Standard LogicApp is powered by new Azure single-tenant LogicApp runtime. Single-tenant Logic App offering runs as an extension on top of Azure Function runtime. Like Azure Functions, the standard Lo...
Updated Mar 11, 2025
Version 4.0
Blog Post
6 MIN READ
Deploying Standard Logic App to Storage Account behind Firewall using Service or Private Endpoints
Hey David,
thanks for your feedback, it's very much appreciated!!
Maybe you could help me with a problem that I have with your stated setup, if you have a minute to answer.
I've also added the File Share to Terraform but for some reason the service principal (with Contributor role) can't read/create a File Share as long as Network Restriction is still enabled on the Storage Account. The Logic App outbound subnet is whitelisted and for testing also the subnet of the DevOps build agent, but I always get a 403:
Error: checking for existence of existing Storage Share "logic-XXXXXXXX-q01-content"
(Account "stXXXXXXXXq01" / Resource Group "RG-XXXXXXXX-Q01"): shares.Client#GetProperties: Failure responding to request: StatusCode=403 --
Original Error: autorest/azure: Service returned an error. Status=403 Code="AuthorizationFailure" Message="This request is not authorized to perform this operation....."
If I disable Network Restriction on the Storage Account, the File Share can be deployed (or in case of an already existing Share be read) successfully.
Did you also encounter this issue and solve it?
Thanks very much in advance!