Closed RodrigoGroener closed 4 years ago
Hi, do you mean after the deploy in Azure? Meaning inside the Logic App when deployed? That is hard for this tool to achive and I would sugest getting the value from keyvault insteead (via the keyvault action)
This is solved but forgott to close the issue
Source Logic App Definition with parameter "CRM_HTTP_AzureAD_Secret":
"CRM_HTTP_AzureAD_Secret": { "type": "SecureString" }
Creates following ARM Template Parameter
"paramCRM_HTTP_AzureAD_Secret": { "type": "securestring", "defaultValue": "" }
That is used in the embedded Logic App definition:
"CRM_HTTP_AzureAD_Secret": { "type": "SecureString", "defaultValue": "[parameters('paramCRM_HTTP_AzureAD_Secret')]" }
What leads to that the secrect gets exposed in the "defaultValue" after the deployment:
"CRM_HTTP_AzureAD_Secret": { "defaultValue": "XXXXXX SECRECT VALUE XXXXXXXX", "type": "SecureString" }
So i think it would be nice to remove default value output for SecureString oder SecureObject parameters in the created template. What do you mean?