看起来我们现在可以在逻辑应用程序中使用SQL Server连接器对Azure AD进行身份验证,这太棒了!
这是新连接器下拉列表的屏幕截图。
我的问题是,当我通过ARM模板更改此连接器的名称时,当我在Azure Api连接刀片中为该连接选择"编辑Api连接"时,我不再有Azure AD集成选项,它看起来像SQL Server身份验证连接。
从逻辑应用创建连接时与Azure AD集成的Api连接
从ARM模板创建Api连接时
从我所看到和尝试的情况来看,当我从Azure导出模板时,它们看起来完全相同。以下是示例。
从Azure AD集成连接导出模板:
"resources": [
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"name": "[parameters('azure_ad_authenticated_connection')]",
"location": "<valid_location>",
"properties": {
"displayName": "{<db_name>} {<db_server_name>}",
"customParameterValues": {},
"api": {
"id": "[concat('/subscriptions/<subscription_id>/providers/Microsoft.Web/locations/<location>/managedApis/', parameters('connections_sql_name'))]"
}
}
}
]
从SQL Server身份验证连接导出模板:
"resources": [
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"name": "[parameters('sql_server_auth_connection')]",
"location": "<valid_location>",
"properties": {
"displayName": "<display_name>",
"customParameterValues": {},
"api": {
"id": "[concat('/subscriptions/<subscription_id>/providers/Microsoft.Web/locations/<valid_location>/managedApis/sql')]"
}
}
}
]
是否有人能够从ARM模板成功创建Azure AD集成连接?
事实上,这会变得疯狂!
当Azure导出ARM模板时,它从不包括必须保持安全的参数因此,您以一个不完整的ARM模板结束。在您的情况下,您必须添加
"parameterValueSet": {
"name": "oauth",
"values": {}
}
完整的模板是:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"sql_Connection_Name": {
"defaultValue": "sqlConnectionWithOAuth",
"type": "String"
},
"sql_Connection_DisplayName": {
"defaultValue": "sql Connection with OAuth",
"type": "String"
},
"logicAppLocation": {
"defaultValue": "westeurope",
"type": "String"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"name": "[parameters('sql_Connection_Name')]",
"location": "[parameters('logicAppLocation')]",
"properties": {
"displayName": "[parameters('sql_Connection_DisplayName')]",
"customParameterValues": {},
"api": {
"id": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/', resourceGroup().location, '/managedApis/sql')]",
"type": "Microsoft.Web/locations/managedApis"
},
"parameterValueSet": {
"name": "oauth",
"values": {}
}
}
}
]
}
对于进一步的需求,您可以使用ARMclient来找出丢失的参数。对于sqlapi连接:
armclient.exe get https://management.azure.com/subscriptions/{SubscriptionId}/Microsoft.Web/locations/{LogicAppLocation}/managedApis/sql?api-version=2016-06-01
您将得到一个长的json描述,其中包括'oauth'参数:
"name": "oauth",
"uiDefinition": {
"displayName": "Azure AD Integrated",
"description": "Use Azure Active Directory to access your SQL database."
},