Skip to content

Latest commit

 

History

History
187 lines (131 loc) · 8.62 KB

README.md

File metadata and controls

187 lines (131 loc) · 8.62 KB

Overview

This repository expands on Export APIs from Azure API Management to the Power Platform article, discussing the following use content:

  1. Why is this important

  2. Export of API between different Azure Active Directory Tenants

  3. Sample Provides sample scripts that can automate the end to end process of automating the deployment of an API from Azure to the Power Platform.

  4. ALM automation of export process

  5. Notes

Why Is This Important

Azure API Management API Export feature makes it easy to take advantage of pro code APIs that you have written in Azure or want to create and expose them to citizen developers so they can leverage them inside their low code Power Platform solutions.

The published docs API export document works well when the user manually wants to export the the Azure API Management API to a power platform as a custom connector. This guide looks at automating this process and covering scenarios like when you need to publish to APIs between multiple Azure Active Directory tenants.

Export API Between Different Azure Active Directory Tenants

The article assumes that the Azure subscription and the power platform environment are in the same Azure Active directory tenant. The are various cases where this may not be the case for example:

If scenarios like this apply to you then when you look to publish your API to your Power Apps environment then you will receive an empty list. to work around this gap you can use the Sample section below

Sample

Setup and Deploy Release Scripts

To run this sample download the latest release from GitHub. Upload the apim-export-release.zip to https://shell.azure.com or Azure Cloud Shell in https://portal.azure.com.

Once uploaded perform thew following steps

  1. unzip the release.zip
unzip apim-export-release.zip
  1. Change config.json to include your settings replacing TODO values with your settings
{
    "APIMPublisherEmail": "TODO",
    "APIMPublisherName": "TODO2",
    "powerPlatformEnvironment": "https://TODO3.crm.dynamics.com",
    "powerPlatformTenantId": "TODO4",
    "powerPlatformClientId": "TODO5",
    "powerPlatformClientSecret": "%PP_CLIENT_SECRET%", 
    "tags": [
        "\"Workload name\"=\"Development APIM\"",
        "\"Data Classification\"=\"Non-business\"",
        "\"Business criticality\"=\"Low\"",
        "\"Business Unit\"=\"Unknown\"",
        "\"Operations commitment\"=\"Baseline Only\"",
        "\"Operations Team\"=\"None\"",
        "\"Expected Usage\"=\"Unknown time\""
    ]
}
  1. The following example builds on the previous example by loading values from Azure Key Vault
{
    "APIMPublisherEmail": "TODO",
    "APIMPublisherName": "TODO2",
    "powerPlatformEnvironment": "https://TODO3.crm.dynamics.com",
    "powerPlatformTenantId": "TODO4",
    "powerPlatformClientId": "TODO5",
    "loadFromKeyVault": true,
    "powerPlatformClientSecretKey": "KV_PP-CLIENT-SECRET%", 
    "tags": [
        "\"Workload name\"=\"Development APIM\"",
        "\"Data Classification\"=\"Non-business\"",
        "\"Business criticality\"=\"Low\"",
        "\"Business Unit\"=\"Unknown\"",
        "\"Operations commitment\"=\"Baseline Only\"",
        "\"Operations Team\"=\"None\"",
        "\"Expected Usage\"=\"Unknown time\""
    ]
}

Provisioning Azure Resources

In https://shell.azure.com or Azure Cloud Shell of https://portal.azure.com choosing powershell script environment

  1. ./resources.ps1

Configure Azure API

TODO: To be updated include Azure Function example into APIM

Deploy your API to power platform

Azure AD Service Principal

Ensure that you have created an Azure Active directory with the following

  1. API Permissions for Dynamics CRM.
  2. Admin granted permissions for Dynamics CRM
  3. A secret allocated to the application

Ensure to that application user has been granted rights (System Customizer) in the power platform environment

Create Connector

In https://shell.azure.com or Azure Cloud Shell of https://portal.azure.com choosing powershell script environment

  1. ./export-apim.ps1

ALM Automation

You can use the sample scripts above to include them in your build process

Notes

Dependencies

To run this sample you will need access to or the following components installed

  1. System administrator rights in Power Platform Environment
  2. Access to https://shell.azure.com or Azure Portal https://portal.azure.com
  3. Local install of PowerShell (verion 5.0 or greater) and Azure CLI

O356 License Context

As at April 2021 as covered in Licensing overview for Microsoft Power Platform Power Apps include limited use rights included with Office 365 licenses to Export Azure API Management APIs to the Power platform.

This feature enable Customers to publish their Azure backend service as APIs and export these APIs to the Power Platform as custom connectors via Azure API Management. Customers with eligible Office 365 licenses that include Dataverse for Teams can use these connectors for custom applications, flows, and chatbots running in Teams and to connect Azure backend services. Source. Appendix B in this guide includes specific O365 licenses that are eligible for this for this feature.

Fusion Development Teams

You can use this feature as a first step to help integrate the concept of building fusion development teams including business, development and IT teams to build a solution. Using this base you can then expand into other premium connectors to accelerate and nurture fusion team development to build and deliver solutions in our organization.

PowerShell Automation

This sample makes use of Classes to encapsulate related functionality. This approach allows functionality to be managed and combined to automate the process.

Each class can be created using a exported PowerShell Module functions to allow easy creation of classes via Import Module. For example to create an Azure Key Vault using the default configuration

Import-Module './scripts/config.psm1' -Force
Import-Module './scripts/components/keyvault.psm1' -Force
$config = New-Config
$kv = New-KeyVaultManagement -config $config
$kv.CreateIfNotExists()

Configuration Management

The config.psm can be updated using following approaches:

  1. Json configuration file e.g.
Import-Module './scripts/config.psm1' -Force
$config = New-Config -file 'scripts/config.json'
  1. String json parameter e.g.
Import-Module './scripts/config.psm1' -Force
$config = New-Config -json '{"resourceGroup":"Delete Me"}'
  1. Using Environment variables
Import-Module './scripts/config.psm1' -Force
$env:AZ_RESOURCE_GROUP="Delete Me"
$config = New-Config -json '{"resourceGroup":"%AZ_RESOURCE_GROUP%"}'
$config.resourceGroup