Retrieve Azure Key Vault secrets from Logic Apps using Managed Identity

Posted on September 30, 2019 by Eldert Grootenboer

When working with Azure, we should always put our secrets into a secure store, such as Key Vault. This ensures that we can limit who can see the values of our secrets, while still being able to work with them. How we work with these secrets is different over the various services, and in this article we will focus on Logic Apps, while other services will be explained in their own posts later on.

In Logic Apps we often will need some sort of secret, for example a subscription key for API Management, or a SAS key for Event Grid. In the scenario for this blog post we are going to send our secret to a RequestBin endpoint, so we can see that we indeed get the correct value.

Continue reading →

Reference Key Vault secret latest version

Posted on September 26, 2019 by Eldert Grootenboer

We use Key Vault extensively in our solutions, to store any secrets we might need. For example in an API through code, in Azure Functions via the application settings, or in a Logic App through a REST call. If you go to your secrets in Key Vault, you will notice that the link to the secret includes a version number, in the format of https://kv-we-retrieve-kv-secret.vault.azure.net/secrets/MySecretValue/80df3e46ffcd4f1cb187f79905e9a1e8.

Of course, this is great if we want to reference a specific version of a secret. However, often we will just want to reference the latest version, so we stay up to date even when the secret has been changed, for example because it is a rotating password.

It turns out, this is very easy, without the need to update the version number in all our applications whenever a new version is created. This is done by just omitting the version number from our link! So the will instead look like https://kv-we-retrieve-kv-secret.vault.azure.net/secrets/MySecretValue/.

Important to notice is the trailing slash ( / ), which needs to be included, otherwise you will just get a 404 error.

Setting filename using message contents

Posted on October 8, 2014 by Eldert Grootenboer

Often you will have to get some content from your messages, and use this to set the filename of your outgoing files, in our case we needed to use a sequencenumber. I will show a way to do this using a pipeline component in a streaming matter.
Continue reading →

Introduction

Posted on March 5, 2012 by Eldert Grootenboer

Welcome to my blog. First, let me introduce myself. My name is Eldert Grootenboer, I live in the Netherlands, and I work as a BizTalk developer at a large IT consultancy company.
I have set this blog up to have a single point of reference for solutions for the problems I find in my daily work, and hopefully others will find these posts helpful as well. These solutions can be either things I come up with myself, things I learn from my collegues or things I have found on the internet (and often a combination of these).
If you have any questions, don’t hesitate to contact me.

Wonderful world of Microsoft integration

A blog about everything Microsoft integration

Category Archives: Uncategorized

Retrieve Azure Key Vault secrets from Logic Apps using Managed Identity

Reference Key Vault secret latest version

Setting filename using message contents

Introduction