In our tenant, the HTTP connector has been put in the "No Business Data allowed" group for security reasons. The thinking here is that not every user should be able to use HTTP to send business data to unknown endpoints.
At the same time, we would like to be able to extend Flow functionality by IT approved custom connectors. I created a custom connector and had it put explicitly in the "Business Data allowed" group, but it doesn't work - Flows which use this Custom Connector are automatically deactivated.
A recent call with MS support informed us that this is by design - since a custom connector uses HTTP, blocking the HTTP connector also blocks all custom connectors.
I think this behavior is wrong and should be changed. Since a custom connector always uses HTTP, the current behavior doesn't even make sense.
To repeat: We do not want just anybody to be able to use the HTTP connector, but at the same time, we want to provide specific additional services to be available (after security review!). Please fix this ASAP - currently, this makes the Power Platform essentially a no-go for a lot of otherwise attractive use-cases.