Hi @Ken Bonny
I'm glad that you were able to resolve your issue. Thank you for posting your solution so that others experiencing a similar issue can easily reference this.
Since the Microsoft Q&A community has a policy that the question author cannot accept their own answer, they can only accept answers by others, I'll repost your solution in case you'd like to Accept the answer.
To summarize your issue, you are attempting to use a bicep template that can be used to scale your Container App to 0. Your primary ask was how to properly configure the authentication piece of the template.
The template you're using is custom. The resolve was an architect who authored the template was able to extend the template to reference the key vault secret references.
I realize you are leveraging a custom template but for others, if you're leveraging Microsoft.ContainerApp/containerApps
resource type with minReplicas property set to 0, an example bicep could look like the following:
param containerAppName string
param containerImageLocation string
param environmentName string
param resourceGroupName string
param location string
param secrets object
param scaleRuleAuth object
resource containerApp 'Microsoft.ContainerApp/containerApps@2021-06-01-preview' = {
name: containerAppName
location: location
properties: {
containers: [
{
name: containerAppName
properties: {
imageRegistryCredentials: []
image: containerImageLocation
command: []
environmentVariables: []
ports: []
resources: {
requests: {
cpu: '0.1'
memoryInGB: 0.5
}
limits: {
cpu: '0.5'
memoryInGB: 1
}
}
volumeMounts: []
}
}
]
osType: 'Linux'
environment: environmentName
minReplicas: 0
maxReplicas: 5
scaleRules: [
{
name: 'azure-http-rule'
type: 'http'
http: {
concurrency: 100
}
}
]
secrets: secrets
authentication: scaleRuleAuth
}
}
output containerAppUrl string = containerApp.properties.url
where examples of secrets
and scaleRuleAuth
could look like
param secrets object = {
mySecret1: {
value: 'mySecretValue1'
}
mySecret2: {
value: 'mySecretValue2'
}
}
param scaleRuleAuth object = {
myAuth1: {
type: 'AzureServiceBus'
connectionString: 'myConnectionString1'
secretTargetRef: 'mySecret1'
}
myAuth2: {
type: 'AzureServiceBus'
connectionString: 'myConnectionString2'
secretTargetRef: 'mySecret2'
}
}
The secrets
object will reference the properties of the scaleRuleAuth
object via the secretTargetRef
property which retrieves the connection string of the Service Bus resource.