Been stuck on this one for quite some time .. We already deploy Logic App API Connections which use managed identity (Service bus , Eventgrid , ...) through bicep code and they are all working as expected. What I did now is I manually configured an SQL Logic App API Connection on the Azure Portal and it's working as expected. But when templating it to bicep, it is giving me more than a 1000 headaches. Manually configured connection in the portal provides me with: However my current bicep code: resource con_XXXXXX_sql 'Microsoft.Web/connections@2016-06-01' = { name: sqlConnectionName location: location properties: { displayName: sqlConnectionName customParameterValues: {} api: { id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'sql') type: 'Microsoft.Web/locations/managedApis' } parameterValueSet: { name: 'managedIdentityAuth' values: {} } } } Is resulting in: To be fair, it should not be hard to find an answer on this for what the possible values of 'Authentication' can be for your connection and how you should deploy the different types of Authentication .. Things i've tried: Exporting the template of that 'manually created connection' on the Resource Group does not provide me with a good solution since it's not the same as it is configured adding 'authType' with different values also did not work since it then tries Windows / Basic / Sql / other Authentication methods than the one i want (which is User Assigned Managed Identity) I am calling my SQL Connection correctly in my logic app since the manually created connection is giving no issues. AI Suggests: parameterValueSet: { name: 'managedIdentityAuth' values: {} identity: '/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<managed-identity-name>' } ^ Not working The Error: The $connections in my LogicApp: sql: { connectionId: existing_con_kyriba_sql.id connectionName: existing_con_kyriba_sql.name id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'sql') connectionProperties: { authentication: { type: 'ManagedServiceIdentity' identity: resourceId(InfraResourceGroupName, 'Microsoft.ManagedIdentity/userAssignedIdentities', UserAssignedManagedIdentityName) } } } Could someone please provide me with a sample or solution on how my bicep code should look like so that it is the same as the connection that I created manually and which is working fine in the portal? Thanks in advance Kind Regards Senne

Although the solution works for me as well, I still have an issue after a deploy in a clean resource group. When I open the designer it reports "Invalid connection". After I select the user assigned managed identity from the dropdown, a new connection is created in the connections.json file with the same content. Then the designer is happy. I cannot see the difference between the connection which is deployed and the connection which is created using the portal. Did anyone had the same problem and found a way to solve it?

Logic App SQL Connection is not set up to use Managed Identity

Anonymous

Been stuck on this one for quite some time .. We already deploy Logic App API Connections which use managed identity (Service bus , Eventgrid , ...) through bicep code and they are all working as expected.

What I did now is I manually configured an SQL Logic App API Connection on the Azure Portal and it's working as expected. But when templating it to bicep, it is giving me more than a 1000 headaches.

Manually configured connection in the portal provides me with:

User's image

However my current bicep code:

resource con_XXXXXX_sql 'Microsoft.Web/connections@2016-06-01' = {
  name: sqlConnectionName
  location: location
  properties: {
    displayName: sqlConnectionName
    customParameterValues: {}
    api: {
      id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'sql')
      type: 'Microsoft.Web/locations/managedApis'
    }
    parameterValueSet: {
      name: 'managedIdentityAuth'
      values: {}
    }
  }
}

Is resulting in:
User's image

To be fair, it should not be hard to find an answer on this for what the possible values of 'Authentication' can be for your connection and how you should deploy the different types of Authentication ..

Things i've tried:

Exporting the template of that 'manually created connection' on the Resource Group does not provide me with a good solution since it's not the same as it is configured
adding 'authType' with different values also did not work since it then tries Windows / Basic / Sql / other Authentication methods than the one i want (which is User Assigned Managed Identity)
I am calling my SQL Connection correctly in my logic app since the manually created connection is giving no issues.
AI Suggests:

parameterValueSet: {
      name: 'managedIdentityAuth'
      values: {}
      identity: '/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<managed-identity-name>'
    }

^ Not working

The Error:
User's image

The $connections in my LogicApp:

sql: {
            connectionId: existing_con_kyriba_sql.id
            connectionName: existing_con_kyriba_sql.name
            id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'sql')
            connectionProperties: {
              authentication: {
                type: 'ManagedServiceIdentity'
                identity: resourceId(InfraResourceGroupName, 'Microsoft.ManagedIdentity/userAssignedIdentities', UserAssignedManagedIdentityName)
              }
            }
          }

Could someone please provide me with a sample or solution on how my bicep code should look like so that it is the same as the connection that I created manually and which is working fine in the portal?

Thanks in advance

Kind Regards

Senne

Accepted answer

Luis Arias 7,131

Hi Eeraerts Senne,

I will try to reproduce your escenarie and test the code, meanwhile I can point the main difference between your Manual configuration and your bicep deployment as you mention is your Authentication. I understood that you want to configure using managed identity so for you 2 main resources on bicep Connections and workflows you need to add Identity section.

Example for Microsoft.Web/connections :

resource sqlConnection 'Microsoft.Web/connections@2018-07-01-preview' = {
  name: 'sqlConnection'
  location: resourceGroup().location
  properties: {
    api: {
      id: '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Web/locations/${resourceGroup().location}/managedApis/sql'
    }
    displayName: 'sqlConnection'
    parameterValues: {
      'sqlServer': 'your-server-name'
      'sqlDatabase': 'your-database-name'
    }
  }
 //# Here your identity need to be setup to use user Assigned Managed Identity
  identity: {
    type: 'UserAssigned'
    userAssignedIdentities: {
      '${managedIdentity.id}': {}
    }
  }
}

The same block for example on Microsoft.Logic/workflows

resource logicApp 'Microsoft.Logic/workflows@2019-05-01' = {
  name: 'logicApp'
  location: resourceGroup().location
  properties: {
    definition: {
      '$schema': 'https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#'
      contentVersion: '1.0.0.0'
      actions: {
        // Your Logic App actions here
      }
      triggers: {
        // Your Logic App triggers here
      }
      parameters: {
        '$connections': {
          defaultValue: {
            'sql': {
              connectionId: sqlConnection.id
              connectionName: sqlConnection.name
              id: '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Web/locations/${resourceGroup().location}/managedApis/sql'
            }
          }
        }
      }
    }
    parameters: {
      '$connections': {
        value: {
          'sql': {
            connectionId: sqlConnection.id
            connectionName: sqlConnection.name
            id: '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Web/locations/${resourceGroup().location}/managedApis/sql'
          }
        }
      }
    }
  }
 //# Here your identity need to be setup to use user Assigned Managed Identity
  identity: {
    type: 'UserAssigned'
    userAssignedIdentities: {
      '${managedIdentity.id}': {}
    }
  }
}

If you share your bicep code (without confidential information) i can reproduce your escenarie and help you better.

Let me know. Luis

Anonymous

Hi Luis,

First of all thanks for taking the time and trying out this issue. The code for the connection that you provide in your first example i already tried, that is indeed how we 'normally' deploy API Connections that use managed identity. Let me show you my 2 files. Where the first one is the API Connections and the second one is the Logic App Workflow itself

We dynamically pass info from api-connections.bicep file to the workflow.bicep file through the bicep 'output' principe.

Api-connections.bicep

// parameters
param EventGrid object
param location string = resourceGroup().location
param ReleaseInfo string
param ResourceInfix string
param ServiceBus object
param Sql object
@secure()
param sql_password string
param InfraResourceGroupName string
param UserAssignedManagedIdentityName string

// variables
var logicAppName = 'la-${ResourceInfix}-rcv-example-pf'
var blobConnectionName = '${logicAppName}-con-blob'
var eventGridPublishConnectionName = '${logicAppName}-con-eg-publish'
var serviceBusConnectionName = '${logicAppName}-sb-con-send'
var sqlConnectionName = '${logicAppName}-con-sql'

// existing resources
resource existing_infra_eventgrid 'Microsoft.EventGrid/topics@2022-06-15' existing = {
  name: EventGrid.information.name
  scope: resourceGroup(EventGrid.information.resourceGroup)
}
// existing uami
resource existing_mi_userassigned 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' existing = {
  name: UserAssignedManagedIdentityName
  scope: resourceGroup('${subscription().subscriptionId}', InfraResourceGroupName)
}
// resources

// example-pf-con-blob
resource con_example_blob_storage 'Microsoft.Web/connections@2016-06-01' = {
  name: blobConnectionName
  location: location
  tags: {
    displayName: 'Blob storage connection - create'
    createdBy: ReleaseInfo
  }
  properties: {
    displayName: blobConnectionName
    customParameterValues: {}
    parameterValueSet: {
      name: 'managedIdentityAuth'
      values: {}
    }
    api: {
      id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'azureblob')
    }
  }
}

// example-pf-con-eg-publish
resource con_example_eventgrid_publish 'Microsoft.Web/connections@2016-06-01' = {
  name: eventGridPublishConnectionName
  location: location
  tags: {
    displayName: 'EventGrid Connection - publish'
    createdBy: ReleaseInfo
  }
  properties: {
    displayName: eventGridPublishConnectionName
    customParameterValues: {}
    parameterValues: {
      endpoint: reference(existing_infra_eventgrid.id, '2018-01-01').endpoint
      api_key: listKeys(existing_infra_eventgrid.id, '2018-01-01').key1
    }
    api: {
      name: 'azureeventgridpublish'
      displayName: 'Azure Event Grid Publish'
      id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'azureeventgridpublish')
      type: 'Microsoft.Web/locations/managedApis'
    }
    testLinks: []
  }
}

// example-pf-sb-con-send
resource con_example_servicebus_publish 'Microsoft.Web/connections@2016-06-01' = {
  name: serviceBusConnectionName
  location: location
  tags: {
    displayName: 'Servicebus connection - send'
    createdBy: ReleaseInfo
  }
  properties: {
    displayName: serviceBusConnectionName
    customParameterValues: {}
    parameterValueSet: {
      name: 'managedIdentityAuth'
      values: {
        namespaceEndpoint: {
          value: 'sb://${ServiceBus.information.name}.servicebus.windows.net/'
        }
      }
    }
    api: {
      id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'servicebus')
    }
    testLinks: []
  }
}

// example-pf-con-sql
// In order to use an SQL connection with User assigned managed Identity authentication , you have to add the User assigned identity name as a DB role in the SQL Database first:
// CREATE USER "mi-app-integration-dev-uami" FROM EXTERNAL PROVIDER;
// ALTER ROLE db_datareader ADD MEMBER "mi-app-integration-dev-uami";
// --- Then based on the action that you do in the sql connection, you should provide the uami with the correct GRANT permissions .. in this case it's an EXECUTE.
// GRANT EXECUTE ON dbo.EXAMPLE TO "mi-app-integration-dev-uami";

resource con_example_sql 'Microsoft.Web/connections@2016-06-01' = {
  name: sqlConnectionName
  location: location
  properties: {
    displayName: sqlConnectionName
    customParameterValues: {}
    api: {
      id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'sql')
      type: 'Microsoft.Web/locations/managedApis'
    }
    parameterValues: {
      sqlServer: 'your-server-name'
      sqlDatabase: 'your-database-name'
    }
    parameterValueSet: {
      name: 'managedIdentityAuth'
      values: {}
      identity: existing_mi_userassigned.id
    }
  }
}

output con_example_pf_information object = {
  pf_con_blob_storage_name: con_example_blob_storage.name
  pf_con_eventgrid_publish_name: con_example_eventgrid_publish.name
  pf_con_servicebus_publish_name: con_example_servicebus_publish.name
  pf_con_sql_name: con_example_sql.name
}

Workflow.bicep

// --- [ Parameters ] ---
param con_example_pf_information object
param InfraResourceGroupName string
param ExampleResourceGroupName string
param location string = resourceGroup().location
param ResourceInfix string
param ServiceBus object
param StorageAccount object
param UserAssignedManagedIdentityName string

// Outputted from subscription deploy dynamically
param RcvKyrPfFtpSubscriptionName string

// --- [ Variables ] ---

var This_LogicApp_name = 'la-${ResourceInfix}-rcv-example-pf'

// --- [Existing Resources]

resource existing_mi_userassigned 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' existing = {
  name: UserAssignedManagedIdentityName
  scope: resourceGroup('${subscription().subscriptionId}', InfraResourceGroupName)
}
resource existing_con_example_blob_storage 'Microsoft.Web/connections@2016-06-01' existing = {
  name: con_example_pf_information.pf_con_blob_storage_name
}
resource existing_con_example_eventgrid_publish 'Microsoft.Web/connections@2016-06-01' existing = {
  name: con_example_pf_information.pf_con_eventgrid_publish_name
}
resource existing_con_example_servicebus_publish 'Microsoft.Web/connections@2016-06-01' existing = {
  name: con_example_pf_information.pf_con_servicebus_publish_name
}
resource existing_con_example_sql 'Microsoft.Web/connections@2016-06-01' existing = {
  name: con_example_pf_information.pf_con_sql_name
}
resource existing_servicebus_namespace 'Microsoft.ServiceBus/namespaces@2022-10-01-preview' existing = {
  name: ServiceBus.information.name
  scope: resourceGroup('${subscription().subscriptionId}', ServiceBus.information.resourceGroup)
}
resource existing_servicebus_namespace_topic 'Microsoft.ServiceBus/namespaces/topics@2022-10-01-preview' existing = {
  parent: existing_servicebus_namespace
  name: '${ServiceBus.information.pubsub.topicName}'
}
resource existing_infra_storageaccount 'Microsoft.Storage/storageAccounts@2022-09-01' existing = {
  name: StorageAccount.information.name
  scope: resourceGroup('${subscription().subscriptionId}', StorageAccount.information.resourceGroup)
}

// --- [ Resources ] ---
resource la_app_integration_rcv_example_pf 'Microsoft.Logic/workflows@2019-05-01' = {
  name: This_LogicApp_name
  location: location
  identity: {
    type: 'UserAssigned'
    userAssignedIdentities: {
      '${existing_mi_userassigned.id}': {}
    }
  }
  properties: {
    state: 'Disabled'
    definition: {
      '$schema': 'https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#'
      contentVersion: '1.0.0.0'
      parameters: {
        '$connections': {
          defaultValue: {}
          type: 'Object'
        }
      }
      triggers: {
        'When_one_or_more_messages_arrive_in_a_topic_(auto-complete)': {
          recurrence: {
            frequency: ServiceBus.information.subscriptionFrequency
            interval: ServiceBus.information.subscriptionInterval
          }
          evaluatedRecurrence: {
            frequency: ServiceBus.information.subscriptionFrequency
            interval: ServiceBus.information.subscriptionInterval
          }
          splitOn: '@triggerBody()'
          splitOnConfiguration: {
            correlation: {
              clientTrackingId: '@{coalesce(triggerBody()?[\'Properties\']?[\'correlationId\'],guid())}'
            }
          }
          correlation: {}
          type: 'ApiConnection'
          inputs: {
            host: {
              connection: {
                name: '@parameters(\'$connections\')[\'servicebus_send\'][\'connectionId\']'
              }
            }
            method: 'get'
            path: '/@{encodeURIComponent(encodeURIComponent(\'${existing_servicebus_namespace_topic.name}\'))}/subscriptions/@{encodeURIComponent(\'${RcvKyrPfFtpSubscriptionName}\')}/messages/batch/head'
            queries: {
              maxMessageCount: 20
              subscriptionType: 'Main'
            }
          }
        }
      }
      actions: {
        'Execute_stored_procedure_(V2)': {
          runAfter: {
            Set_EndToEndID: [
              'Succeeded'
            ]
          }
          type: 'ApiConnection'
          inputs: {
            body: {
              EndToEndId: '@variables(\'EndToEndID\')'
            }
            host: {
              connection: {
                name: '@parameters(\'$connections\')[\'sql\'][\'connectionId\']'
              }
            }
            method: 'post'
            path: '/v2/datasets/@{encodeURIComponent(encodeURIComponent(\'blablaServer\'))},@{encodeURIComponent(encodeURIComponent(\'blablaDatabase\'))}/procedures/@{encodeURIComponent(encodeURIComponent(\'[dbo].[sp_Finance_Example_PaymentFilex]\'))}'
          }
        }
      }
      outputs: {}
    }
    parameters: {
      '$connections': {
        value: {
          servicebus_send: {
            connectionId: existing_con_example_servicebus_publish.id
            connectionName: existing_con_example_servicebus_publish.name
            id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'servicebus')
            connectionProperties: {
              authentication: {
                type: 'ManagedServiceIdentity'
                identity: resourceId(InfraResourceGroupName, 'Microsoft.ManagedIdentity/userAssignedIdentities', UserAssignedManagedIdentityName)
              }
            }
          }
          azureeventgrid: {
            connectionId: existing_con_example_eventgrid_publish.id
            connectionName: existing_con_example_eventgrid_publish.name
            id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'azureeventgridpublish')
          }
          sql: {
            connectionId: existing_con_example_sql.id
            connectionName: existing_con_example_sql.name
            id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'sql')
            connectionProperties: {
              authentication: {
                type: 'ManagedServiceIdentity'
                identity: resourceId(InfraResourceGroupName, 'Microsoft.ManagedIdentity/userAssignedIdentities', UserAssignedManagedIdentityName)
              }
            }
          }
          azureblob_create: {
            connectionId: existing_con_example_blob_storage.id
            connectionName: existing_con_example_blob_storage.name
            id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'azureblob')
            connectionProperties: {
              authentication: {
                type: 'ManagedServiceIdentity'
                identity: resourceId(InfraResourceGroupName, 'Microsoft.ManagedIdentity/userAssignedIdentities', UserAssignedManagedIdentityName)
              }
            }
          }
        }
      }
    }
  }
}

// --- [ Outputs ] ---
output workflows_PUR_Example_PF_name string = This_LogicApp_name

Let me know if you need any more information.

Luis Arias 7,131

Hi Eeraerts Senne,

This one took some time but now is working, based on your code create the below focus on the creation to the Azure Sql Api connection on Logic Apps Workflow with managed Identity (here I include some improvements to the code).

Here 3 bicep files:

This first userside.bicep is to emulate the resource that you already have in place like the:

Managed Identity
Azure Sql
Role assigment to managed identity over SQL server

param location string = resourceGroup().location
param sqlSrvName string = '<Include Your SQL Server Name>'
param sqlDbName string = '<Include Your SQL Database Name>'
param msWebConnectionName string = 'sqlwebconnection01'

resource sqlServer 'Microsoft.Sql/servers@2022-05-01-preview' existing = {
  name: sqlSrvName
}
resource sqlDatabase 'Microsoft.Sql/servers/databases@2022-05-01-preview' existing = {
  name: sqlDbName
  parent: sqlServer
}

resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
  name: 'milogicApps'
  location: location
}

resource sqlServerAdmin 'Microsoft.Sql/servers/administrators@2021-11-01-preview' = {
  parent: sqlServer
  name: 'ActiveDirectory'
  properties: {
    administratorType: 'ActiveDirectory'
    login: managedIdentity.name
    sid: managedIdentity.properties.principalId
    tenantId: managedIdentity.properties.tenantId
  }
}

resource sqlApiConnection 'Microsoft.Web/connections@2016-06-01' = {
  name: msWebConnectionName
  location: location
  properties: {
    displayName: 'automatic-mi-la-01'
    //TODO: Hidden Parameter
    parameterValueSet: {
      name: 'oauthMI'
      values: {}
    }
    api: {
      id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'sql')
    }
  }
}

output miId string = managedIdentity.id
output sqlApiConnectionName string = sqlApiConnection.name
output sqlApiConnectionId string = sqlApiConnection.id
output sqlFqdnName string = sqlServer.properties.fullyQualifiedDomainName
output sqlDbName string = sqlDatabase.name

Additionaly in this file is created the Api connection is very important notice the resource sqlApiConnection I found a hidden propertie required to create as managed Identity resource.

User's image

The second bicep file workflows.bicep create the Logic App workflow itself

param location string
param name string
param miId string
param sqlDbName string
param sqlFqdn string
param sqlApiConnectionId string
param sqlApiConnectionName string

resource la_app_integration_rcv_example_pf 'Microsoft.Logic/workflows@2019-05-01' = {
  name: name
  location: location
  identity: {
    type: 'UserAssigned'
    userAssignedIdentities: {
      '${miId}': {}
    }
  }
  properties: {
    state: 'Disabled'
    definition: {
      '$schema': 'https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#'
      contentVersion: '1.0.0.0'
      parameters: {
        '$connections': {
          defaultValue: {}
          type: 'Object'
        }
      }
      triggers: {
        recurrence: {
          type: 'Recurrence'
          recurrence: {
            frequency: 'Day'
            interval: 1
          }
        }
      }
      actions: {
        HTTP_Get: {
          type: 'Http'
          inputs: {
            method: 'GET'
            uri: 'http://example.com'
          }
        }
        'Get_rows_(V2)': {
          runAfter: {
            HTTP_Get: [
              'Succeeded'
            ]
          }
          type: 'ApiConnection'
          inputs: {
            host: {
              connection: {
                name: '@parameters(\'$connections\')[\'sql\'][\'connectionId\']'
              }
            }
            method: 'get'
            path: '/v2/datasets/@{encodeURIComponent(encodeURIComponent(\'${sqlFqdn}\'))},@{encodeURIComponent(encodeURIComponent(\'${sqlDbName}\'))}/tables/@{encodeURIComponent(encodeURIComponent(\'[dbo].[users]\'))}/items'
          }
        }
      }
      outputs: {}
    }
    parameters: {
      '$connections': {
        value: {
          sql: {
            connectionId: sqlApiConnectionId
            connectionName: sqlApiConnectionName
            connectionProperties: {
              authentication: {
                identity: miId
                type: 'ManagedServiceIdentity'
              }
            }
            id: '/subscriptions/${subscription().subscriptionId}/providers/Microsoft.Web/locations/${location}/managedApis/sql'
          }
        }
      }
    }
  }
}

In this file is importante to notice that the workflow only require the Azure sql FQDN and the name because there is a authentication by the ManagedServiceIdentity. (This workflow is an example workflow)

User's image

In this last bicep file main.bicep is only to orchestrate the deployment:

param location string = resourceGroup().location
param ResourceInfix string = 'msl'

// naming
var logicAppName = 'la-${ResourceInfix}-rcv-example-pf'

module prerequisites 'userside.bicep' = {
  name: 'mod-prerequisites'
  params: {
    location: location
  }
}

module logicApp 'workflows.bicep' = {
  name: 'mod-logicapp'
  params: {
    location: location
    miId: prerequisites.outputs.miId
    name: logicAppName
    sqlApiConnectionId: prerequisites.outputs.sqlApiConnectionId
    sqlApiConnectionName: prerequisites.outputs.sqlApiConnectionName
    sqlDbName: prerequisites.outputs.sqlDbName
    sqlFqdn: prerequisites.outputs.sqlFqdnName
  }
}

To test this deployment you can do it by Az Cli and use in your code:

az deployment group create \
    --resource-group <Your resource group> \
    --template-file main.bicep

Please let me know how is going once you test this solution .

Cheers Luis

Anonymous

2023-12-01T11:53:00.8333333+00:00

Hi Luis,

I accepted your answer as accepted since indeed adding:

did the trick completely. After adding the sql server and database values to the logicapp. The run was succesfull and the connection worked.

THANKS A LOT for this information. It's weird why Microsoft is not providing good samples or documentation on this since I can imagine this is something that is used a lot of the times. Can I kindly ask where did you find that 'hidden' parameter?

Thanks in advance

Kind regards

Senne
Luis Arias 7,131 Reputation points

2023-12-01T12:08:24.3233333+00:00

Hi Senne,

There is a lot of work to do for Bicep , some of this help it's from the community. And as you mention this information isn't in the documentation I have two additional task because of that. Create a PR for Bicep code to accept this parameter as valid for compile validations and also a PR to update the documentation on ms learn. I hope they will approve.

I found this parameter sniffing the api call when is created the connection manually from portal.

Good to know that now is working fine for you.

Luis
Md Jahangir Bokhs 5 Reputation points

2023-12-01T12:29:20.38+00:00

Update, Secure and Helpful service To provide latest version.
Anonymous

2023-12-04T09:25:09.6566667+00:00

Luis,

Could you give me a brief insight on how I can sniff the API call done to azure when creating a connection manually?

I think this might help me a lot in the future, would be awesome to have this.

Thanks in advance

Kind regards

Senne
Martin Peters 6 Reputation points

2024-07-30T07:15:58.28+00:00

I had the same problem but following these instructions made it work. Except that when I open the designer after a deploy in a clean resource group, it says "invalid connection". When I select my user defined managed identity from the dropdown, a second connection is created in the connections.json file which is identical to the existing one. But now the designer shows a valid connection. So although the activity actually works runtime, I would like to open the designer without errors. Is there a way to avoid this problem?

1 additional answer

Martin Peters 6 Reputation points

2024-07-30T08:16:45.84+00:00

Although the solution works for me as well, I still have an issue after a deploy in a clean resource group. When I open the designer it reports "Invalid connection". After I select the user assigned managed identity from the dropdown, a new connection is created in the connections.json file with the same content. Then the designer is happy. I cannot see the difference between the connection which is deployed and the connection which is created using the portal. Did anyone had the same problem and found a way to solve it?
Please sign in to rate this answer.
Luis Arias 7,131 Reputation points

2024-07-30T18:01:49.72+00:00

Hello Martin Peters,

Thanks for following this thread , however I suggest you to create a new question to deal with your specific use case.

Cheers,

Luis
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Share via

Logic App SQL Connection is not set up to use Managed Identity

1 additional answer

Your answer