I am trying to write an ARM template, it should create 3 resources:
- logic app with system assigned manage identity.
- API connection to read the secret from key vault.
- API connection to upload blob storage.
I have been struggling with it for the last few hours. please assist.
It creates 3 resources if I remove parameters.$connections. if I keep those lines it gives me error
##[error]InvalidTemplate: The template validation failed: 'The workflow parameters '$connections' are not valid; they are not declared in the definition and therefore cannot be provided. The only declared parameters for this definition are ''.'.
Here is my ARM template:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"logic_app_name": {
"defaultValue": null,
"type": "String"
},
"connections_keyvault_name": {
"defaultValue": "keyvault",
"type": "String"
},
"connections_azureblob_name":{
"defaultValue": "azureblob",
"type": "String"
},
"vaultName": {
"defaultValue": null,
"type": "String"
},
"env":{
"defaultValue": null,
"type": "String"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"name": "[parameters('connections_keyvault_name')]",
"location": "[resourceGroup().location]",
"kind": "V1",
"properties": {
"api": {
"id": "[concat('subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/', resourceGroup().location,'/managedApis/keyvault')]"
},
"parameterValueSet": {
"name": "oauthMI",
"values": {
"vaultName": {
"value": "[parameters('vaultName')]"
}
}
},
"displayName": "[parameters('connections_keyvault_name'))]"
}
},
{
"type": "Microsoft.Web/connections",
"apiVersion": "2018-07-01-preview",
"name": "[parameters('connections_azureblob_name')]",
"location": "[resourceGroup().location]",
"kind": "V1",
"properties": {
"alternativeParameterValues":{},
"api": {
"id": "[concat('subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/', resourceGroup().location,'/managedApis/azureblob')]"
},
"customParameterValues": {},
"displayName": "[concat(parameters('env'),'-',parameters('connections_azureblob_name'))]",
"parameterValueSet":{
"name": "managedIdentityAuth",
"values": {}
}
}
},
{
"type": "Microsoft.Logic/workflows",
"apiVersion": "2017-07-01",
"name": "[parameters('logic_app_name')]",
"location": "[resourceGroup().location]",
"identity": {
"type": "SystemAssigned"
},
"tags": {
"AppName": "cloudscape",
"AppOwner": "Ajay Dhingra"
},
"properties": {
"state": "Enabled",
"definition": {
"$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#",
"contentVersion": "1.0.0.0",
"parameters": {},
"triggers": {},
"actions": {},
"outputs": {}
},
"parameters": {
"$connections": {
"value": {
"keyvault": {
"connectionId":
[concat('subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name,'/providers/Microsoft.Web/connections/keyvault')]"
"connectionName": "keyvault",
"connectionProperties": {
"authentication": {
"type": "ManagedServiceIdentity"
}
},
"id": "[concat('subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/', resourceGroup().location,'/managedApis/keyvault')]"
}
}
}
}
}
}
]
}
I expect the consumption-based logic app should use manage identity to read secrets from key vault & upload blob as well. though i read this question. But my problem is with parameters.$connections of logic app.
