Unable to get Azure storage key from storage resource in ARM template

Question

I'm trying to build a connection string from a storage account used elsewhere in the template and I have

"StorageConnectionString": {
               "value": "[concat('DefaultEndpointsProtocol=https;AccountName=',
 variables('storageName'),';AccountKey=',
 listKeys(resourceId('Microsoft.Storage/storageAccounts',
 variables('storageName')), providers('Microsoft.Storage',
 'storageAccounts').apiVersions[0]).key1)]",
              "type": "Custom"
             },

Which I found from ARM - How can I get the access key from a storage account to use in AppSettings later in the template? however the syntax in that question no longer appears to work. I get an error that key1 is not a property which is known. Apparently there is a property called keys but that is, as one might expect, a structure of some sort. I have been unable to figure out what the property of the primary key is from that structure. I've tried

• key1 -> Template language expression property 'key1' doesn't exist, available properties are 'keys
• keys -> The provided parameters for template language function 'concat' are invalid. Either all or none of the parameters must be an array.
• keys.key1
• keys.primaryKey
• keys[0]

All of which have failed. I tried putting an output at the end of the file but outputting keys just seems to output no value.

Answer 1

As it turns out the structure of the object returned from listKeys is an array of keys which looks like

[
  { "keyName":"key1", "permissions":"Full", "value":"keyvalue1"},
  { "keyName":"key2", "permissions":"Full", "value":"keyvalue2"}
]

So the correct solution to getting the value out was to do keys[0].value.

Answer 2

You should use the listKeys() function

https://azure.microsoft.com/en-us/documentation/articles/resource-group-template-functions/#listkeys