|
1 | 1 | --- |
2 | | -title: Create example Standard logic app workflow in Azure portal |
| 2 | +title: Create example Standard workflow in Azure portal |
3 | 3 | description: Create your first example Standard logic app workflow that runs in single-tenant Azure Logic Apps using the Azure portal. |
| 4 | +services: azure-logic-apps |
4 | 5 | ms.service: azure-logic-apps |
5 | 6 | ms.suite: integration |
6 | 7 | ms.reviewer: estfan, azla |
7 | 8 | ms.collection: ce-skilling-ai-copilot |
8 | 9 | ms.topic: how-to |
9 | | -ms.date: 09/23/2024 |
| 10 | +ms.date: 09/27/2024 |
10 | 11 | # Customer intent: As a developer, I want to create my first example Standard logic app workflow that runs in single-tenant Azure Logic Apps using the Azure portal. |
11 | 12 | --- |
12 | 13 |
|
@@ -368,7 +369,7 @@ In this example, the workflow runs when the **Request** trigger receives an inbo |
368 | 369 |
|
369 | 370 | > [!TIP] |
370 | 371 | > |
371 | | - > You can also find the endpoint URL on your logic app's **Overview** pane in the **Workflow URL** property. |
| 372 | + > You can also find the endpoint URL on your logic app **Overview** page in the **Workflow URL** property. |
372 | 373 | > |
373 | 374 | > 1. On the resource menu, select **Overview**. |
374 | 375 | > 1. On the **Overview** pane, find the **Workflow URL** property. |
@@ -409,6 +410,79 @@ For a stateful workflow, you can review the trigger history for each run, includ |
409 | 410 |
|
410 | 411 | For an existing stateful workflow run, you can rerun the entire workflow with the same inputs that were previously used for that run. For more information, see [Rerun a workflow with same inputs](monitor-logic-apps.md?tabs=standard#resubmit-workflow-run). |
411 | 412 |
|
| 413 | +<a name="set-up-managed-identity-storage"></a> |
| 414 | + |
| 415 | +## Set up managed identity access to your storage account |
| 416 | + |
| 417 | +By default, your Standard logic app authenticates access to your Azure Storage account by using a connection string. However, you can set up a user-assigned managed identity to authenticate access instead. |
| 418 | + |
| 419 | +1. In the [Azure portal](https://portal.azure.com), [follow these steps to create a user-assigned managed identity](/entra/identity/managed-identities-azure-resources/how-manage-user-assigned-managed-identities?pivots=identity-mi-methods-azp#create-a-user-assigned-managed-identity). |
| 420 | + |
| 421 | +1. From your user-assigned identity, get the resource ID: |
| 422 | + |
| 423 | + 1. On the user-assigned managed identity menu, under **Settings**, select **Properties**. |
| 424 | + |
| 425 | + 1. From the **Id** property, copy and save the resource ID. |
| 426 | + |
| 427 | +1. From your storage account, get the URIs for the Blob, Queue, and Table services: |
| 428 | + |
| 429 | + 1. On the storage account menu, under **Settings**, select **Endpoints**. |
| 430 | + |
| 431 | + 1. Copy and save the URIs for **Blob service**, **Queue service**, and **Table service**. |
| 432 | + |
| 433 | +1. On your storage account, add the necessary role assignments for your user-assigned identity: |
| 434 | + |
| 435 | + 1. On the storage account menu, select **Access control (IAM)**. |
| 436 | + |
| 437 | + 1. On the **Access control (IAM)** page toolbar, from the **Add** menu, select **Add role assignment**. |
| 438 | + |
| 439 | + 1. On the **Job function roles** tab, add each of the following roles to the user-assigned identity: |
| 440 | + |
| 441 | + - **Storage Account Contributor** |
| 442 | + - **Storage Blob Data Owner** |
| 443 | + - **Storage Queue Data Contributor** |
| 444 | + - **Storage Table Data Contributor** |
| 445 | + |
| 446 | + For more information, see [Assign Azure roles using the Azure portal](../role-based-access-control/role-assignments-portal.yml) and [Understand role assignments](../role-based-access-control/role-assignments.md). |
| 447 | + |
| 448 | +1. [Follow these steps to add the user-assigned managed identity to your Standard logic app resource](authenticate-with-managed-identity.md?tabs=standard#add-user-assigned-identity-to-logic-app-in-the-azure-portal). |
| 449 | + |
| 450 | +1. On your Standard logic app, enable runtime scale monitoring: |
| 451 | + |
| 452 | + 1. On the logic app menu, under **Settings**, select **Configuration**. |
| 453 | + |
| 454 | + 1. On the **Workflow runtime settings** tab, for **Runtime Scale Monitoring**, select **On**. |
| 455 | + |
| 456 | + 1. On the **Configuration** toolbar, select **Save**. |
| 457 | + |
| 458 | +1. On your Standard logic app, set up the resource ID and service URIs: |
| 459 | + |
| 460 | + 1. On the logic app menu, select **Overview**. |
| 461 | + |
| 462 | + 1. On the **Overview** page toolbar, select **Stop**. |
| 463 | + |
| 464 | + 1. On the logic app menu, under **Settings**, select **Environment variables**. |
| 465 | + |
| 466 | + 1. On the **App settings** tab, select **Add** to add the following app settings and values: |
| 467 | + |
| 468 | + | App setting | Value | |
| 469 | + |-------------|-------| |
| 470 | + | **AzureWebJobsStorage__managedIdentityResourceId** | The resource ID for your user-assigned managed identity | |
| 471 | + | **AzureWebJobsStorage__blobServiceUri** | The Blob service URI for your storage account | |
| 472 | + | **AzureWebJobsStorage__queueServiceUri** | The Queue service URI for your storage account | |
| 473 | + | **AzureWebJobsStorage__tableServiceUri** | The Table service URI for your storage account | |
| 474 | + | **AzureWebJobsStorage__credential** | **managedIdentity** | |
| 475 | + |
| 476 | + 1. On the **App settings** tab, delete the app setting named **AzureWebJobsStorage**, which is set to the connection string associated with your storage account. |
| 477 | + |
| 478 | + 1. When you finish, select **Apply**, which saves your changes and restarts your logic app. |
| 479 | + |
| 480 | + Your changes might take several moments to take effect. If necessary, on your logic app menu, select **Overview**, and on the toolbar, select **Refresh**. |
| 481 | + |
| 482 | + The following message might appear, but it isn't an error and doesn't affect your logic app: |
| 483 | + |
| 484 | + **"AzureWebjobsStorage" app setting is not present.** |
| 485 | + |
412 | 486 | <a name="enable-run-history-stateless"></a> |
413 | 487 |
|
414 | 488 | ## Enable run history for stateless workflows |
@@ -526,7 +600,7 @@ To fix this problem, follow these steps to delete the outdated version so that t |
526 | 600 | > If you get an error such as **"permission denied"** or **"file in use"**, refresh the |
527 | 601 | > page in your browser, and try the previous steps again until the folder is deleted. |
528 | 602 |
|
529 | | -1. In the Azure portal, return to your logic app's **Overview** page, and select **Restart**. |
| 603 | +1. In the Azure portal, return to your logic app and its **Overview** page, and select **Restart**. |
530 | 604 |
|
531 | 605 | The portal automatically gets and uses the latest bundle. |
532 | 606 |
|
|
0 commit comments