- last edited on by
MaciejNeumann
I have a staff member that is having issues running SRG's via workflows.
Their Permissions for SRG are as follows:
// REQUIRED
ALLOW
app-engine:apps:run,
app-engine:functions:run,
app-settings:objects:read,
app-settings:objects:write,
environment-api:metrics:read,
environment-api:slo:read,
openpipeline:events.sdlc:ingest,
state:app-states:read,
state:app-states:write,
state:app-states:delete,
state:user-app-states:read,
state:user-app-states:write,
storage:bizevents:read,
storage:buckets:read,
storage:entities:read,
storage:events:read,
storage:events:write,
storage:logs:read,
storage:metrics:read,
storage:security.events:read,
storage:spans:read,
storage:system:read,
storage:user.events:read,
storage:user.sessions:read;
// RECOMMENDED
ALLOW
automation:workflows:read,
automation:workflows:run,
automation:workflows:write,
davis:analyzers:execute,
iam:users:read,
automation:rules:read,
automation:calendars:read, automation:calendars:write;However the user is getting the following error:
If I set myself as the actor it runs no problem. But once I set the other user, it fails.
Update - SOLVED!
So I opened a support ticket on this as well to get another set of eyes on it. Ultimately the user has near identical access as myself (Minus account management etc). However the user was able to run SRG's manually, the workflow schedule wasn't triggering the SRG. So we looked again ay my permissions for workflows vs the user - identical.
I scheduled a working session with the user since there are a set of hidden permissions that need to be set, and i had a string feeling that this was indeed the issue - and it was!
Within workflows you'll want to select the gear and ensure you have the correct permissions.
We did trail out some segments and found that the SLO segment was the hang up - the Object templates specifically.
Featured Posts
