Azure funcion app deployment is not successful through devops pipeline after making the storage account private to the vnet itself

DevopsLearn 0 Reputation points
2023-08-15T15:03:16.2366667+00:00

I have a function app and the function code is pushed from Git Hub using a devops CI pipeline, I have made the function app private using private endpoints and vnet integrated, If I make the associated storage account as well to private (accessed from the vnet) im unable to deploy the code getting error. if I keep the storage account public the pipeline runs fine.

Error log:

##[error]Failed to deploy web package to App Service.

##[warning]Can't find loc string for key: KuduStackTraceURL

##[error]Error: Error: Failed to deploy web package to App Service. Internal Server Error (CODE: 500)

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,542 questions
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,854 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. MuthuKumaranMurugaachari-MSFT 22,261 Reputation points
    2023-08-15T19:42:14.2+00:00

    DevopsLearn Thanks for posting your question in Microsoft Q&A. Based on your description, you have Func App integrated with VNET and private endpoints and deployed via DevOps pipeline is successful. However, if you enable VNET restriction on the associated storage account, then facing 500 error.

    Unfortunately, you cannot secure an existing storage account this way at this time. Please follow Existing function app doc and create a new file share in a new storage account (swap-out the existing storage account) and configure a private endpoint in the new storage account as described in the doc. I see similar feedback https://feedback.azure.com/d365community/idea/d13e5c40-5b3f-ed11-a81b-000d3a7b5d8c#comments from other customers and request you upvote this feature. This will help our product team prioritize the features and I will also submit the feedback internally.

    Let me know if you face any issues or have any other questions.

    If you found the answer to your question helpful, please take a moment to mark it as "Yes" for others to benefit from your experience. Or simply add a comment tagging me and would be happy to answer your questions.

    0 comments
  2. Mahesh Alwani 0 Reputation points Microsoft Employee
    2024-06-25T15:53:10.67+00:00

    Is this still true ? We are disabling shared key on storage account which is causing the same error. I have configured the private end point. Is there no way to fix it ? Is connection string only way to set WEBSITE_CONTENTAZUREFILECONNECTIONSTRING ?

    0 comments