-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
content-flow:create: User does not have the necessary permissions for this operation. #677
Comments
Compare with AdobeDocs/cloudmanager-api-docs#260. |
As the JWT token for AEM is managed outside the Adobe Developers Console but inside AEM Developer's Console (https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/implementing/developing/generating-access-tokens-for-server-side-apis.html?lang=en#fetch-the-aem-as-a-cloud-service-credentials) it seems it is currently impossible to generate one JWT token with the necessary permissions. |
@zygw How are the new content copy related operations supposed to be executed with service accounts on AEMaaCS? |
Ok, it seems that I need to add the API credentials for the generated service account via the adminconsole as outlined in https://helpx.adobe.com/enterprise/using/manage-developers.html. That is only possible for author tiers though as there is no dedicated administrator product profile for AEM publish. |
Also according to the README (https://github.com/adobe/aio-cli-plugin-cloudmanager#permissions)
But executing results in
|
We are also facing the same issue when trying to execute below command
We have created a cloud manager API https://developer.adobe.com/ console and added deployment manager role in it (see attached) but still getting permission issues. Any clue ? Here is the error:
|
The user must be an admin in the source and destination environment. The Cloud Manager roles only gate the availability of the API. Since the content copy reads/writes arbitrary paths, the user running the copy must have admin privilege in the two AEM envs. See Permissions table in: |
Expected Behavior
When trying to create a new content flow based on JWT service account having "Deployment Manager" one has the necessary permission to trigger a content copy. According to https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/implementing/developer-tools/content-copy.html?lang=en#permissions one also needs to part of the AEM administrators group in both the source and the destination environment. But I cannot assign any AEM access in https://developer.adobe.com/console/. There is not even an API for AEM.
Actual Behavior
The following error is emitted when trying to execute
cloudmanager:content-flow:create 918302 9603 918249 true author --programId 96552 --imsContextName program-96552
Reproduction Scenario, Platform, and Version
This happens with
aio-cli-plugin-cloudmanager v4.1.0
used standalone as outlined in https://github.com/adobe/aio-cli-plugin-cloudmanager#standalone-use.The text was updated successfully, but these errors were encountered: