Contents x
    Pushing the Logic App url to Key Vault
    • 14 Apr 2020
    • 1 Minute to read
    • Contributors
    • Print
    • Comment
    • Dark
      Light
    • PDF
    Contents

    Pushing the Logic App url to Key Vault

    • Updated on 14 Apr 2020
    • 1 Minute to read
    • Contributors
    • Print
    • Comment
    • Dark
      Light
    • PDF
    Article summary

    If you are developing a Logic App and you need another component to consume the Logic App at runtime it is likely that the component may call the Logic App via its HTTP trigger. An example of this might be:

    1. You want to configure API Management to proxy your Logic App and the APIM deployment needs to get the Logic App url when deploying
    2. You are deploying a function that needs to use the Logic App and you need to grab the url at runtime or deployment time to make the http call

    In both of these cases (or others) you might find it useful to add the Logic App url to Key Vault during the Logic App deployment so that consumers can just grab a secret from Key Vault. To do this we can use a Powershell script that uses the Az azure modules for Powershell to access the Logic App, get its trigger url and then save it as a secret in key vault. This means on your local development environment you can easily run the script on your machine to copy the value in development and at the same time you can easily use the script in an Azure DevOps pipeline do achieve the same by parameterising the script so it can be ran in different environments.

    Below is an example script you can use to achieve this.

    
#This script is used to get the url including secret for a logic app and to load it to key vault for integration with APIM

#Settings for DevOps which pull from pipeline variables
#$resourceGroupName = $(CommonSetting_ResourceGroup_Name)
#$keyVaultName = $(CommonSetting_KeyVault_Name)


$resourceGroupName = '[MyResourceGroupName]'
$keyVaultName = '[MyKeyVaultName]'

function SaveLogicAppUrlToKeyVault([string] $logicAppName, [string] $keyVaultSecretName)
{
    Write-Host 'Updating Rule for: '$logicAppName

    $logicApp = Get-AzLogicApp -ResourceGroupName $resourceGroupName -Name $logicAppName
    $triggerUrl = Get-AzLogicAppTriggerCallbackUrl -Name $logicApp.Name -ResourceGroupName $resourceGroupName -TriggerName manual       

    $secureStringKey = ConvertTo-SecureString -String $triggerUrl.Value -AsPlainText -Force
    Set-AzKeyVaultSecret -VaultName $keyVaultName -Name $keyVaultSecretName -SecretValue $secureStringKey
}


SaveLogicAppUrlToKeyVault -logicAppName '[MyLogicAppName]' -keyVaultSecretName '[MySecretName]'

    Hopefully you will find this useful for deployment scenarios when your composite apps need to consume Logic Apps you develop.

    Was this article helpful?
    What's Next