I have written a script for function app and it’s storage account creation using terraform.
I was having shared access key enabled for storage account but on azure portal in security it shows that function app should access storage account via managed identity, not via shared access key.
So I made changes in my script:
- disabled shared access key and
- added argument
storage_uses_managed_identity
in function app - added app setting –
AzureWebJobsStorage__accountName
- granted functionapp principal_id
storage blob data contributor
role in
storage account
But still it is unable to connect.
Can someone suggest what other changes can be made so that connectivity can be established. When I check in app insight there also it shows exception.
2
Answers
To connect Azure function App with Storage account using Managed Identity:
Storage Account=>Access Control(IAM)=>Add Role Assignment
:I have followed the above-mentioned steps and able to connect the Function App with Storage Account.
References:
Use managed identity instead of AzureWebJobsStorage to connect a function app to a storage account
I hope this will help you. For me it works good.