Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,552 questions
Azure Function App using system assigned managed identity
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 42%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYL%3C/text%3E%3C/svg%3E)
Yang Lei (CSI INTERFUSION INC)
0
Reputation points Microsoft Vendor
As per Microsoft recommendation we need to disable the access key on storage account and connect it using identity. But after switching to use the managed identity, our functions stopped working. Please help check what's the problem.
After disabling the access keys on storage account, we have done the operations as below:
- enabled the system managed identity on our function app.
- grant "Storage Account Contributor" and "Storage Blob Data Owner" roles to the identity
- removed the environment variable "AzureWebJobsStorage", "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING" and the "WEBSITE_CONTENTSHARE".
- added "AzureWebJobsStorage__accountName"
Our function app is using the basic consumption plan, windows hosted. Here's some screenshots for details
- function app essential:
- function app environment variables
- Role assignment
Our functions are solely scheduled by timer and only call our backend APIs; we don't have logic access to other Azure resources, including storage accounts. I would like to know what steps I can take to make it operational again. Thank you in advance.
{count} votes
-
Ryan Hill 26,866 Reputation points Microsoft Employee2024-06-14T19:57:50.4166667+00:00 @Yang Lei (CSI INTERFUSION INC) I'll reach out to you on Teams
Sign in to comment