logic app connection to storage account failing

Question

I have created logic app storage connection using below code but unfortunately it is throwing error.

resource blobConnector 'Microsoft.Web/connections@2018-07-01-preview' = {
  name: 'apic-d365-azureblob12345'
  location: Location
  kind: 'V2'
  properties: {
    alternativeParameterValues: {}
    api: {
      id: 'subscriptions/${subscription().subscriptionId}/providers/Microsoft.Web/locations/${Location}/managedApis/azureblob'
    }
    customParameterValues: {}
    displayName: 'azureblob'
    parameterValueSet: {
      name: 'managedIdentityAuth'
      values: {}
    }
  }
}

Role assignment:

resource blobcontributorroleassignment 'Microsoft.Authorization/roleAssignments@2020-10-01-preview' = {
  name: guid(resourceGroup().id, logicappsite.id, blobcontributorroledefination.id)
  properties: {
    roleDefinitionId: blobcontributorroledefination.id
    principalType: 'ServicePrincipal'
    principalId: logicappsite.identity.principalId
  }
}

below is the error it is throwing while making connection

"error": "'Operation not supported with AAD authentication, use Azure Storage Account name/key connection instead

Could someone help me if I am missing something or doing wrong. Thanks in advance.

Thomas · Accepted Answer · 2023-06-30T02:34:49.450

0

You also need to create an access policy to allow the logic app to access the connection api:

// Grant permission to the logic app standard to access the connection api
resource blobConnectorAccessPolicy 'Microsoft.Web/connections/accessPolicies@2018-07-01-preview' = {
  name: logicappsite.name
  parent: blobConnector
  location: location
  properties: {
    principal: {
      type: 'ActiveDirectory'
      identity: {
        tenantId: subscription().tenantId
        objectId: logicappsite.identity.principalId
      }
    }
  }
}

edited Jun 30 '23 at 02:34

answered Jul 01 '22 at 23:24

Thomas

24,234
6
81
125

Yes , i have this access policy added as well. but still its throwing error – ramesh reddy Jul 04 '22 at 03:39
Could you share the action you are using in your workflow ? – Thomas Jul 04 '22 at 04:07
"actions": {"Uploads_a_Blob_to_Azure_Storage": { "inputs": { "parameters": { "blobName": "@concat(body('Parse_response_from_D365_integration_workflow')?['status'],workflow()['run']['name'],'.xml')", "containerName": "coantainer1", "content": "@body('Reads_Blob_Content_from_Azure_Storage')?['content']"}, "serviceProviderConfiguration": { "connectionName": "AzureBlob", – ramesh reddy Jul 04 '22 at 07:00
Weird, I have it working. When you select the action, you need to choose Azure not buit-in action. – Thomas Jul 06 '22 at 02:36
its working for finally – ramesh reddy Oct 06 '22 at 04:36
Hello, I am facing a similar issue but I do not know where the policy must be added, is that at connection level? or is this a policy that belongs to the Logic App? thanks in advance! – Diego Satizabal Jun 30 '23 at 12:09
at the connection level. In the sample, the parent is the `blobConnector`. – Thomas Jun 30 '23 at 20:49

logic app connection to storage account failing

1 Answers1