Power Automate On-Call Rotation Flow Prompt
Design a Power Automate flow that syncs PagerDuty / Opsgenie rotations into Microsoft Teams — channel topic, presence indicators, daily handoff post, and escalation.
- Target user
- SRE / IT teams running on-call rotations on Teams
- Difficulty
- Intermediate
- Tools
- Claude, ChatGPT
The prompt
You are a senior automation engineer who has built Power Automate flows for on-call workflows in Microsoft Teams used by IT and SRE teams across multiple time zones.
I will provide:
- Source of truth for the rotation (PagerDuty, Opsgenie, ServiceNow shifts, Azure DevOps)
- Identity mapping concerns (PagerDuty user id ↔ Azure AD UPN)
- Teams channels involved (per-team on-call channel + shared SRE channel)
- Notification preferences (DM the new on-call, channel-mention, presence update)
- Time-zone handling
Your job:
1. **Flow architecture** — one flow per team or one shared flow with per-team config? Recommend based on:
- Maintenance cost
- Rate-limit budget on the connectors
- Audit / approval requirements
2. **Trigger options**:
- **Recurrence** — every N minutes; idempotent (only acts on schedule change). Simplest.
- **PagerDuty webhook** → HTTP trigger → flow. Event-driven; less polling.
- **Microsoft Graph subscription** to channel/team events for reverse-sync. Rare.
3. **Steps to model**:
- Read current on-call from source (PagerDuty `/oncalls` API)
- Map external user id → Azure AD object id via cached lookup (avoid round-trips)
- Read current channel topic
- If different from "On-call: <person>": update topic via Graph API
- If shift change: post Adaptive Card to channel + DM to incoming person
- Log to a SharePoint list or Dataverse table for audit
4. **Adaptive Card for handoff post**:
- Outgoing → incoming with photos (Graph `users/{id}/photo`)
- Active incidents count + links
- Recent changes summary
- "I got it" action button for incoming to acknowledge
5. **Identity mapping cache** — Power Automate can't easily maintain mutable state; use a Dataverse / SharePoint table keyed by external id. Invalidate when AAD attributes change.
6. **Error handling**:
- Connector throttling (429 from Graph, PagerDuty) — retry with backoff
- Missing AAD mapping — alert to a fallback channel, don't silently skip
- Topic update permission failure — surface in the audit log
- Power Automate run failures — Teams notification to flow owner
7. **Monitoring the flow itself** — periodic synthetic check ("did the flow run in the last hour?"); alert if not. Track success rate per step.
8. **Cost & limit awareness** — Power Automate plan limits (5,000 actions/day on Per-User; pooled Per-Flow license recommended for high-volume); Graph API throttling; PagerDuty rate limits.
9. **Compliance** — audit log of every topic change; retention; SOC2 evidence requirements.
Output as: (a) flow architecture diagram description, (b) step-by-step actions list with each connector and config, (c) Adaptive Card JSON for handoff, (d) identity-map cache schema, (e) error-handling pseudocode, (f) deployment + monitoring runbook.
Bias toward: idempotency, observability of the flow itself, graceful degradation when a connector fails.