I am in the process of deploying several LogicApps from Visual Studio to Azure, and they all rely on the same API Connections, specifically for FTP and File System. These LogicApps were initially obtained from Cloud Explorer. However, each deployment appears to modify the API Connection settings. I understand this happens because each LogicApp includes details for these connections. I’ve attempted to exclude sensitive information such as username
and password
from the LogicApp’s JSON configuration, but this results in those fields being reset to empty values.
My objective is to configure the deployment to utilize the existing API Connection named ftp1
, preserving its cloud-defined properties. This would eliminate the necessity of updating the same password across multiple LogicApp JSON files.
Deploying LogicApps without altering existing API connection settings can streamline your workflow significantly. Here’s a practical approach to achieve this:
- Use Parameter Files: When deploying multiple LogicApps, use Azure Resource Manager (ARM) templates with parameter files. This allows you to define the API connection
id
as a parameter and reuse existing API connections without specifying sensitive information explicitly.
- Reference Existing Connections: In your LogicApp template, ensure the
connectionName
matches the existing connection and the connection id
parameter points to the already configured resource's ResourceId
. This can be done by setting the api:connections
resource in your ARM template to link with the connection named ftp1
:
"resources": [
{
"type": "Microsoft.Web/connections",
"name": "ftp1",
"properties": {
"api": {
"id": "[concat('/subscriptions/', subscriptionId, '/providers/Microsoft.Web/locations/', resourceGroupLocation, '/managedApis/ftp')]"
}
}
}
]
- Deploy via Azure DevOps or CLI: You can automate the deployment using Azure DevOps, ensuring each LogicApp deployment references the shared API connection without redefining sensitive data.
This method preserves your existing API connection properties, serving efficiency while adhering to best practices for sensitive data management. If you need further clarification, feel free to ask!
When deploying LogicApps without modifying existing API connection settings, a solid approach is crucial for both security and efficiency. Here's a fresh perspective to the suggestions already made:
Implement a Stateful Workflow Management Strategy
Unlike previous approaches, consider managing your deployment process with a stateful workflow. This method focuses on persisting the state of API connections and details across deployments, leading to unchanged settings.
- Persist Connection State: Use Azure Key Vault to store sensitive information such as
username
and password
. This persists connection states and eliminates the need to include them directly in your LogicApp JSON configurations.
- Environment Variables: Leverage environment variables or App Settings in Azure to configure connection parameters. The LogicApps can load these at runtime, ensuring reuse of existing API Connection properties without embedding sensitive data.
- ARM Template with Linked Resources: As illustrated before, structure an ARM template that treats LogicApps and API Connections as separate resources. Reference the connection name and ID within the LogicApp section to point to pre-existing connections:
{
"resources": [
{
"type": "Microsoft.Web/connections",
"name": "ftp1",
"properties": {
"api": {
"id": "[resourceId('Microsoft.Web/connections', 'ftp1')]"
}
}
}
]
}
Automating with Bicep Language: Consider utilizing Bicep to simplify ARM JSON syntax, making it easier to manage references to existing resources. This facilitates seamless deployment while leveraging the robust features of ARM templates.
Implementing a stateful approach ensures that existing API Connection settings remain intact and secure, promoting a streamlined and secure deployment process across multiple LogicApps.
Ensuring that your LogicApps deployment does not alter existing API connection settings is crucial for a smooth and secure workflow. Let me offer an alternative approach to complement the existing suggestion:
Utilize ARM Template Linked Templates
To maintain existing API connections without altering their properties, consider using linked templates within your Azure Resource Manager (ARM) deployment. This approach allows you to separate your LogicApps from the API connection definitions, preserving your existing settings.
- Create a Main Template and Linked Templates: Structure your deployment with a main ARM template that references linked templates. The main template can handle the LogicApps, while the linked template can reference existing API connections:
"resources": [
{
"type": "Microsoft.Resources/deployments",
"name": "LinkedTemplate",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "https://path-to-your-logicapp-template.json",
"contentVersion": "1.0.0.0"
},
"parameters": {
"connectionId": {
"value": "[resourceId('Microsoft.Web/connections', 'ftp1')]"
}
}
}
}
]
- Define API Connection Separately: Keep the API connection definition in a separate JSON file or linked template. This allows you to deploy LogicApps without impacting the API connections:
{
"resources": [
{
"type": "Microsoft.Web/connections",
"name": "ftp1",
"apiVersion": "2018-07-01",
"properties": {
"displayName": "ftp connection",
"customParameterValues": {},
"parameterValues": {},
"api": {
"id": "/subscriptions/{subscriptionId}/providers/Microsoft.Web/locations/{location}/managedApis/ftp"
}
}
}
]
}
- Deployment: Use Azure DevOps, Azure CLI, or PowerShell for your deployments, ensuring that LogicApps and API Connections are deployed from their respective templates without conflicting changes.
This approach helps maintain your existing API connection settings intact, ensuring a hassle-free and efficient deployment process. Feel free to implement these techniques for a more robust setup.
To deploy LogicApps while preserving existing API Connection settings, follow this simple approach:
- Use ARM Templates: Deploy LogicApps using ARM templates. Set the API connection's
connectionName
and id
to use existing resources, like ftp1
:
{
"resources": [
{
"type": "Microsoft.Web/connections",
"name": "ftp1",
"properties": {
"api": {
"id": "/subscriptions/[subscriptionId]/providers/Microsoft.Web/locations/[location]/managedApis/ftp"
}
}
}
]
}
Avoid Sensitive Data: Exclude username
and password
from templates. Ensure templates reference existing connections, using resource IDs, to eliminate reconfiguration per deployment.
Automate Deployments: Use Azure DevOps or Azure CLI for deployments to consistently reference shared API connections without redefining data.
This strategy keeps your API connection settings secure and unchanged across deployments.
To avoid altering your API Connection settings when deploying LogicApps, you can follow a straightforward yet effective method:
- Parameterize Connection Details: Leverage Azure Resource Manager (ARM) templates with parameter files to manage your API connections. Specify the API connection
id
as a parameter, allowing you to utilize existing connections without including sensitive fields like username
and password
.
- Reference Existing API Connection: In your ARM template, ensure the LogicApps refer to the existing API connection by setting the
connectionName
to the current connection's name, and use the appropriate ResourceId
:
{
"resources": [
{
"type": "Microsoft.Web/connections",
"name": "ftp1",
"properties": {
"api": {
"id": "/subscriptions/{subscriptionId}/providers/Microsoft.Web/locations/{location}/managedApis/ftp"
}
}
}
]
}
Automate Deployment: Utilize automation tools like Azure DevOps or Azure CLI for deployment. This ensures each LogicApp uses shared API connections without requiring re-entry of sensitive data each time.
By following these steps, you can effortlessly preserve your existing API connection settings across all LogicApp deployments, optimizing both efficiency and security.