cli
cli copied to clipboard
Published
20 hours ago •
forcedotcom
forcedotcom
`org refresh sandbox` results in INSUFFICIENT_ACCESS error
Summary
While using the command org refresh sandbox to refresh a sandbox, the command finishes with the following error:
INSUFFICIENT_ACCESS: use of the Metadata API requires a user with the ModifyAllData or ModifyMetadata permissions.
However, the sandbox was refreshed and I was able to login to the org after this error.
I noticed the same error occurred with org resume sandbox, when I refreshed a sandbox but the wait timed out.
Steps To Reproduce
- Refresh an existing sandbox:
sf org refresh sandbox -n alandev01 -f sandbox-def.json -o PROD -w 99
- Wait for the command to finish
Expected result
Sandbox should be refreshed without producing an error
Actual result
Command returns after sandbox has finished refreshing but ends with an error
Output:
=== Config Sandbox Refresh
Field Value
───────────────────── ────────────────────────────
Id 0GQ1O000000L07iWAC
SandboxName alandev01
LicenseType DEVELOPER
TemplateId null
HistoryDays 0
CopyChatter false
AutoActivate true
ApexClassId 01pOO000001IyrZYAS
Description null
SourceId null
IsDeleted false
CreatedDate 2019-09-05T16:39:08.000+0000
CreatedById 00530000003ZbzsAAC
LastModifiedDate 2024-08-28T21:08:37.000+0000
LastModifiedById 00530000003ZbzsAAC
ActivationUserGroupId 00G30000002HUShEAO
? Is the configuration correct? yes
Sandbox Refresh... done
Error (sf:INSUFFICIENT_ACCESS): INSUFFICIENT_ACCESS: use of the Metadata API requires a user with the ModifyAllData or ModifyMetadata permissions.
Additional information
sandbox-def.json:
{
"ActivationUserGroupId": "00G30000002HUShEAO",
"ApexClassId": "01pOO000001IyrZYAS",
"autoActivate": true
}
My PROD Permissions:
- Includes:
- Manage Sandboxes
- Manage Dev Sandboxes
- Excludes:
- ModifyAllData
- ModifyMetadata
When I refresh a sandbox via the UI, I do not encounter any such errors.
System Information
{
"architecture": "linux-x64",
"cliVersion": "@salesforce/cli/2.60.13",
"nodeVersion": "node-v18.20.3",
"osVersion": "Linux 6.8.0-45-generic",
"rootPath": "/home/alan.morey/.volta/tools/image/packages/@salesforce/cli/lib/node_modules/@salesforce/cli",
"shell": "zsh",
"pluginVersions": [
"@oclif/plugin-autocomplete 3.2.4 (core)",
"@oclif/plugin-commands 4.0.15 (core)",
"@oclif/plugin-help 6.2.12 (core)",
"@oclif/plugin-not-found 3.2.21 (core)",
"@oclif/plugin-plugins 5.4.9 (core)",
"@oclif/plugin-search 1.2.9 (core)",
"@oclif/plugin-update 4.5.9 (core)",
"@oclif/plugin-version 2.2.13 (core)",
"@oclif/plugin-warn-if-update-available 3.1.17 (core)",
"@oclif/plugin-which 3.2.14 (core)",
"@salesforce/cli 2.60.13 (core)",
"apex 3.4.10 (core)",
"api 1.2.2 (core)",
"auth 3.6.62 (core)",
"community 3.2.32 (user) published 25 days ago (Sat Sep 14 2024) (latest is 3.2.33)",
"data 3.6.7 (core)",
"deploy-retrieve 3.12.11 (core)",
"dev 2.4.2 (user) published 43 days ago (Mon Aug 26 2024)",
"info 3.4.9 (core)",
"limits 3.3.32 (core)",
"marketplace 1.2.26 (core)",
"org 4.5.10 (core)",
"packaging 2.8.7 (core)",
"schema 3.3.32 (core)",
"settings 2.3.21 (core)",
"sobject 1.4.38 (core)",
"source 3.5.21 (core)",
"telemetry 3.6.15 (core)",
"templates 56.3.21 (core)",
"trust 3.7.31 (core)",
"user 3.5.31 (core)",
"cli-plugin 1.0.0 (link) /home/alan.morey/repos/salesforce/cli-plugin",
"gr-sfdx-plugin 0.0.0 (link) /home/alan.morey/repos/salesforce/gr-sfdx-plugin"
]
}
