How do I grant a Function App access to an Azure Storage Account?

How do I grant a Function App access to an Azure Storage Account?

Context:

I do not know how to resolve the security access exception for a Function App that does not appear to be authorized to access an Azure Storage Table.

Currently the Access Control role assignments for the Function App are set to Contributor and Reader.

My hypothesis is that the Function App needs to have a Storage Data Table Contributor role assigned to it.

Azure Storage Table:

The following code attempts to access an Azure Storage Table:

let storageAccount   = CloudStorageAccount.Parse connectionString
let cloudTableClient = storageAccount.CreateCloudTableClient()
let cloudTable       = cloudTableClient.GetTableReference(tableName);

// ** EXCEPTION THROWN ON LINE BELOW **
let! exists = cloudTable.ExistsAsync() |> Async.AwaitTask

Exception:

Unexpected response code, Expected:OK or NotFound, Received:Forbidden

Thoughts:

I thought I needed to add the Function App permission: Storage Data Table Contributor.

Steps:

1. In Azure Portal, navigate to the Function App that is observing the security issue
2. Select Access Control (IAM) in Navigation pane
3. Select Role Assignments tab on page
4. Click Add button
5. Attempt to enter "Storage Data Table Contributor"

Note that "Storage Data Table Contributor" is not found.

Conclusion:

In conclusion, I do not know how to resolve the security access exception for a Function App that does not appear to be authorized to access an Azure Storage Table.

References:

https://learn.microsoft.com/en-us/azure/storage/common/authorize-data-access

https://learn.microsoft.com/en-us/azure/storage/tables/authorize-access-azure-active-directory

Azure Function App Read/Write to table storage – InvalidAuthenticationInfoContent