Yes, there are specific Bicep or ARM template configurations that can cause managed identity errors in Logic Apps. Here are some common issues and solutions:
1. Incorrect Connection Configuration: When using managed identities with Logic Apps, the connection resources (e.g., Azure Storage, Office 365 Groups) must be correctly configured. For example, when connecting to an Azure Storage Queue, you need to include a `parameterValueSet` object with the name set to `managedIdentityAuth` and an empty `values` object in your Bicep template[1]. Similarly, for Office 365 Groups, you should use an `authenticatedUser` object and set `parameterValueType` to `'Alternative'` with empty `alternativeParameterValues`[1].
2. Invalid Template Errors: Syntax errors or incorrect parameter values in your ARM or Bicep templates can lead to deployment failures. Ensure that your template syntax is correct and that all parameters are valid. Use tools like Visual Studio Code with the Bicep extension to identify and fix syntax issues[2].
3. Logic App Identity Configuration: When enabling managed identities for Logic Apps, ensure that the `identity` object is correctly defined in your ARM template. For system-assigned identities, set `"type": "SystemAssigned"` within the `identity` object. For user-assigned identities, specify the `userAssignedIdentities` object with the correct resource details[9].
4. Unsupported Properties: Some properties might not be supported in the current version of Bicep or ARM templates. For instance, issues have been reported with Logic Apps managed identities due to missing swagger definitions[4]. Always check for updates or workarounds in such cases.
5. Deployment Sequence and Dependencies: Ensure that your Bicep modules are deployed in the correct sequence, especially when setting up managed identities and assigning roles. Use `DependsOn` to manage dependencies between resources[5].
Citations:
[1] https://www.blimped.nl/common-errors-deploying-azure-bicep-and-arm-templates/
[2] https://learn.microsoft.com/en-us/azure/azure-resource-manager/troubleshooting/error-invalid-template
[3] https://blog.siliconvalve.com/posts/2023/01/03/fix-logic-app-connections-managed-identity-errors-in-bicep-templates
[4] https://github.com/Azure/bicep/issues/949
[5] https://stackoverflow.com/questions/74034501/logic-apps-managed-identity-deployed-with-devops-bicep-template-gets-error-sendi
[6] https://stackoverflow.com/questions/tagged/azure-logic-app-standard?tab=Votes
[7] https://azureaggregator.wordpress.com/2023/03/06/deploying-logic-app-standard-resource-using-bicep-templates-and-devops-pipeline/
[8] https://www.red-gate.com/simple-talk/cloud/azure/how-to-use-managed-identities-in-your-azure-logic-apps/
[9] https://learn.microsoft.com/en-us/azure/logic-apps/authenticate-with-managed-identity