DEV Community

Leonard Soetedjo
Leonard Soetedjo

Posted on

7 3

Parameterising Logic App (Standard) connections.json with bicep - Part 2

Continuing from where we left off, the next step is to update the appsettings, and set connections.json to read from appsettings.

This is where it gets interesting. After lots of searching thru' the internet and testing, there are a couple of points to highlight:

  1. We can't replace the managedApiConnections information as a whole string, i.e. the below setting won't work

    ...
    
    "managedApiConnections": {
      "azureblob_1": {
        "api": {
          "id": "@appsetting('azureBlobApiId')"
        },
        "authentication": {
          "type": "ManagedServiceIdentity"
        },
        "connection": {
          "id": "@appsetting('azureBlobConnectionId')"
        },
        "connectionRuntimeUrl": "@appsetting('azureBlobConnectionRuntimeUrl')"
      }
    }
    ...
    

    With the above, our connections seems to be working. Looking at the API connections' status, it reports "Connected". All is well, it seems...until we try to save a workflow. When we try to save the workflow, we're shown a puzzling error:

    Workflow saved successfully. Workflow validation failed for the workflow 'xxxxxxxxxx'. The file 'connections.json' contains invalid expressions. The allowed expression functions are 'xxxxxxxxxx'.
    
  2. To workaround the above issue, we can find the hint from this doc Create cross-environment parameters for workflow inputs in Azure Logic Apps. In essence, rather than the above, we should instead create the following (the below code will still cause an error when saving a workflow. see step 3 for the last observation and workaround)

    ...
    
    "managedApiConnections": {
      "azureblob_1": {
        "api": {
          "id": "/subscriptions/@{appsetting('WORKFLOW_SUBSCRIPTION_ID')}/providers/Microsoft.Web/locations/@{appsetting('WORKFLOW_LOCATION')}/managedApis/azureblob"
        },
        "authentication": {
          "type": "ManagedServiceIdentity"
        },
        "connection": {
          "id": "/subscriptions/@{appsetting('WORKFLOW_SUBSCRIPTION_ID')}/resourceGroups/@{appsetting('WORKFLOW_RG_NAME')}/providers/Microsoft.Web/connections/azureblob"
        },
        "connectionRuntimeUrl": "@appsetting('azureBlobConnectionRuntimeUrl')"
      }
    }
    ...
    

    Note: only connectionRuntimeUrl can successfully use appsettings. apiId and connectionId can somehow be partially parameterised.

  3. Last observation, the above Microsoft doc recommendation for interpolated format by enclosing expression using curly brackets {} doesn't seem to work. In the end, we have to remove the curly brackets so that the final connections.json will look like this:

    ...
    
    "managedApiConnections": {
      "azureblob_1": {
        "api": {
          "id": "/subscriptions/@appsetting('WORKFLOW_SUBSCRIPTION_ID')/providers/Microsoft.Web/locations/@appsetting('WORKFLOW_LOCATION')/managedApis/azureblob"
        },
        "authentication": {
          "type": "ManagedServiceIdentity"
        },
        "connection": {
          "id": "/subscriptions/@appsetting('WORKFLOW_SUBSCRIPTION_ID')/resourceGroups/@appsetting('WORKFLOW_RG_NAME')/providers/Microsoft.Web/connections/azureblob"
        },
        "connectionRuntimeUrl": "@appsetting('azureBlobConnectionRuntimeUrl')"
      }
    }
    ...
    

Once the above settings are done, we're now able to make use of the API connections and save workflows successfully.

Heroku

Built for developers, by developers.

Whether you're building a simple prototype or a business-critical product, Heroku's fully-managed platform gives you the simplest path to delivering apps quickly — using the tools and languages you already love!

Learn More

Top comments (0)

Jetbrains image

Is Your CI/CD Server a Prime Target for Attack?

57% of organizations have suffered from a security incident related to DevOps toolchain exposures. It makes sense—CI/CD servers have access to source code, a highly valuable asset. Is yours secure? Check out nine practical tips to protect your CI/CD.

Learn more

👋 Kindness is contagious

Dive into this informative piece, backed by our vibrant DEV Community

Whether you’re a novice or a pro, your perspective enriches our collective insight.

A simple “thank you” can lift someone’s spirits—share your gratitude in the comments!

On DEV, the power of shared knowledge paves a smoother path and tightens our community ties. Found value here? A quick thanks to the author makes a big impact.

Okay