We have several use cases where we want to “do something” when a user starts an Azure Virtual Desktop. One method could be a login\/startup script, but this would run under the user’s or Managed Identity’s context. <\/p>\n\n\n\n
A better way is to use an Azure Event Grid System Topic<\/a> on the resource group that contains the VM’s, which can then forward any event that happens in the resource group.<\/p>\n\n\n\n A system topic is easily deployed using ARM:<\/p>\n\n\n That having been deployed, we’ll deploy a logic app that is triggered by the topic. In this case, I want to do some advanced filtering so the logic app is only triggered when a VM is started by a user (vs automation). This is indicated by the Guid (principal ID) of Microsoft’s AVD serviceprincipal, in our case 068e1c948d874baba249f9a122cd8003 because we use ‘Start On Connect<\/a>‘<\/p>\n\n\n\n To use advanced filtering<\/a> in a logic app, use “enableAdvancedFilteringOnArrays”: true<\/p>\n\n\n\n The full trigger section of the logic app (in ARM) is as follows:<\/p>\n\n\n You may also want to use the VM’s name in your logic app, this is easily parsed from the Subject field, e.g. as follows:<\/p>\n\n\n Adding eventgrid contributor:<\/p>\n\n\n\n We have several use cases where we want to “do something” when a user starts an Azure Virtual Desktop. One method could be a login\/startup script, but this would run under the user’s or Managed Identity’s context. A better way is to use an Azure Event Grid System Topic on the resource group that contains … Continue reading Trigger logic app when Azure Virtual Desktop starts<\/span> \n {\n \"type\": \"Microsoft.EventGrid\/systemTopics\",\n \"apiVersion\": \"2021-12-01\",\n \"name\": \"evgt-listenToAvdEvents-01\",\n \"location\": \"global\",\n \"properties\": {\n \"source\": \"[concat('\/subscriptions\/',subscription().subscriptionId,'\/resourceGroups\/rg-avd-weeu-01')]\",\n \"topicType\": \"microsoft.resources.resourcegroups\"\n }\n }\n<\/pre><\/div>\n\n\n\n \"triggers\": {\n \"When_a_resource_event_occurs\": {\n \"splitOn\": \"@triggerBody()\",\n \"type\": \"ApiConnectionWebhook\",\n \"inputs\": {\n \"body\": {\n \"properties\": {\n \"destination\": {\n \"endpointType\": \"webhook\",\n \"properties\": {\n \"endpointUrl\": \"@{listCallbackUrl()}\"\n }\n },\n \"filter\": {\n \"includedEventTypes\": [\n \"Microsoft.Resources.ResourceActionSuccess\",\n \"Microsoft.Resources.ResourceDeleteSuccess\",\n \"Microsoft.Resources.ResourceWriteSuccess\"\n ],\n \"subjectBeginsWith\": \"[concat('\/subscriptions\/',subscription().subscriptionId,'\/resourceGroups\/rg-avd-weeu-01\/providers\/Microsoft.Compute\/virtualMachines')]\",\n \"enableAdvancedFilteringOnArrays\": true,\n \"advancedFilters\": [\n {\n \"operatorType\": \"StringIn\",\n \"key\": \"data.authorization.action\",\n \"values\": [\n \"Microsoft.Compute\/virtualMachines\/start\/action\"\n ]\n },\n {\n \"operatorType\": \"StringIn\",\n \"key\": \"data.authorization.evidence.principalId\",\n \"values\": [\n \"068e1c948d874baba249f9a122cd8003\"\n ]\n }\n ]\n },\n \"topic\": \"[concat('\/subscriptions\/',subscription().subscriptionId,'\/resourceGroups\/rg-avd-weeu-01')]\"\n }\n },\n \"host\": {\n \"connection\": {\n \"name\": \"@parameters('$connections')['azureeventgrid']['connectionId']\"\n }\n },\n \"path\": \"[concat('\/subscriptions\/@{encodeURIComponent(''',subscription().subscriptionId,''')}\/providers\/@{encodeURIComponent(''Microsoft.Resources.ResourceGroups'')}\/resource\/eventSubscriptions')]\",\n \"queries\": {\n \"x-ms-api-version\": \"2021-12-01\"\n }\n }\n }\n },\n<\/pre><\/div>\n\n\n\n\"Parse_Subject\": {\n \"runAfter\": {},\n \"type\": \"InitializeVariable\",\n \"inputs\": {\n \"variables\": [\n {\n \"name\": \"subject\",\n \"type\": \"string\",\n \"value\": \"@triggerBody()?['subject']\"\n }\n ]\n }\n},\n\"Parse_MachineName\": {\n \"runAfter\": {\n \"Parse_Subject\": [\n \"Succeeded\"\n ]\n },\n \"type\": \"InitializeVariable\",\n \"inputs\": {\n \"variables\": [\n {\n \"name\": \"machineName\",\n \"type\": \"string\",\n \"value\": \"@{last(split(variables('subject'),'\/'))}\"\n }\n ]\n }\n},\n<\/pre><\/div>\n\n\nImportant considerations:<\/h2>\n\n\n\n
New-AzRoleAssignment -ObjectId $la.Identity.PrincipalId -RoleDefinitionName \"EventGrid Contributor\" -Scope \"\/subscriptions\/$($context.Subscription.Id)\"<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"