KeyVault Unknown Access Policy
If you are adding an Access Policy to Key Vault for an AAD application/service principal, make sure to use the ObjectId of the service principal, which is a different ObjectId than that of the application.
Category: Microsoft Azure
ARM resourceId Function
In its basic form, we need to provide just two pieces of information to the resourceId function: Resource type and resource name. We must add add subscription id and resource group name in situations where the resource is in a different resource group.
Using Deployment and Runtime values in Logic Apps
When using Workflow Definition Language functions in Logic Apps, you might need a combination of deployment and runtime values. This raises the questions whether to use square brackets or ampersand.
ARM Nested Templates
Nested templates are needed when you create related resources via two separate pipelines, ie a servicebus topic and a servicebus topic subscription. The dependency relation between the resources in the different pipelines is achieved via nested templates.
ARM DependsOn
ARM template syntax related to dependency relations: use function resourceId with separate parameters for servicebus, topic and subscription name, not one parameter with a nested reference.
Approvals in a YAML pipeline
Pre-deployment approvals can’t be configured in your YAML pipeline directly, but must be added via DevOps menu Pipelines/Environments.
Secret Environment Variables in a YAML pipeline
Environment variables and pre-deployment approvals can’t be created in a YAML pipeline, but obviously they still can be used in Azure DevOps using variable groups and via Pipelines/Enviroments.
Using a Storage Account for CICD
We don’t need a CICD storage account for deployment when you perform a single file deployment, so without using an orchestrator. Also, copying to a CICD storage account is not necessary in the build pipeline (ci-tasks.yml).
Expose Azure Function via API Management
When exposing an Azure Function via API Management, the most important thing to remember is that each function has a function key that can be dynamically retrieved via function listsecrets. To make the function deployment work, you will have to add an application Setting AzureWebJobsSecretStorageType=Files to your FunctionApp.
Run Unit Tests via Azure DevOps
Two important unit tests you might want to perform in your Azure project are related to maps and reusable functions. Either use the Microsoft Test Framework or XUnit for .Net Core.