Close

SAS key for EventGrid topic

If you want to create an API Connection for an EventGrid topic, you can retrieve the access key from the Azure Portal and store/retrieve that key via Azure Key Vault. But what if security restrictions hide the access key in the Azure Portal? What if you want to deploy your EventGrid topic via ARM templates in dev.azure.com?

Below you will find an ARM template excerpt that first creates an EventGrid topic and then creates an API Connection for that EventGrid topic by retrieving the access key:

Eventgrid Topic

{
“$schema”: “https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#”,
“contentVersion”: “1.0.0.0”,
“parameters”: {
“TopicNaam”: {
“type”: “String”
}
},
“variables”: {},
“resources”: [
{
“type”: “Microsoft.EventGrid/topics”,
“apiVersion”: “2019-06-01”,
“name”: “[parameters(‘TopicNaam’)]”,
“location”: “westeurope”
}
]}

Eventgrid Topic Connection voor Publish

{
“$schema”: “https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#”,
“contentVersion”: “1.0.0.0”,
“parameters”: {
“Naam” : {
“type”: “string”
},
“ResourceGroup”: {
“type”: “string”,
“metadata”: {
“description”: “Resourcegroup van de Event Grid”
}
},
“Topic”: {
“type”: “string”,
“metadata”: {
“description”: “Naam van de Topic”
}
}
},
“variables”: {},
“resources”: [
{
“type”: “Microsoft.Web/connections”,
“apiVersion”: “2016-06-01”,
“location”: “westeurope”,
“name”: “[parameters(‘Naam’)]”,
“properties”: {
“api”: {
“id”: “[concat(‘/subscriptions/’, subscription().subscriptionId, ‘/providers/Microsoft.Web/locations/westeurope/managedApis/azureeventgridpublish’)]”
},
“displayName”: “[parameters(‘Naam’)]”,
“parameterValues”: {
“endpoint”: “[reference(resourceId(parameters(‘ResourceGroup’), ‘Microsoft.EventGrid/topics’, parameters(‘Topic’)), ‘2018-01-01’).endpoint]”,
“api_key”: “[listKeys(resourceId(parameters(‘ResourceGroup’), ‘Microsoft.EventGrid/topics’,parameters(‘Topic’)),’2018-01-01′).key1]”
}
}
}
]}