Share via

Bicep_Logic app connection using serviceprincipal

Merin Mary 20 Reputation points
2024-07-30T15:11:07.5766667+00:00

I am deploying a Logic App in a centralized tenant. This Logic App includes an action that queries a Log Analytics workspace in another tenant. I successfully created the connection from the Azure portal, and it worked as expected. Now, I need to deploy the Logic App using a Bicep template.

I am encountering the following error when trying to create the connection in the Bicep template:

Details:errorCode: ParameterNotDefined. Message: Parameter 'authenticationType' is not allowed on the connection since it was not defined as a connection parameter when the API was registered.

Here is the Bicep template I used:

resource azureMonitorLogsConnection 'Microsoft.Web/connections@2016-06-01' = {
  name: 'azuremonitorlogs-connection'
  location: location
  properties: {
    displayName: 'Azure Monitor Logs'
    api: {
      id: subscriptionResourceId('Microsoft.Web/locations/managedApis', location, 'azuremonitorlogs')
    }
   // serviceprincipal authentication
    parameterValues: {
      authenticationType: 'ServicePrincipal'
      clientId: clientId
      clientSecret: clientSecret
      tenantId: tenantId
    }
    
  }
}
Azure Logic Apps
Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
3,213 questions
0 comments
Accepted answer
  1. Luis Arias 7,131 Reputation points
    2024-07-30T19:13:41.2033333+00:00

    Hello Merin Mary,

    I understood that you are trying to deploy the connection to Azure Monitor from Logic Apps by bicep templates, In this specific case the template that you using have some mistakes that I would suggest to verify on the documentation page for this resource Microsoft.Web connections:

    https://learn.microsoft.com/en-us/azure/templates/microsoft.web/connections?pivots=deployment-language-bicep

    Additionally I created this template that is already working , there are some parameters that is not in the documentation, so you can update with your service principal values to use it:

    resource sqlApiConnection 'Microsoft.Web/connections@2016-06-01' = {
  name: 'AzMonitorConnection'
  location: resourceGroup().location
  properties: {
    displayName: 'auth-spn-01'
    //TODO: Hidden Parameter
    parameterValueSet: {
      name: 'oauthServicePrincipal'
      values: {
          'token:clientId': {
              value: '<Your Cliente ID>'
          }
          'token:clientSecret': {
              value: '<Your client Secret>'
          }
          'token:TenantId': {
              value: '<Your tenant ID>'
          }
      }
    }
    api: {
      id: subscriptionResourceId('Microsoft.Web/locations/managedApis', resourceGroup().location, 'azuremonitorlogs')
    }
  }
}

    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    Regards,

    Luis

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.