Closed fim34 closed 2 months ago
That means the connection reference is broken. You will need to select the correct identity from this drop down
And if it doesnt exist, create a new connection as that identity, then come back, refresh, and select.
to be sure created a new connection and changed it to new one. Still had one failed run today with same error but each time its when he want to check the default environment.
Glad you got the connection fixed.
Sounds like you don't have permissions then to the default envt. You have likely been impacted by new product behavior that just shipped around the way the product treats privileged roles (ex Power Platform Admin role, Global Admin role)
While there is a workaround we can put into the kit to fix this directly, we cannot ship it with the kit until the workaround is available in all regions. Hopefully for the July release.
Here is information about the product feature: Manage admin roles with Microsoft Entra Privileged Identity Management
Please see https://github.com/microsoft/coe-starter-kit/issues/8119 for a write up on this change. Included also is a workaround you can do until we can have it natively in the kit.
Yes the service account have the Power Platform Admin role and is system admin in default environment. Will check #8119 . That may be good we update each three months and next update have to be the july release.
Did you check today to see that they are sys admin there? I ask because Power Platform Admin Role no longer guarantees that (per the bug I referenced)
Please share the error you are getting from the flow for default. It likely a different one now right? The connection was broken before for all environments correct?
Yes the account is still sys admin on the default environment. No the run flow failed is only for default, its worked before for other environment.
No still the same error.
{
"statusCode": 403,
"headers": {
"Cache-Control": "no-store, no-cache",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains",
"x-ms-islandgateway": "GA00000IM",
"x-ms-request-id": "westeurope:74f07c9b-125f-469b-b002-34584d196df9",
"x-ms-correlation-request-id": "74f07c9b-125f-469b-b002-34584d196df9",
"x-ms-flow-mobile-ios-version": "3.0.421",
"x-ms-flow-routing-request-id": "WESTEUROPE:20240621T044427Z:74f07c9b-125f-469b-b002-34584d196df9",
"Server-Timing": "x-ms-igw-upstream-headers;dur=267.0,x-ms-igw-req-overhead;dur=0.7",
"X-Content-Type-Options": "nosniff",
"x-ms-service-request-id": "0be552c8-7221-44a9-8397-22f884c3bd7c",
"x-ms-correlation-id": "560728a4-da54-443a-b4f0-3b14bcbb959f",
"x-ms-activity-vector": "IN.0I.00",
"Timing-Allow-Origin": "*",
"x-ms-apihub-cached-response": "true",
"x-ms-apihub-obo": "false",
"Date": "Fri, 21 Jun 2024 04:44:26 GMT",
"Content-Length": "557",
"Content-Type": "application/json"
},
"body": {
"error": {
"code": "ConnectionAuthorizationFailed",
"message": "The caller object id is '7d18c858-5dd0-4549-95ba-d5784afc83cf'. Connection 'f40b6a84-dff9-497a-a418-fb124741fbd0' to 'shared_logicflows' cannot be used to activate this flow, either because this is not a valid connection or because it is not a connection you have access permission for. Either replace the connection with a valid connection you can access or have the connection owner activate the flow, so the connection is shared with you in the context of this flow."
}
}
}
First, please summarize:
Then please note, above this failure the user is explicitly granted access. Can you please go up in the flow run for this loop and see what happens here?
The account in question is this one: admin.g2s.svc-PowerPlatform.... > Yes This is the account that you verified is a System Admin in the default envt > Yes This is the account that now has been selected here > Yes connection existed and created and selected the new one.
Using the parameters as sent form the failing flow:
Open the run you created and see if it falls correctly into this case
If so, what happens within the case?
Yes its the correct guid for the account. There the flow run :
according to that then the user should already have permission to the flow, so I'm not sure what state you are in. Please go to the flow in question itself, the one for which you ran this helper just now, and see what permissions are applied to it.
Permissions for Admin | Sync Template v3 (Flow Action Details), this ?
Are you running the kit as a service principle? (not a service account but a service principle)
No all the flow use the service account.
Oh sorry I didnt mean the owner of the flow action details flow, I mean the owner of the flow for which this is failing. The flow being called here:
Its the same account for all flow so service account
OK. Sorry I'm not sure I'll be able to assist here then. It seems like there is something going on with this particular flow but without being able to log in with you and explore we seem to be at an impasse.
If a teams call is needed i can be available next week
Sorry we are not staffed up to meet with our GitHub users. There are 12k of you and only one of me, so we have to do our investigation here. Unfortunately I've run out of ideas, likely there was some miscommunication above, or something broken in your tenant. So perhaps re-walk the above and see if something new pops out to you, or pull in a local Power Platform expert to have them review.
No problem, i will update to july release and isee if there still error.
closing out as no further action for starter kit team
Still here after udpate, so will check again all step in this post.
Does this bug already exist in our backlog?
Describe the issue
Hello we have email notification of one flow run was failed because of Get Flow action. its same as #7825 but after checking with a service account, there no connection to fix in connection tab and i not find one with name "shared_logicflows" or id. All connection reference are good. The service account is owner of this flow.
So what next to check? there is a way to check with connection id ?
}
Expected Behavior
No response
What solution are you experiencing the issue with?
Core
What solution version are you using?
4.29
What app or flow are you having the issue with?
Admin | Sync Template v3 (Flow Action Details)
What method are you using to get inventory and telemetry?
Cloud flows
Steps To Reproduce
No response
Anything else?
No response
AB#3631