klawrawkz
commented
2 years ago Hi, my name is klawrakz. I am fine. How are you?
I'm not a Microsoft employee, but I play one on TV.
The following is solely MY OPINION. Nothing in this statement should be read as anything other than an end user sharing some hard-fought, hard-to-find, experience-based, battle-tested, opinionated, bona fide observations regarding logic apps generally, and logic app connections more specifically.
Furthermore, it is my sincere hope that Microsoft will recognize the issues surrounding the pseudo-notion that logic apps are suitable for the enterprise, and will make repairs to correct the perceived logic app flaws in one furious lightning-like fell swoop. Low, in the blink of an eye, Microsoft logic apps, repaired and rejuvenated, can be ready for the enterprise. That would be nice, IMHO.
Onward.
My understanding is that LA connections are inherently problematic in an enterprise best practice context. Why is this you ask, when Microsoft is promoting these "logic app thingies" as appropriate for the enterprise? Good Question. Microsoft, care to chime in here? We see this still open issue was created in November of 2021. We probably feel as if we are being ignored. In what emotional state does this leave us? Frustrated desperation? Sullen embitterment? Shocked disbelief? Passive-aggressive quasi-acceptance? Blissful ignorance? I don't know which single emotion is most accurate. All of them work for me. So pick one, please. Or pick a few. Or pick them all. Or add some emotional states of your own. We can each of us create our own unique Mr. Logic Potato App Head Doll (LPAHD) to play with and do some TA therapy while we wait for an answer here.
As I say, we notice NOT EVEN ONE reply from our esteemed colleagues at Microsoft. In my opinion, I say this is strictly MY OPINION (not yelling, emphasizing so there can be no mistake), logic apps are non-code, non-happenin', non-goin' down in the enterprise, JSON MUDBALLS that are not suitable for enterprise use. Connection problems are one reason for this opinion.
My understanding of logic app connections is the following. Many logic app connections rely on Azure Active Directory Open Authentication (Azure AD OAuth). Azure AD OAuth connections need to be MANUALLY authenticated or reauthenticated in the Azure portal to acquire a new access token. There are other mechanisms, but the portal is the easiest and recommended way to work with Azure AD OAuth authentication. For more details see logic app connectors overview, and single tenant authentication.
It is for this, or a similar, reason that your connection is not working. If you deploy the logic app via any modern enterprise approved technique, e.g. devops automation, you need to deploy the logic app WITHOUT connections. Then in the azure portal, you MANUALLY open each logic app you deployed via your automated best practice. Manually, you know, BY HAND, and probably against enterprise best practice guidance, open the logic app under study in the azure portal logic app "designer." Once you have opened your logic app, you will notice red exclamations pointing out what you already know. Your connections "need some attention." Manually create a new connection for each step that requires a connection in your logic app. Save the changes. Wash, Rinse, Repeat for all the logic apps you have deployed via automation.
The NEXT time you deploy the SAME logic apps via automation, the connections will be valid since you manually validated them (we must repeat) BY HAND, you know, MANUALLY, the first time you deployed them. Again, you are NOT deploying logic apps with connections. You are deploying denatured logic apps with placeholders for connections. Hence, after a second, third, fourth, and so on, deployment, you do not overwrite the connections that you initially MANUALLY validated using the portal logic app designer after the initial deployment. Thus, your automated deployment should work fine after the FIRST deployment and MANUAL connection validation operation is complete.
You can find more information about logic apps and connections here, and here.
I'm droppin' the mike and playing with my LPAHD now. Doing TA for Potatoes. Over and Out.
Its seems that when working with managed identities the ARM template is not generated properly. When comparing the code from Azure portal and the generated code from the tool there is no authentication property created for the ARM. See below error when deploying.
Any idea what I'm doing wrong. when running the logic app from azure portal, there is no problem.
[error]WorkflowManagedIdentityConfigurationInvalid: The workflow connection parameter 'azuredatafactory' is not valid. The API connection 'azuredatafactory' is configured to support managed identity but the connection parameter is either missing 'authentication' property in connection properties or authentication type is not 'ManagedServiceIdentity'