost/admin/governance/decisions\n - generic: Decision register\n - link \"Baseline Compare\":\n - /url: http://localhost/admin/baseline-compare-landing\n - generic: Baseline Compare\n - link \"Evidence\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/evidence\n - generic: Evidence\n - link \"Risk exceptions\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/finding-exceptions\n - generic: Risk exceptions\n- main:\n - navigation:\n - list:\n - link \"Managed Environments\":\n - /url: http://localhost/admin/workspaces/3/environments\n - link \"YPTW2\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf\n - generic: View\n - heading \"Manage environment access scope\" [level=1]\n - paragraph: Workspace membership defines the role. Explicit environment scopes only narrow which workspace members can see this environment.\n - link \"Back to environment overview\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf\n - button \"External links\":\n - button \"Setup\":\n - button \"Triage\":\n - button \"Lifecycle\":\n - heading \"Identity\" [level=2]\n - term: Name\n - definition:\n - generic: YPTW2\n - term: ManagedEnvironment ID\n - definition:\n - generic: b0091e5d-944f-4a34-bcd9-12cbfb7b75cf\n - term: Domain\n - definition\n - term: Status\n - definition:\n - text: Active\n - term: Workspace posture\n - definition:\n - text: In workspace\n - term: Lifecycle summary\n - definition:\n - generic: This environment is active and available across normal management, environment selection, and operational follow-up flows.\n - heading \"Related context\" [level=2]\n - generic: ManagedEnvironment edit\n - link \"Edit tenant\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf\n - generic: Update tenant identity and lifecycle metadata.\n - generic: Management\n - link \"Edit\":\n - /url: http://localhost/admin/workspaces/3/environments/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf\n - text: Edit\n - generic: Provider connections\n - link \"Open provider connections\":\n - /url: http://localhost/admin/provider-connections?environment_id=4\n - generic: Inspect consent, credentials, and health for this tenant.\n - generic: Integrations\n - link \"Open\":\n - /url: http://localhost/admin/provider-connections?environment_id=4\n - text: Open\n - generic: Onboarding draft\n - link \"View completed onboarding\":\n - /url: http://localhost/admin/onboarding/2\n - generic: Return to the linked onboarding workflow for this tenant.\n - generic: Workflow\n - link \"Open\":\n - /url: http://localhost/admin/onboarding/2\n - text: Open\n - heading \"Provider\" [level=2]\n - generic: Provider connection\n - generic: \"Needs action: set a default provider connection.\"\n - link \"Open Provider Connections\":\n - /url: http://localhost/admin/provider-connections?environment_id=4\n - generic: \"Current connection: YPTW2\"\n - term: Provider\n - definition: microsoft\n - term: Target scope\n - definition: YPTW2 (b0091e5d-944f-4a34-bcd9-12cbfb7b75cf)\n - term: Lifecycle\n - definition:\n - generic: Enabled\n - term: Consent\n - definition:\n - generic: Granted\n - term: Verification\n - definition:\n - generic: Healthy\n - term: Last check\n - definition: 2026-05-14 20:42:50\n - generic: Diagnostics\n - heading \"RBAC\" [level=2]\n - button:\n - term: Status\n - definition:\n - text: Not configured — Intune RBAC has not been set up for this tenant. Write operations will be blocked.\n - heading \"Integration\" [level=2]\n - button:\n - term: Grant admin consent URL\n - definition:\n - generic: https://login.microsoftonline.com/b0091e5d-944f-4a34-bcd9-12cbfb7b75cf/v2.0/adminconsent?client_id=c9110351-1e46-43fe-865d-8a1ce896cc47&redirect_uri=http%3A%2F%2Flocalhost%2Fadmin%2Fconsent%2Fcallback&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default&state=tenantpilot%7C4\n - heading \"Metadata\" [level=2]\n - button:\n - heading \"Required permissions\" [level=2]\n - button:\n - term: Permissions\n - definition:\n - list:\n - term: Permission\n - definition:\n - generic: DeviceManagementConfiguration.ReadWrite.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: policy-sync, backup, restore, settings-normalization, drift\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: DeviceManagementConfiguration.Read.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: policy-sync, backup, settings-normalization, drift\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: DeviceManagementApps.ReadWrite.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: backup, restore\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: DeviceManagementApps.Read.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: policy-sync, backup\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: DeviceManagementServiceConfig.ReadWrite.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: backup, restore, policy-sync\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: DeviceManagementServiceConfig.Read.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: policy-sync, backup\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: Policy.Read.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: conditional-access, backup, versioning\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: Policy.ReadWrite.ConditionalAccess\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: conditional-access, restore\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: Directory.Read.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: tenant-health\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: DeviceManagementRBAC.Read.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: scope-tags, backup-metadata, assignments\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: DeviceManagementRBAC.ReadWrite.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: scope-tags, foundations, backup, restore\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: Group.Read.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: assignments, group-mapping, backup-metadata, directory-groups, group-directory-cache, drift\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: DeviceManagementScripts.ReadWrite.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: policy-sync, backup, restore, scripts, remediations\n - term: Status\n - definition:\n - text: Granted\n - term: Permission\n - definition:\n - generic: DeviceManagementScripts.Read.All\n - term: Type\n - definition:\n - generic: application\n - term: Features\n - definition:\n - generic: policy-sync, backup, scripts, remediations\n - term: Status\n - definition:\n - text: Granted\n - heading \"Memberships\" [level=2]\n - button \"Add explicit access scope\":\n - text: Add explicit access scope\n - generic: Search\n - searchbox \"Search\"\n - button \"Column manager\":\n - table:\n - rowgroup:\n - row \"User Domain Created at Action\":\n - columnheader \"User\"\n - columnheader \"Domain\"\n - columnheader \"Created at\":\n - button \"Created at\":\n - text: Created at\n - columnheader \"Action\"\n - rowgroup:\n - row \"spo_admin@yptw2.onmicrosoft.com yptw2.onmicrosoft.com 1 day ago Remove explicit scope\":\n - cell \"spo_admin@yptw2.onmicrosoft.com\":\n - generic: spo_admin@yptw2.onmicrosoft.com\n - cell \"yptw2.onmicrosoft.com\":\n - generic: yptw2.onmicrosoft.com\n - cell \"1 day ago\":\n - generic: 1 day ago\n - cell \"Remove explicit scope\":\n - button \"Remove explicit scope\":\n - text: Remove explicit scope\n - navigation \"Pagination navigation\":\n - generic: Per page\n - combobox \"Per page\":\n - option \"10\" [selected]\n - option \"25\"\n - option \"50\"\n- status"
}
Reference in New Issue View Git Blame Copy Permalink