cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
ajhstn
Helper I
Helper I

Authorization to Azure resources for PowerApps

Hey - we build powerapps ontop of flows that call back to Azure Automation runbooks to do stuff.

 

Whats the best way to "share" these apps with L1 helpdesk crew.  Example.  After i share a powerapp with another person, they can see and run the powerapp, but the app fails because their account doesn't have the authorization to run the underlying runbook.

 

I can get around this by assigning them the "Automation Job Operator" Azure Role, however this Role allows members to run all runbooks in the account, which is not what we need.  We need to lock powerapps down to users and runbooks down to users.. possibles?

1 ACCEPTED SOLUTION

Accepted Solutions

Hi @ajhstn ,

I'm afraid there's no permission about editing one specific runbook.

Here's a doc about Azure Automations role for your reference:

https://docs.microsoft.com/en-us/azure/automation/automation-role-based-access-control

If you want the shared user use your app, you need to assign him the permission of the data source.

I suggest you first assigh users with the permission of "Automation Job Operator" role, then limit them only view or edit one spefic runbook.

For example, try this formula:

If(Not(User().Email in adminlist.Email)),Filter(......))

 

 

Best regards,

Community Support Team _ Phoebe Liu

Community Support Team _ Phoebe Liu
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

3 REPLIES 3
yashag2255
Dual Super User II
Dual Super User II

Hi @ajhstn 

 

How are you identifying that a specified user is allowed to see only certain runbooks? Do you have a list or some data source that associated users to the runbooks? If yes, we can use that list and show only specific runbooks in the canvas app and based on selected runbook name, flow can be triggered. Please share the specifics of your implemetation, so that we can help you better.
 
Hope this Helps!

If this reply has answered your question or solved your issue, please mark this question as answered. Answered questions helps users in the future who may have the same issue or question quickly find a resolution via search. If you liked my response, please consider giving it a thumbs up. THANKS!

We are in Office365.  I create runbooks in Azure Automations, then add a powerapp and flow on top of them.  The flow contains the "Create Job" action.  When i share the powerapp to users, they can see the power app and use the app, but the flow fails, because the user doesnt have permissions to execute "Microsoft.Automation/automationAccounts/jobs/write", ie they dont have permission to execute the "Create Job" action.  When i give the user the "Automation Job Operator" role then they can use the powerapp successfully.

 

I'd prefer NOT to give my users the "Automation Job Operator" role.  Similarly, if i build an app for an org wide audience, i don't want to give this role to everyone.

 

Ideas?

Hi @ajhstn ,

I'm afraid there's no permission about editing one specific runbook.

Here's a doc about Azure Automations role for your reference:

https://docs.microsoft.com/en-us/azure/automation/automation-role-based-access-control

If you want the shared user use your app, you need to assign him the permission of the data source.

I suggest you first assigh users with the permission of "Automation Job Operator" role, then limit them only view or edit one spefic runbook.

For example, try this formula:

If(Not(User().Email in adminlist.Email)),Filter(......))

 

 

Best regards,

Community Support Team _ Phoebe Liu

Community Support Team _ Phoebe Liu
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

View solution in original post

Helpful resources

Announcements
PA_User Group Leader_768x460.jpg

Manage your user group events

Check out the News & Announcements to learn more.

Power Query PA Forum 768x460.png

Check it out!

Did you know that you can visit the Power Query Forum in Power BI and now Power Apps

Carousel 2021 Release Wave 2 Plan 768x460.jpg

2021 Release Wave 2 Plan

Power Platform release plan for the 2021 release wave 2 describes all new features releasing from October 2021 through March 2022.

R2 (Green) 768 x 460px.png

Microsoft Dynamics 365 & Power Platform User Professionals

DynamicsCon is a FREE, 4 half-day virtual learning experience for 11,000+ Microsoft Business Application users and professionals.

Users online (1,072)