Using Managed Identity with Consumption and Standard Logic Apps with Azure Service Bus

by | Feb 8, 2024 | Azure Integration Thoughts, Tips and Tricks, Videos | 0 comments

Managed Identity with Consumption and Standard Logic Apps

An easy and secure way to have Logic Apps communicate with other Azure Services is by using a system and user-assigned identities.

This entails assigning resource-specific or user-specific permissions inside the Azure Service, like Service Bus.

Getting started with this depends on whether you are using Consumption or Standard Logic Apps.

 

Consumption Logic Apps

If you are using consumption Logic App, it must be enabled to use the System or User assigned identity.  This must be done for each consumption Logic App needing access.

To enable this:

  • Go to Identity under Settings of the Logic App.
  • Inside Identity, under System assigned, move the Status selector to On.
  • Press Save.

Logic Apps Set Identity

Once you add the role assignment to the Azure resource (in this case the Service Bus), go back into the consumption Logic App to create a connection to the Service Bus. 

Select Logic Apps Managed Identity under Authentication Type.  Paste the service bus namespace with the sb:// like:  “sb://sb-yt-tiptricks-centralus.servicebus.windows.net”

Ensure to not forget the sb:// prefix on the namespace name!

 

Standard Logic Apps

Working with system and user assigned identities for Standard Edition Logic Apps is even easier!  System identity is enabled by default at the Logic App level.  Remember, the Logic Apps in Standard can contain multiple workflows.  All the workflows will share the same identity.

Once you add the role assignment as seen below to the Service Bus, go back into a workflow to create a connection.  Select Managed Identity under Authentication Type.  Paste the service bus namespace without the sb:// like:  “sb-yt-tiptricks-centralus.servicebus.windows.net”

 

Setting up the Azure Service – in this Service Bus

Inside the Azure service that the Logic App wants access to, in this example, Service Bus, go to Access Control (IAM).

Here you can view, edit, remove, and add resource permissions.

To add a new assignment, go to Add and select Add tole assignment.

Select the role you want to assign along with the resource. 

It is that simple!

Service Bus Access Control

 

See this in action in the YouTube video below.

Looking for other Azure quick tips and tricks, check them all out here:  https://www.stephenwthomas.com/azure-integration-services-tips-and-tricks/

Submit a Comment

Your email address will not be published. Required fields are marked *