Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[QUERY]How to set AzureWebJobsStorage while using managed identity with blob triggered function?
See original GitHub issueQuery/Question
Hi there,
I’m an Azure newbie and I want to compose a pr for Terraform Azure Provider to solve this issue, but found myself stuck in figuring out whether I need set AzureWebJobsStorage or not. If I need set AzureWebJobsStorage, what value should I set since I want get rid of storage account access key?
I’ve written a blob triggered function:
[FunctionName("Function1")]
public static void Run([BlobTrigger("container1/{name}")]Stream myBlob, [Blob("container2/{name}", FileAccess.Write)] Stream o, string name, ILogger log)
{
log.LogInformation($"C# Blob trigger function Processed blob\n Name:{name} \n Size: {myBlob.Length} Bytes");
myBlob.CopyTo(o);
}
It works fine if I set AzureWebJobsStorage with AccountName and AccountKey, but if I delete AzureWebJobsStorage or remove these two properties from the setting, the function stopped working.
I’ve already granted my system assigned identity Storage Blob Data Owner and Storage Queue Data Contributor roles to my storage account, and both container1 container2 belong to the same storage account, and I’ve set AzureWebJobsStorage__accountName to my storage account name, but still have no luck. Have I missed something? I’ve read #21753 and I thinks it must be my fault because someone did it.
Would @kasobol-msft be so kind to give me some advice? Many thanks!
Btw, as Azure Function builtin monitoring requires AzureWebJobsDashboard string, how to compose a valid AzureWebJobsDashboard while using mis only? Many thanks!
Environment: Microsoft.Azure.WebJobs.Extensions.Storage 5.0.0-beta.5 Visual Studio 2019
Issue Analytics
- State:
- Created 2 years ago
- Comments:9 (8 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Hello @kasobol-msft , finally my function worked on Azure with
AzureWebJobsStorage__accountNameonly, thanks to your guidance, I can’t get this far without your help. But my function worked after I addedOwnerrole to my identity on my storage account, otherwise the log in application insight will complain about permission denied on reading storage secret. I guess there must some other iam issues on my side, nevertheless it’s enough for me to continue my terraform work. Thanks again, you saved my day!@lonegunmanb Thanks for the details. I have the following suggestions.
You mentioned that you got a function deployed to Azure working by granting relevant roles. I’m not sure why you’d add additional
AzureWebJobsStorageto app settings. I suggest to remove it.As for local development. It appears that you’re using older
Azure Functions Core Tools/Function Runtime Version. The minimum version where secretless support was added is3.0.15733.0. However, I suggest to update to latest. Please see here how to do this.