Skip to content

Instantly share code, notes, and snippets.

@joerodgers

joerodgers/Invoke-LogicAppDeployment.ps1

Last active July 1, 2021 17:24
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save joerodgers/4eb1eb7b97ec7bdf435e9e84c462776d to your computer and use it in GitHub Desktop.
Save joerodgers/4eb1eb7b97ec7bdf435e9e84c462776d to your computer and use it in GitHub Desktop.
Download ZIP
Site Directory Logic App Template and Deployment
Raw
Invoke-LogicAppDeployment.ps1
[System.Net.WebRequest]::DefaultWebProxy.Credentials = [System.Net.CredentialCache]::DefaultCredentials
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls11 -bor [System.Net.SecurityProtocolType]::Tls12
Login-AzAccount
$parameters = @{
objectId = (Get-AzADUser -UserPrincipalName (Get-AzContext).Account).Id
clientId = $env:O365_CLIENTID
clientSecret = $env:O365_CLIENTSECRET
}
New-AzResourceGroupDeployment -ResourceGroupName "rg-collabeng-prod-sitedirectory" -TemplateFile "C:\_temp\SiteDirectoryAzureSolutionTemplate.json" -TemplateParameterObject $parameters
Raw
SiteDirectoryLogicAppARMTemplate.json
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"connections_keyvault_name": {
"defaultValue": "conn_keyvault",
"type": "String",
"metadata": {
"description": "Specifies the name of the key vault connection."
}
},
"vaults_keyvault_name": {
"defaultValue": "kv-vault",
"type": "String",
"metadata": {
"description": "Specifies the name of the key vault."
}
},
"logic_logicapp_name": {
"defaultValue": "logic-recordnewsite",
"type": "string",
"metadata": {
"description": "Specifies the name of the logic app."
}
},
"clientId": {
"type": "string",
"metadata": {
"description": "Specifies the client id value."
}
},
"clientSecret": {
"type": "string",
"metadata": {
"description": "Specifies the client secret value."
}
},
"objectId": {
"type": "string",
"metadata": {
"description": "Specifies the object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies. Get it by using Get-AzADUser or Get-AzADServicePrincipal cmdlets."
}
}
},
"variables": {
"keyvaultName": "[toLower(parameters('vaults_keyvault_name'))]",
"location": "[resourceGroup().location]"
},
"resources": [
{
"type": "Microsoft.KeyVault/vaults",
"apiVersion": "2021-04-01-preview",
"name": "[variables('keyvaultName')]",
"location": "[variables('location')]",
"properties": {
"sku": {
"family": "A",
"name": "Standard"
},
"tenantId": "[subscription().tenantId]",
"accessPolicies": [
{
"tenantId": "[subscription().tenantId]",
"objectId": "[parameters('objectId')]",
"permissions": {
"keys": [
"All"
],
"secrets": [
"All"
],
"certificates": [
"All"
]
}
}
],
"enabledForDeployment": false,
"enabledForDiskEncryption": false,
"enabledForTemplateDeployment": false,
"enableSoftDelete": true,
"enablePurgeProtection": true
}
},
{
"type": "Microsoft.KeyVault/vaults/accessPolicies",
"name": "[concat(variables('keyvaultName'),'/add')]",
"apiVersion": "2016-10-01",
"dependsOn": [
"[resourceId('Microsoft.Logic/workflows', parameters('logic_logicapp_name'))]",
"[resourceId('Microsoft.KeyVault/vaults', variables('keyvaultName'))]"
],
"properties": {
"accessPolicies": [
{
"tenantId": "[subscription().tenantId]",
"objectId": "[reference(resourceId('Microsoft.Logic/workflows', parameters('logic_logicapp_name')), '2019-05-01', 'Full').identity.principalId]",
"permissions": {
"secrets": [
"get",
"list"
]
}
}
]
}
},
{
"type": "Microsoft.Web/connections",
"apiVersion": "2016-06-01",
"name": "[parameters('connections_keyvault_name')]",
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('keyvaultName'))]"
],
"location": "[variables('location')]",
"kind": "V1",
"properties": {
"displayName": "[variables('keyvaultName')]",
"customParameterValues": {},
"parameterValueType": "Alternative",
"alternativeParameterValues": {
"vaultName": "[variables('keyvaultName')]"
},
"api": {
"id": "[concat('subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Web/locations/', resourceGroup().location, '/managedApis/keyvault')]"
}
}
},
{
"type": "Microsoft.KeyVault/vaults/secrets",
"apiVersion": "2021-04-01-preview",
"name": "[concat(variables('keyvaultName'), '/ClientId')]",
"location": "[variables('location')]",
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('keyvaultName'))]"
],
"properties": {
"value": "[parameters('clientId')]"
}
},
{
"type": "Microsoft.KeyVault/vaults/secrets",
"apiVersion": "2021-04-01-preview",
"name": "[concat(variables('keyvaultName'), '/ClientSecret')]",
"location": "[variables('location')]",
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('keyvaultName'))]"
],
"properties": {
"value": "[parameters('clientSecret')]"
}
},
{
"type": "Microsoft.KeyVault/vaults/secrets",
"apiVersion": "2021-04-01-preview",
"name": "[concat(variables('keyvaultName'), '/TenantId')]",
"location": "[variables('location')]",
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('keyvaultName'))]"
],
"properties": {
"value": "[subscription().tenantId]"
}
},
{
"type": "Microsoft.Logic/workflows",
"apiVersion": "2017-07-01",
"name": "[parameters('logic_logicapp_name')]",
"location": "[resourceGroup().location]",
"identity": {
"type": "SystemAssigned"
},
"dependsOn": [
"[resourceId('Microsoft.Web/connections', parameters('connections_keyvault_name'))]"
],
"properties": {
"state": "Enabled",
"definition": {
"$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"$connections": {
"defaultValue": {},
"type": "Object"
}
},
"triggers": {
"manual": {
"type": "Request",
"kind": "Http",
"inputs": {
"schema": {
"properties": {
"createdTimeUTC": {
"type": "string"
},
"creatorEmail": {
"type": "string"
},
"creatorName": {
"type": "string"
},
"parameters": {
"properties": {
"event": {
"type": "string"
},
"product": {
"type": "string"
}
},
"type": "object"
},
"webDescription": {
"type": "string"
},
"webUrl": {
"type": "string"
}
},
"type": "object"
}
}
}
},
"actions": {
"Initialize_Audience": {
"runAfter": {
"Initialize_OwnerLogin": [
"Succeeded"
]
},
"type": "InitializeVariable",
"inputs": {
"variables": [
{
"name": "Audience",
"type": "string",
"value": "@{concat( 'https://', uriHost(triggerBody()?['webUrl']))}"
}
]
}
},
"Initialize_Connection_Credentials": {
"actions": {
"certificate": {
"runAfter": {
"Tenant": [
"Succeeded"
]
},
"type": "ApiConnection",
"inputs": {
"host": {
"connection": {
"name": "@parameters('$connections')['keyvault']['connectionId']"
}
},
"method": "get",
"path": "/secrets/@{encodeURIComponent('ClientCertificate')}/value"
}
},
"Client_Id": {
"runAfter": {},
"type": "ApiConnection",
"inputs": {
"host": {
"connection": {
"name": "@parameters('$connections')['keyvault']['connectionId']"
}
},
"method": "get",
"path": "/secrets/@{encodeURIComponent('ClientId')}/value"
}
},
"Client_Secret": {
"runAfter": {
"certificate": [
"Succeeded"
]
},
"type": "ApiConnection",
"inputs": {
"host": {
"connection": {
"name": "@parameters('$connections')['keyvault']['connectionId']"
}
},
"method": "get",
"path": "/secrets/@{encodeURIComponent('ClientSecret')}/value"
}
},
"Tenant": {
"runAfter": {
"Client_Id": [
"Succeeded"
]
},
"type": "ApiConnection",
"inputs": {
"host": {
"connection": {
"name": "@parameters('$connections')['keyvault']['connectionId']"
}
},
"method": "get",
"path": "/secrets/@{encodeURIComponent('TenantId')}/value"
}
}
},
"runAfter": {},
"type": "Scope"
},
"Initialize_OwnerLogin": {
"runAfter": {
"Initialize_SiteDirectoryListTitle": [
"Succeeded"
]
},
"type": "InitializeVariable",
"inputs": {
"variables": [
{
"name": "OwnerLogin",
"type": "string"
}
]
}
},
"Initialize_SiteDirectoryListTitle": {
"runAfter": {
"Initialize_SiteDirectorySiteUrl": [
"Succeeded"
]
},
"type": "InitializeVariable",
"inputs": {
"variables": [
{
"name": "SiteDirectoryListTitle",
"type": "string",
"value": "Site Directory"
}
]
}
},
"Initialize_SiteDirectorySiteUrl": {
"runAfter": {
"Initialize_Connection_Credentials": [
"Succeeded"
]
},
"type": "InitializeVariable",
"inputs": {
"variables": [
{
"name": "SiteDirectorySiteUrl",
"type": "string",
"value": "https://tenant.sharepoint.com/sites/sitedirectory"
}
]
}
},
"Query_SharePoint_Site_Metadata_": {
"actions": {
"Get_Site_Properties": {
"runAfter": {
"Get_Web_Properties": [
"Succeeded"
]
},
"type": "Http",
"inputs": {
"authentication": {
"audience": "@variables('Audience')",
"clientId": "@body('Client_Id')?['value']",
"password": "",
"pfx": "@body('certificate')?['value']",
"tenant": "@body('Tenant')?['value']",
"type": "ActiveDirectoryOAuth"
},
"headers": {
"accept": "application/json"
},
"method": "GET",
"uri": "@{triggerBody()?['webUrl']}/_api/site"
}
},
"Get_Web_Properties": {
"runAfter": {},
"type": "Http",
"inputs": {
"authentication": {
"audience": "@variables('Audience')",
"clientId": "@body('Client_Id')?['value']",
"password": "",
"pfx": "@body('certificate')?['value']",
"tenant": "@body('Tenant')?['value']",
"type": "ActiveDirectoryOAuth"
},
"headers": {
"accept": "application/json"
},
"method": "GET",
"uri": "@{triggerBody()?['webUrl']}/_api/web"
}
},
"Parse_Site_Properties_-_GroupId": {
"runAfter": {
"Parse_Web_Properties_-_WebTemplate": [
"Succeeded"
]
},
"type": "ParseJson",
"inputs": {
"content": "@body('Get_Site_Properties')",
"schema": {
"properties": {
"GroupId": {
"type": "string"
}
},
"type": "object"
}
}
},
"Parse_Web_Properties_-_WebTemplate": {
"runAfter": {
"Get_Site_Properties": [
"Succeeded"
]
},
"type": "ParseJson",
"inputs": {
"content": "@body('Get_Web_Properties')",
"schema": {
"properties": {
"WebTemplate": {
"type": "string"
}
},
"type": "object"
}
}
}
},
"runAfter": {
"Initialize_Audience": [
"Succeeded"
]
},
"type": "Scope"
},
"Save_Entry_to_SharePoint_Site_Directory_List": {
"actions": {
"EnsureUser_Owner_Exists_in_Site_Directory_Site": {
"runAfter": {
"Parse_FormDigestValue": [
"Succeeded"
]
},
"type": "Http",
"inputs": {
"authentication": {
"audience": "@variables('Audience')",
"clientId": "@body('Client_Id')?['value']",
"password": "",
"pfx": "@body('certificate')?['value']",
"tenant": "@body('Tenant')?['value']",
"type": "ActiveDirectoryOAuth"
},
"headers": {
"X-RequestDigest": "@body('Parse_FormDigestValue')?['d']?['GetContextWebInformation']?['FormDigestValue']",
"accept": "application/json",
"content-type": "application/json;odata=verbose"
},
"method": "POST",
"uri": "@{variables('SiteDirectorySiteUrl')}/_api/Web/EnsureUser('@{variables('OwnerLogin')}')"
}
},
"Get_FormDigestValue": {
"runAfter": {
"Parse_Site_Directory_List's_ListItemEntityTypeFullName_Value": [
"Succeeded"
]
},
"type": "Http",
"inputs": {
"authentication": {
"audience": "@variables('Audience')",
"clientId": "@body('Client_Id')?['value']",
"password": "",
"pfx": "@body('certificate')?['value']",
"tenant": "@body('Tenant')?['value']",
"type": "ActiveDirectoryOAuth"
},
"headers": {
"Content-Type": "application/json;odata=verbose",
"accept": "application/json;odata=verbose"
},
"method": "POST",
"uri": "@{triggerBody()?['webUrl']}/_api/contextinfo"
}
},
"Get_Site_Directory_List's_ListItemEntityTypeFullName_Value": {
"runAfter": {},
"type": "Http",
"inputs": {
"authentication": {
"audience": "@variables('Audience')",
"clientId": "@body('Client_Id')?['value']",
"password": "",
"pfx": "@body('certificate')?['value']",
"tenant": "@body('Tenant')?['value']",
"type": "ActiveDirectoryOAuth"
},
"headers": {
"accept": "application/json"
},
"method": "GET",
"uri": "@{variables('SiteDirectorySiteUrl')}/_api/web/lists/GetByTitle('@{variables('SiteDirectoryListTitle')}')/?$select=ListItemEntityTypeFullName"
}
},
"Parse_FormDigestValue": {
"runAfter": {
"Get_FormDigestValue": [
"Succeeded"
]
},
"type": "ParseJson",
"inputs": {
"content": "@body('Get_FormDigestValue')",
"schema": {
"properties": {
"d": {
"properties": {
"GetContextWebInformation": {
"properties": {
"FormDigestTimeoutSeconds": {
"type": "integer"
},
"FormDigestValue": {
"type": "string"
},
"LibraryVersion": {
"type": "string"
},
"SiteFullUrl": {
"type": "string"
},
"SupportedSchemaVersions": {
"properties": {
"__metadata": {
"properties": {
"type": {
"type": "string"
}
},
"type": "object"
},
"results": {
"items": {
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"WebFullUrl": {
"type": "string"
},
"__metadata": {
"properties": {
"type": {
"type": "string"
}
},
"type": "object"
}
},
"type": "object"
}
},
"type": "object"
}
},
"type": "object"
}
}
},
"Parse_Owner_Id": {
"runAfter": {
"EnsureUser_Owner_Exists_in_Site_Directory_Site": [
"Succeeded"
]
},
"type": "ParseJson",
"inputs": {
"content": "@body('EnsureUser_Owner_Exists_in_Site_Directory_Site')",
"schema": {
"properties": {
"Id": {
"type": "integer"
}
},
"type": "object"
}
}
},
"Parse_Site_Directory_List's_ListItemEntityTypeFullName_Value": {
"runAfter": {
"Get_Site_Directory_List's_ListItemEntityTypeFullName_Value": [
"Succeeded"
]
},
"type": "ParseJson",
"inputs": {
"content": "@body('Get_Site_Directory_List''s_ListItemEntityTypeFullName_Value')",
"schema": {
"properties": {
"ListItemEntityTypeFullName": {
"type": "string"
},
"odata.editLink": {
"type": "string"
},
"odata.etag": {
"type": "string"
},
"odata.id": {
"type": "string"
},
"odata.metadata": {
"type": "string"
},
"odata.type": {
"type": "string"
}
},
"type": "object"
}
}
},
"Save_Entry_to_Site_Directory_List": {
"runAfter": {
"Parse_Owner_Id": [
"Succeeded"
]
},
"type": "Http",
"inputs": {
"authentication": {
"audience": "@variables('Audience')",
"clientId": "@body('Client_Id')?['value']",
"password": "",
"pfx": "@body('certificate')?['value']",
"tenant": "@body('Tenant')?['value']",
"type": "ActiveDirectoryOAuth"
},
"body": {
"GroupId": "@{body('Parse_Site_Properties_-_GroupId')?['GroupId']}",
"OwnerId": {
"results": [
"@{body('Parse_Owner_Id')?['Id']}"
]
},
"SiteUrl": {
"Description": "@{triggerBody()?['webUrl']}",
"Url": "@{triggerBody()?['webUrl']}",
"__metadata": {
"type": "SP.FieldUrlValue"
}
},
"WebTemplate": "@{body('Parse_Web_Properties_-_WebTemplate')?['WebTemplate']}",
"__metadata": {
"type": "@{body('Parse_Site_Directory_List''s_ListItemEntityTypeFullName_Value')?['ListItemEntityTypeFullName']}"
}
},
"headers": {
"Content-Type": "application/json;odata=verbose",
"X-RequestDigest": "@body('Parse_FormDigestValue')?['d']?['GetContextWebInformation']?['FormDigestValue']",
"accept": "application/json;odata=verbose"
},
"method": "POST",
"uri": "@{variables('SiteDirectorySiteUrl')}/_api/web/lists/GetByTitle('@{variables('SiteDirectoryListTitle')}')/items"
}
}
},
"runAfter": {
"Switch": [
"Succeeded"
]
},
"type": "Scope"
},
"Switch": {
"runAfter": {
"Query_SharePoint_Site_Metadata_": [
"Succeeded"
]
},
"cases": {
"Case": {
"case": "00000000-0000-0000-0000-000000000000",
"actions": {
"Get_Site_Owner": {
"runAfter": {},
"type": "Http",
"inputs": {
"authentication": {
"audience": "@variables('Audience')",
"clientId": "@body('Client_Id')?['value']",
"password": "",
"pfx": "@body('certificate')?['value']",
"tenant": "@body('Tenant')?['value']",
"type": "ActiveDirectoryOAuth"
},
"headers": {
"accept": "application/json;odata=verbose"
},
"method": "GET",
"uri": "@{triggerBody()?['webUrl']}/_api/site/owner"
}
},
"Parse_Site_Owner_LoginName": {
"runAfter": {
"Get_Site_Owner": [
"Succeeded"
]
},
"type": "ParseJson",
"inputs": {
"content": "@body('Get_Site_Owner')",
"schema": {
"properties": {
"d": {
"properties": {
"LoginName": {
"type": "string"
}
},
"type": "object"
}
},
"type": "object"
}
}
},
"Set_OwnerLogin_From_SharePoint": {
"runAfter": {
"Parse_Site_Owner_LoginName": [
"Succeeded"
]
},
"type": "SetVariable",
"inputs": {
"name": "OwnerLogin",
"value": "@{encodeUriComponent(body('Parse_Site_Owner_LoginName')?['d']?['LoginName'])}"
}
}
}
}
},
"default": {
"actions": {
"Get_1st_AAD_Group_Owner": {
"runAfter": {},
"type": "Http",
"inputs": {
"authentication": {
"audience": "https://graph.microsoft.com",
"clientId": "@body('Client_Id')?['value']",
"secret": "@body('Client_Secret')?['value']",
"tenant": "@body('Tenant')?['value']",
"type": "ActiveDirectoryOAuth"
},
"headers": {
"accept": "application/json"
},
"method": "GET",
"uri": "https://graph.microsoft.com/v1.0/groups/@{body('Parse_Site_Properties_-_GroupId')?['GroupId']}/owners?$top=1"
}
},
"Parse_1st_AAD_Group_Owner_-_userPrincipalName": {
"runAfter": {
"Get_1st_AAD_Group_Owner": [
"Succeeded"
]
},
"type": "ParseJson",
"inputs": {
"content": "@body('Get_1st_AAD_Group_Owner')",
"schema": {
"properties": {
"value": {
"items": {
"properties": {
"id": {
"type": "string"
},
"userPrincipalName": {
"type": "string"
}
},
"required": [],
"type": "object"
},
"type": "array"
}
},
"type": "object"
}
}
},
"Set_OwnerLogin_From_AAD": {
"runAfter": {
"Parse_1st_AAD_Group_Owner_-_userPrincipalName": [
"Succeeded"
]
},
"type": "SetVariable",
"inputs": {
"name": "OwnerLogin",
"value": "@{encodeUriComponent(concat('i:0#.f|membership|',first(body('Parse_1st_AAD_Group_Owner_-_userPrincipalName')?['value'])['userPrincipalName']))}"
}
}
}
},
"expression": "@body('Parse_Site_Properties_-_GroupId')?['GroupId']",
"type": "Switch"
}
},
"outputs": {}
},
"parameters": {
"$connections": {
"value": {
"keyvault": {
"connectionId": "[resourceId('Microsoft.Web/connections', parameters('connections_keyvault_name'))]",
"connectionName": "parameters('connections_keyvault_name')",
"connectionProperties": {
"authentication": {
"type": "ManagedServiceIdentity"
}
},
"id": "[reference(concat('Microsoft.Web/connections/', parameters('connections_keyvault_name')), '2016-06-01').api.id]"
}
}
}
}
}
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment