Azure · Azure ARM Template · Azure DevOps

{Azure ARM Template} Common Data Service API Connection using Service Principle

Logic App CDS integration require new API Connection to be created when you want to deploy/automate using ARM.

ARM template for Logic App can be exported from Azure portal. The problem with exported template is it does not specify required attribute for API Connection resource.

Today I will walk you through the ARM Template which can be combined with Logic App resource to create CDS API Connection.

{
            "type": "Microsoft.Web/connections",
            "apiVersion": "2016-06-01",
            "name": "[variables('CDSConnectionName')]",
            "location": "[variables('location')]",
            "properties": {
                "displayName": "[variables('CDSConnectionName')]",
                "customParameterValues": {
                },
                "api": {
                    "id": "[variables('CDSConnectionId')]"
                },
                "parameterValues": {
                    "token:clientId": "[parameters('clientId')]",
                    "token:clientSecret": "[parameters('clientSecret')]",
                    "token:TenantId": "[subscription().tenantId]",
                    "token:grantType": "client_credentials"
                }
            }
        }

If you look closely at the resource ARM template for API Connection the required and most important attributes are parameterValues.

Define variables in your ARM template as below.

"location": "[resourceGroup().location]",
"baseConnectionsId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/', variables('location'), '/managedApis/')]",
        "CDSConnectionId": "[concat(variables('baseConnectionsId'), 'commondataservice')]",
        "CDSConnectionName": "commondataservice"

Define below parameters in your ARM Template

"clientId": {
            "type": "securestring",
            "metadata": {
            "description": "Client (or Application) ID of the Azure Active Directory application."
            }
        },
        "clientSecret": {
            "type": "securestring",
            "metadata": {
            "description": "Client secret of the Azure Active Directory application."
            }
        }

Note:-
1. You could store the ClientId and ClientSecret in Key vault. And reference that in parameter file to retrieve the keyvault secret.

Hope this helps!

2 thoughts on “{Azure ARM Template} Common Data Service API Connection using Service Principle

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s