Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
Linked Service Can't connect to parametrized KeyVault linked service
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 48%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDR%3C/text%3E%3C/svg%3E)
Dmitriy Ryabin
6
Reputation points
Hello,
I need help. Sorry, somewhat long description, but it to the point.
Here is the scenario:
I may have serval Key vaults under my Azure subscription. They are copy of each others except the values of some secrets differ (production vs. Test vs. Dev data etc...)
In the Azure Data Factory, I have a Linked Service defined that connects to the key vault. This linked service is parametrized, taking vault name as an argument.
Then, I have 2 more linked services.
- One to a REST endpoint taking ApiKey from key vault
and - Another one is to the Azure SQL Database, taking database password from the Key vault.
FOR SQLDB linked service, is defined this way:
Here, AZKeyVaultName parameter is used to connect to a keyvault by name. I can use either parameter here or hard code the key vault name (not using linked service parameter). When using parameter, its value gets propagated from particular pipeline, at the run time, which can be a value taken from Global parameters defined for each Data factory environments.
However, the problem is with the REST Linked service. Defined this way
where they Keyvault link is like this:
When in the last picture keyvault name is hardcoded as dmkeyvault1 - everything works correctly. However,
they way I want it is to pass a value to it dynamically, so like above it will accept changing key vault name at run time.
If i have it as in the last picture, I am getting error in trying to connect with the REST Linked service
The error is:
The parameters and expression cannot be resolved for schema operations. Error Message: { "message": "ErrorCode=InvalidTemplate, ErrorMessage=The template function 'linkedService' is not defined or not valid." }
I do not understand how this is different from what is taking place in the SQLDB Linked Service, where it is working correctly. Having to hard code keyvault name defies the purpose of continuous integration for me.
Azure Key Vault
Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
{count} vote
-
AnnuKumari-MSFT 34,566 Reputation points Microsoft Employee Moderator2023-04-25T12:41:33.4966667+00:00 Hi Dmitriy Ryabin , Thankyou for using Microsoft Q&A platform and thanks for posting your query here. From the description of the query, it seems that you are getting an error when you are trying to pass the keyVault name in the REST API linked service dynamically using the parameter. Please let me know if that is not the case. Please make sure that while passing this expression :
@linkedService().AZKeyVaultNameyou are not directly writing it on the textbox , instead you open the expression builder by clicking 'Add dynamic content' and select the parameter from the parameters section. Also, if it's not working, kindly try adding {} to the expression in order to convert it to proper string format, making the expression as :@{linkedService().AZKeyVaultName}Hope it helps. Kindly let us know how it goes. Thankyou
-
Dmitriy Ryabin 6 Reputation points
2023-04-25T13:39:09.7633333+00:00 IS there anybody who can help with this ?
-
AnnuKumari-MSFT 34,566 Reputation points Microsoft Employee Moderator
2023-04-26T08:28:56.9166667+00:00 Dmitriy Ryabin , I had a check with the internal team and found that there is no limitation in the product regarding the usage of parameters in the keyVault linked service. The issue you are facing is strange and unexpected. I would recommend you to create a support ticket with Microsoft so that our product team can directly engage with you and provide solution after deeper investigation. Here is how you can do that: Create an Azure support request If you have a support plan you may file a support ticket to get to the root of this , else could you please send an email to azcommunity@microsoft.com with the below details, so that we can create a one-time-free support ticket for you to work closely on this matter. Subscription ID: Subject : Attn Annu
-
AnnuKumari-MSFT 34,566 Reputation points Microsoft Employee Moderator
2023-05-03T05:21:26.01+00:00 Hi Dmitriy Ryabin ,
Did you get a chance to file a support ticket?
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 20%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
Carrie 50 Reputation points2025-02-10T09:42:43.4966667+00:00 Hi, is there any solution for this issue?
Sign in to comment
Sign in to answer