Reputation: 31
Failed to edit Key Vault API connection
I am using Azure Key Vault connector in the logic apps and for deploying the logic apps using ARM templates.
In the ARM templates I have added the Microsoft.Web/connections resource to include Key Vault API connection.
The API Connection gets successfully deployed, but when I open it on the portal to Authorize it I get an error :- "Failed to edit Api connection "keyvault"".
The resource template of the key vault looks like below :-
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"name": "[parameters('connections_keyvault_name')]",
"location": "[parameters('location')]",
"properties": {
"api": {
"id": "[concat('/subscriptions/',subscription().subscriptionId,'/providers/Microsoft.Web/locations/', parameters('location'), '/managedApis/', parameters('connections_keyvault_name'))]"
},
"displayName": "",
"customParameterValues": {}
}
}
The status of the API connection after deployment always shows "Error". However, I am using office365 API connection as well which works fine after deployment i.e. when I authorize it, it allows me to save it.
Can anyone please help me with this issue? This is blocking us to move this logic app to production.
Thanks,
Archana Kolte
Upvotes: 3
Views: 1270
Answers (2)
Reputation: 26
If you are using managed identity based authentication when trying to connect to key vault you should have a property "parameterValueType": "Alternative" in the ARM Template
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"name": "[parameters('connections_keyvault_name')]",
"location": "[parameters('location')]",
"properties": {
"api": {
"id": "[concat('/subscriptions/',subscription().subscriptionId,'/providers/Microsoft.Web/locations/', parameters('location'), '/managedApis/keyvault')]"
},
"displayName": "",
"parameterValues": {
"parameterValueType": "Alternative"
}
}
}
Upvotes: 0
Reputation: 6647
You have to add the key vault name to connect to by setting the vaultName property under properties.paramaterValues.
Also, the end of the properties.api.id is the same for all Key Vault API Connections and should be /managedApis/keyvault.
Your ARM template would look something like this
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"name": "[parameters('connections_keyvault_name')]",
"location": "[parameters('location')]",
"properties": {
"api": {
"id": "[concat('/subscriptions/',subscription().subscriptionId,'/providers/Microsoft.Web/locations/', parameters('location'), '/managedApis/keyvault')]"
},
"displayName": "",
"parameterValues": {
"vaultName": "<name-of-your-key-vault>"
}
}
}
Upvotes: 3
Related Questions
- Azure Key Vault with Logic app, but empty Event section
- How to create Api connection to Azure KeyVault for Logic App with Managed Identity
- Application setting of Key vault reference missing in logicapp
- Azure Key Vault with App Service connection error
- “Key vault access denied” in azure web app configuration setting
- How can I create API connection to Azure KeyVault when deploying Logic App from ARM template in DevOps
- Azure Keyvault error: Tried the following 3 methods to get an access token, but none of them worked
- Cannot set secret value in Azure Key Vault
- Azure Key Vault: Secret not found error
- Using Azure Key vault on Azure Logic App API Connection