I tried to automate to manage hybrid connections in azure through deployment of arm template through storage blobs . The problems comes when it asks for key and value which is entered in user metadata property .The template is deployed successfully but when I try to open the properties page of Hybrid connection it shows an error whose image is being shared.
I am also sharing some part of the arm template which shows how I define user metadata.
I have tried changing the syntax of the user metadata property in the json file but that doesn't help.
{
"name": "[concat(parameters('servicebus_name'),
'/hybridConnectionName')]",
"type": "Microsoft.Relay/namespaces/hybridConnections",
"apiVersion": "2017-04-01",
"location": "East US",
"dependsOn": [
"[resourceId('Microsoft.Relay/namespaces',
parameters('servicebus_name'))]"
],
"properties": {
"requiresClientAuthorization": true,
"userMetadata": "\"
[concat('[{\\\"key\\\":\\\"endpoint\\\",\\\"value\\\":\\\"',
variables('myEndpoint'), '\\\"}]')]\" "
]
}
}
The error message is displayed on the properties page of Hybrid connections and it shows :
Part's onInputsSet promise failed.(id: Microsoft_Azure_Relay-fx-010-00e)
Related
I have developed a powershell script that allows me to download the Logic Apps from the portal in Visual Studio. Along with the JSON template it also downloads the parameters defined in the Logic App (which is how I wanted). We had established connections with Dataverse and Salesforce via Sign in method. But the problem is that when I download the template via Powershell script and update the parameter file to deploy to a different environment it asks for the credentials which are for service principal login. I haven't used service principal login when creating the connection and I don't have those credentials. I tried removing those parameters from both the parameter file and .JSON file but I am getting error as below:
Error: Code=InvalidDeploymentParameterValue; Message=The value of deployment parameter 'commondataservice-5_token:clientSecret' is null. Please specify the value or use the parameter reference.
These parameters were automatically added in my parameter.json file.
"commondataservice-5_token:clientId": {
"value": null
},
"commondataservice-5_token:clientSecret": {
"value": null
},
"commondataservice-5_token:resourceUri": {
"value": null
},
"commondataservice-5_token:grantType": {
"value": "code"
}
This is how the main Logic App template looks like for the dataverse connection
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"location": "[parameters('logicAppLocation')]",
"name": "[parameters('commondataservice-5_name')]",
"properties": {
"api": {
"id": "[concat('/subscriptions/',subscription().subscriptionId,'/providers/Microsoft.Web/locations/',parameters('logicAppLocation'),'/managedApis/commondataservice')]"
},
"displayName": "[parameters('commondataservice-5_displayName')]",
"parameterValues": {
"token:clientId": "[parameters('commondataservice-5_token:clientId')]",
"token:clientSecret": "[parameters('commondataservice-5_token:clientSecret')]",
"token:TenantId": "[parameters('commondataservice-5_token:TenantId')]",
"token:resourceUri": "[parameters('commondataservice-5_token:resourceUri')]",
"token:grantType": "[parameters('commondataservice-5_token:grantType')]"
}
}
}
Below is the Powershell command to get the LA template:
Get-LogicAppTemplate -LogicApp fc-cus-dev-int-test-param-dynamicexpression -ResourceGroup FC-CUS-DEV-INT-RG -SubscriptionId xxxxx-xxxxxx -Verbose | Out-File "C:\Users\xxxxxx\Desktop\DynamicExpression-NA.LogicApp.json"
#Powershell command to get the Parameters:
Get-ParameterTemplate -TemplateFile "C:\Users\xxxxx\Desktop\DynamicExpression-NA.LogicApp.json" | Out-File "C:\Users\xxxxxx\DynamicExpression-NA.LAparameters.json"
I have followed this article to download the Logic App: https://blog.sandro-pereira.com/2020/12/21/logic-apps-moving-from-azure-portal-to-visual-studio/
I am having a hard time trying to remove the connection parameters from the parameter file and deploying the LA. Any suggestions or pointers are highly appreciated
You have to update the parameter file with actual values. When you extract a template it creates the parameter file but for for security reasons any value that should not be public (i.e. password) it does not retrieve the existing value. Those values all show as null in your parameter file. You need to get those values and update the parameter file before deploying.
I would like to change the application settings of an azure functions via API. I have found this API For this API I generate such a body:
{
"properties":
{
"appSettings":[
{
"Name":"452bb"
}
]
}
}
After sending my request I get Response Code: 200 but the value of Name doesn't change in Application settings of the Azure functions
Do you have any idea, why it doesn't work for me?
Suppose what you need is Update Application Settings, I try this this could update the application settings.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/config/appsettings?api-version=2019-08-01
Body
{
"id": "subscriptions/{subscriptionId}/resourceGroups/{resource group}/providers/Microsoft.Web/sites/{WebAppName}/config/appsettings",
"name": "appsettings",
"type": "Microsoft.Web/sites/config",
"location": "South Central US",
"tags": {
"hidden-related:/subscriptions/{subscriptionId}/resourceGroups/{groupName}/providers/Microsoft.Web/serverfarms/tomfreePlan": "empty"
},
"properties": {
"Test1": "testValue1" //Added value
}
}
And before update the settings, you could use List Application Settings post way to list the appsetting body firstly.
As for the api you post, this appsettings I check the resource explorer, it's under the web tag and the appsettings you want it's the first tag shown in the below pics. And I try to just change it in the resource explorer, it doesn't show any error however the value still keep null, so just use the Update Application Settings API
I am trying to create an Azure bot using Azure Rest API.
I am hitting this API (PUT Request) via the code by replacing the subscription id, resource group name
https://management.azure.com/subscriptions/{subscription id}/resourceGroups/{resourcegroupId}
/providers/Microsoft.BotService/botServices/{botName}?api-version=2018-07-12
Request body as follows
{"location":"global","properties":{"displayName":"{botName}","description":"{botName}","iconUrl":"https://docs.botframework.com/static/devportal/client/images/bot-framework-default.png","endpoint":"{endPoint}","msaAppId":"{app ID}"}}
However I am getting the error as
{
"error": {
"code": "InvalidBotData",
"message": "Bot is not valid. Errors: RuntimeVersion is required. See https://aka.ms/bot-requirements for detailed requirements."
}
}
I tried using nodejs (arm-botservice SDK) to create the bot using the same parameters (of course changing the parameters according to our azure portal ids) but I am still getting the same error. I guess internally it will call the same API as above.
Any help would be appreciated to resolve this issue.
Finally, I was able to do it.
I added the kind parameter and then it worked.
Following is the request
{"location":"global",kind="registration","properties":{"displayName":"{botName}","description":"{botName}","iconUrl":"https://docs.botframework.com/static/devportal/client/images/bot-framework-default.png","endpoint":"{endPoint}","msaAppId":"{app ID}"}}
Programmatic bot creation can not be done with REST at this time.
How to create Web App bot in azure using programmatically?
Use az cli as #joey-cai mentioned.
To create a Microsoft.BotService/botServices/channels resource, add the following JSON to the resources section of your template.
{
"name": "string",
"type": "Microsoft.BotService/botServices/channels",
"apiVersion": "2018-07-12",
"location": "string",
"tags": {},
"sku": {
"name": "string"
},
"kind": "string",
"properties": {
"channelName": "string"
}
}
Source : https://learn.microsoft.com/en-us/azure/templates/microsoft.botservice/2018-07-12/botservices/channels
I have made a Logic app that listens to an Event Grid Topic and it works fine, but if I delete it and try to create from the template it doesn't work. It never runs.
The problem is that while it does create the API connection to the event grid, it leaves it unauthorized and it doesn't create any subscription to the event grid topic either. At no point are any errors displayed. Everything succeeds, but it just doesn't create everything it is supposed to.
To get around this, I added commands to the Powershell script to authenticate it. This works fine, but this of course does not create the subscription.
If I run the ARM-template again, I expected it to create it now as connection is not valid, but no, it doesn't. I suppose Azure realizes nothing has changed in the template and does nothing? If I edit the ARM-template and change the subscription name, and deploy it again, then the subscription is created and it starts working.
I could of course call the template twice with 2 different subscription names as parameter but that sounds silly. There has to be some better way.
So what would be the best way to create that kind of logic app from templates and scripts?
You can create both your Event Grid Topic Subscription and the Logic Apps connection to it as separate resources. Examples template objects are below. Keep in mind that the connection is using oauth.
Event Grid Topic Subscription
{
"type": "Microsoft.EventGrid/topics/providers/eventSubscriptions",
"name": "[concat(parameters('TopicName'), '/Microsoft.EventGrid/', variables('name'))]",
"location": "[parameters('Location')]",
"apiVersion": "2018-01-01",
"properties": {
"destination": {
"endpointType": "WebHook",
"properties": {
"endpointUrl": "[parameters('Endpoint')]"
}
},
"filter": {
"includedEventTypes": [
"[parameters('EventType')]"
]
}
},
"dependsOn": [
]
}
Web Connection
{
"type": "Microsoft.Web/connections",
"name": "[variables('connectionName')]",
"apiVersion": "2016-06-01",
"location": "[parameters('ConnectionLocation')]",
"properties": {
"displayName": "[variables('connectionName')]",
"api": {
"id": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/northcentralus/managedApis/azureeventgrid/')]"
},
"parameterValues": {
"token:clientId": "[parameters('ConnectionClientId')]",
"token:clientSecret": "[parameters('ConnectionClientSecret')]",
"token:TenantId": "[parameters('ConnectionTenantId')]",
"token:resourceUri": "https://management.core.windows.net/",
"token:grantType": "client_credentials"
}
},
"dependsOn": []
}
I believe there isn't a way to workaround the authorization required after the first time you deploy. So the simplest solution would be to have 2 separate templates - one for the API connection and the other for the Logic App.
Your PowerShell script would deploy the API Connection first, authorize it and then deploy the Logic App.
You could also have them in the same template too and control which is deployed by using a condition on each resource.
I was trying to add Azure key vault integration with our ARM deployment, so we can keep all password in Azure Key-Vault.
I was following this to try to access secret (adminPassword) I have created in Azure KeyVault (dSentienceAnalytics). Here is my template
I tried to deploy this template through Powershell, but it asked me to enter value for variable “adminPassword”, which it supposed to retrieve from Azure key vault.
Do you see what I am missing here?
You cannot use a KeyVault reference in the template itself, only in the parameters file. So your template will not look any differently if you're using KeyVault, the adminPassword parameter will simply be defined as a secureString. The template's use of the password can look exactly like this:
https://github.com/Azure/azure-quickstart-templates/blob/master/101-vm-simple-linux/azuredeploy.json
The parameters file, is where the reference will be used. The first code sample here:
https://azure.microsoft.com/en-us/documentation/articles/resource-manager-keyvault-parameter/#reference-a-secret-with-static-id
Is showing you the parameters file, not the template file's parameter object (it is a bit confusing).
For a really simple example, see the KeyVaultUse.json and KeyVaultUse.parameters.json here:
https://github.com/rjmax/ArmExamples/tree/master/keyvaultexamples
Note that there's nothing unique or different about KeyVaultUse.json, the "key" is in the parameters file.
That help?
You can create a linked template and pass the keyvault secret to that as a parameter. Your linked template will need to be accessible to Azure at some uri.
"name": "linked-template",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri":"<your linked template uri, e.g. a blob-store file with a sas token>"
},
"parameters": {
"password": {
"reference": {
"keyVault": {
"id": "[variables('keyVaultId')]"
},
"secretName": "password"
}
},
You will need the id of your key vault, e.g. here, it's assume to be in a variable constructed from parameters on the top-level template where the user specifies a resource group and name for the key-vault:
"deploymentKeyVaultId" : "[resourceid(subscription().subscriptionId,
parameters('keyVaultResourceGroup'), 'Microsoft.KeyVault/vaults',
parameters('keyVaultName'))]",
What are you trying to deploy? If it is an app service you can retrieve the secret from Key Vault with the combination of leveraging Managed Service Identity and access policy on the Key Vault. Here's how to turn on MSI authentication for App Service and add access policy
In the App Service can add something like this:
{
"apiVersion": "2018-11-01",
"name": "appsettings",
"type": "config",
"dependsOn": [
"[resourceId('Microsoft.Web/Sites', WEBSITE NAME))]",
"Microsoft.ApplicationInsights.AzureWebSites",
"[resourceId('Microsoft.KeyVault/vaults/', variables('keyVaultName'))]",
"[resourceId('Microsoft.KeyVault/vaults/secrets', variables('keyVaultName'), variables('secretName'))]"
],
"properties": {
"ConnectionSecret": "[concat('#Microsoft.KeyVault(SecretUri=', reference(SECRET NAME).secretUriWithVersion, ')')]"
}