MLogdberg
commented
4 years ago Hi, do you mean after the deploy in Azure? Meaning inside the Logic App when deployed? That is hard for this tool to achive and I would sugest getting the value from keyvault insteead (via the keyvault action)
Source Logic App Definition with parameter "CRM_HTTP_AzureAD_Secret":
"CRM_HTTP_AzureAD_Secret": { "type": "SecureString" }Creates following ARM Template Parameter
"paramCRM_HTTP_AzureAD_Secret": { "type": "securestring", "defaultValue": "" }That is used in the embedded Logic App definition:
"CRM_HTTP_AzureAD_Secret": { "type": "SecureString", "defaultValue": "[parameters('paramCRM_HTTP_AzureAD_Secret')]" }What leads to that the secrect gets exposed in the "defaultValue" after the deployment:
"CRM_HTTP_AzureAD_Secret": { "defaultValue": "XXXXXX SECRECT VALUE XXXXXXXX", "type": "SecureString" }So i think it would be nice to remove default value output for SecureString oder SecureObject parameters in the created template. What do you mean?