Hello,
I have BOTH Microsoft Forms and Sharepoint listed in the "Business" connector bucket for a given DLP.
However, when I try to run a Flow, in the correct environment (DEV in this case), I get a DLP error:
"This action violates your org’s data loss prevention policy (DLP). To make the flow valid, delete the action and remove the connection reference. See your admin for details."
How is this possible? They are both in the same business data bucket.
Thank you,
Solved! Go to Solution.
Now that I'm done:
- Explaining the problem
- Researching and investigating
- Solving the problem
Let me post the solution.
1. The DLP UI is misleading. This is not true:
a. The Environments shows as "Added to policy" are in fact EXCLUDED from the DLP
2. This is how it should read:
Test:
1. Initial issue reported is present when only DEV env is "Added to Policy"
2. Remove DEV env from the "Added to policy" section. Add the other 3 env's to "Added to policy" section as shown above.
a. Wait ~15-20mins for policy to propagate
b. Delete Flow AND Connection
3. Test original issue again...
Now granted, that was only ~2-3 hours of my precious life on earth, but still. I'd appreciate a bit more vetting of the UI AND the docs before releasing something like this in the future.
Hm... you know, looking back at the policy. I wonder if I have the logic backwards for the "Excluded environments" tab:
- The one I "added" is the one I actually WANT the policy to apply to
- Whereas it appears the logic is "add the Environments you want excluded from the policy"
- (Add the one you want excluded)
I think this would be much simpler IF
- Add the one you want included .
- Its not too often I add -1 to a value in order to subtract!
I think this is the issue. I'll change this and test again.
Now I'm really confused! I guess the logic is indeed "Add to policy.." sheesh. Still investigating.
@Mira_Ghaly No other policies applied to the Environment.
- "dev_dlp_policy" only applies to the DEV env:
- "default_env_lockdown" only applies to my default Env.
Any other ideas for things I could check for?
Ok! Now I'm convinced that the DLP UI/UX is out to get me!
How confusing is this?
- Looking at the highlevel view of a DLP, the message says: "Applies to all Environments except 1"
- When I open the details of that DLP, it shows the opposite!: "1 Environment added to policy"
So which is it?!? Does the DLP apply to all Environments except for 1 or only 1 Environment.
Now that I'm done:
- Explaining the problem
- Researching and investigating
- Solving the problem
Let me post the solution.
1. The DLP UI is misleading. This is not true:
a. The Environments shows as "Added to policy" are in fact EXCLUDED from the DLP
2. This is how it should read:
Test:
1. Initial issue reported is present when only DEV env is "Added to Policy"
2. Remove DEV env from the "Added to policy" section. Add the other 3 env's to "Added to policy" section as shown above.
a. Wait ~15-20mins for policy to propagate
b. Delete Flow AND Connection
3. Test original issue again...
Now granted, that was only ~2-3 hours of my precious life on earth, but still. I'd appreciate a bit more vetting of the UI AND the docs before releasing something like this in the future.
This training provides practical hands-on experience in creating Power Apps solutions in a full-day of instructor-led App creation workshop.
Come together to explore latest innovations in code and application development—and gain insights from experts from around the world.