20 Mar 2023 03:38 AM - last edited on 02 May 2023 02:40 PM by educampver
Hi,
My end encountered error below when trying to trigger workflow:
Error: Forbidden
Error Description: IAM policy condition does not match
Upon checking on the authorization setting, seems like my role doesn’t have sufficient permission to modify it:
Attached the policy assigned to my account, perhaps there is any rule related to workflow missing out that I am not aware off?
Thanks in advance for the reply.
Regards,
Teh
Solved! Go to Solution.
20 Mar 2023 08:05 AM
I think you miss:
'automation:workflows:run'
'automation:workflows:write'
20 Mar 2023 01:08 PM
Hi s_eilmsteiner,
Thanks for your response.
Had added both rule under policy but no luck.
Regards,
Teh
20 Mar 2023 08:44 AM - edited 20 Mar 2023 08:46 AM
Could you please open developer tools in your browser and go to the "Authorization Settings" view and show the response to the
platform/iam/repo/environment/<tenant>/bindings/...
For me, it looks like you're missing "iam:bindings:*" permissions.
20 Mar 2023 01:12 PM
Hi Michal,
Thanks for your response.
Not sure if I get you correctly, but I didn't see any here:
Didn't see authorization setting available.
And yeap, still having this error message:
I believe it is something to with the policy rule.
Wondering if there is any documentation that I can refer to sort out the missing rules?
Thanks.
Regards,
Teh
23 Mar 2023 07:24 AM
Hi Teh,
We have found a missing piece on our side (an internal policy binding was not there). Now, you should be able to run workflows without any problems. Could you please confirm that?
Please also make sure that you consent to at least "Primary Permissions" in the "Authorization Settings" (top right) in the Workflow app.
23 Mar 2023 04:04 PM
Hi Michal,
Good news, it is working now!!!
Big thanks.
Regards,
Teh