133 - Using Managed Identities to call EasyAuth enabled Logic Apps (Standard) Triggers

Подписаться 4 тыс.

Просмотров 1,5 тыс.

50% 1

In this video, we will discuss how to use both System and User assigned Managed Identities to call EasyAuth enabled Logic Apps (Standard).
Referenced videos:
Last week's video: 131 - Enabling EasyAuth for Azure Logic Apps (Standard) HTTP Triggers • 131 - Enabling EasyAut...
127 - Using Managed Identities to connect Azure Logic Apps with Azure Blob Storage • 127 - Using Managed Id...

Наука

Опубликовано:

19 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 10

@rezcan 2 года назад

Classy act, Thanks for the shout out Kent!…The beauty of the solution you demonstrated in this video is that now you can use DefaultAzureCredentials() class in an Azure Arc enabled server on-prem and call your logic apps from virtually "anywhere" using Azure Arc enabled server's managed identity and EasyAuth and without having to store the secrets on prem or in keyvault (egg or chicken scenario you pointed out). Isn't that nice? Extending the reach of your security solution beyond Azure and reducing the attack surface even further!

@KentWeare 2 года назад

agreed - thanks!

@vigneshbe89 3 месяца назад

@KentWeare is there any latest way of doing this authorization from azure portal or via ARM template itself. Please guide.

@srikkar 7 месяцев назад

Thanks for the Video, Are you able to call Azure openAI with managed Identity from Logic App? For some reason, it's failing with exception: App not registered

@PAwader Год назад

Great video. It's a real shame that they don't have a nice way to modify the logic app standard's access policy other than the rest API calls. It makes your cicd pipelines a bit of a nightmare.

@KentWeare Год назад

This is something on the roadmap but hopefully the video gets you unblocked

@nandishwargarg1087 8 месяцев назад

@KentWeare Is there a way to enable EasyAuth without using Service Principal ? For eg: Only using User Assigned Managed Identity's credentials (i.e., clientId, objectId). Basically, I want to see how we can implement API Management Service to Standard Logic App flow using User Assigned Managed Identity.

@KentWeare 8 месяцев назад

So in the video you added a comment to, we cover: "In this video, we will discuss how to use both System and User assigned Managed Identities to call EasyAuth enabled Logic Apps (Standard)." Is that not what you are looking for?

@nandishwargarg1087 8 месяцев назад

@@KentWeare I am trying to call HTTP endpoint of Standard Logic App's workflow from API Management Service using User Assigned Managed Identity. I have added the following xml property in inbound policies: resource: Application ID of App Service Plan associated with Standard Logic App. When I try to invoke then, it is throwing me 401 Unauthorized.

@KentWeare 8 месяцев назад

@@nandishwargarg1087 I don't have direct experience with APIM in this scenario, so one suggestion I would have is to have one logic app call another logic app using the method described in video which will validate that you have your logic app config setup properly. You can also probably look at the outbound output (payload) as well to see how it is formed when making the request the 2nd logic app.