Protect logic apps from zonal failures with availability zones and zone redundancy

Applies to: Azure Logic Apps (Consumption + Standard)

In each Azure region, availability zones are physically separate locations that are tolerant to local failures. Such failures can range from software and hardware failures to events such as earthquakes, floods, and fires. These zones achieve tolerance through the redundancy and logical isolation of Azure services.

To provide resiliency and distributed availability, at least three separate availability zones exist in any Azure region that supports and enables zone redundancy. The Azure Logic Apps platform distributes these zones and logic app workloads across these zones. This capability is a key requirement for enabling resilient architectures and providing high availability if datacenter failures happen in a region.

For more information, see the following documentation:

This guide provides a brief overview, considerations, and information about how to enable availability zones in Azure Logic Apps.

Considerations

Availability zones are supported with Standard logic app workflows, which run in single-tenant Azure Logic Apps and are powered by Azure Functions extensibility. For more information, see Reliability in Azure Functions.

  • You can enable this capability only when you create a Standard logic app in a supported Azure region.

  • You can enable this capability only for new Standard logic apps. You can't enable availability zone support for existing Standard logic app workflows.

  • You can enable this capability only at creation time. No programmatic tool support, such as Azure PowerShell or Azure CLI, currently exists to enable availability zone support after creation.

  • This capability supports only built-in connector operations, which directly run with the Azure Logic Apps runtime, not connector operations that are hosted and run in Azure.

Limitations

With HTTP-based actions, certificates exported or created with AES256 encryption won't work when used for client certificate authentication. The same certificates also won't work when used for OAuth authentication.

Prerequisites

Enable availability zones

For Standard logic apps only, follow these steps:

  1. In the Azure portal, start creating a Standard logic app. On the Create Logic App page, stop after you select Standard as the plan type for your logic app.

    Screenshot shows Azure portal, Create Logic App page, logic app details, and selected Standard plan type.

    For a tutorial, see Create Standard logic app workflows with single-tenant Azure Logic Apps in the Azure portal.

    After you select Standard, the Zone redundancy section and options become available.

    Note

    The Zone redundancy options appear unavailable if you select an unsupported Azure region or an existing Windows plan that created in an unsupported Azure region. Make sure to select a supported Azure region and a Windows plan that was created in a supported Azure region, or create a new Windows plan.

  2. Under Zone redundancy, select Enabled.

    At this point, your logic app creation experience appears similar to this example:

    Screenshot shows Azure portal, Create Logic App page, Standard logic app details, and the Enabled option selected under Zone redundancy.

  3. Finish creating your logic app workflow.

  4. If you use a firewall and haven't set up access for traffic through the required IP addresses, make sure to complete that requirement.