Azure Functions
Azure Functions is an event driven, compute-on-demand experience that extends the existing Azure application platform with capabilities to implement code triggered by events occurring in other Azure services, SaaS products, and on-premises systems. With Azure Functions, your applications scale based on demand and you pay only for the resources you consume. Azure Functions provides an intuitive, browser-based user interface allowing you to create scheduled or triggered pieces of code implemented in a variety of programming languages.
-
Support Service Bus trigger with use of SAS token
In our company we are using Service Bus with a framework that deals out the SAS tokens to queues. These tokens are living for few days only and concern hierarchical queues (eg. queue name could be productA/event-type-B/subtypeC) and only Listen policy.
This would mean that listening on a different level then root level of namespace would be needed.
Best if also the whole connection to SB described by this token would be separate object from the Function, so we could modify it (by altering with new SAS token/whole connection string) without modifying the Function code (as API Connections in Logic…24 votesI believe in our latest SDK versions you should be able to use connection strings specific to a single queue / listen-only. These connection strings are stored in app settings and can be updated / rolled without having to modify or redeploy the code. Believe this would be sufficient today? Not sure if anything blocking anymore
-
authentication
Allow authentication to Azure functions with accounts that have MFA enabled.
Currently, if you use functions as middleware for a non-authenticated client app (like wasm blazor), there is no way to authenticate to a function middleware layer if your account is MFA enabled. This could be either a) having some kind of ms auth phone-like app connection to do the auth or 2) to do pre-auth like is done with logic apps and some of the connectors (e.g. twitter).
I think this could take any of a number of forms, but is definitely a current limitation when integrating serverless applications.
1 voteIt’s unclear exactly what is breaking in the example scenario. MFA as a feature of AAD can work here, especially if the public client is using one of the identity SDKs for login. Is this specific to a given provider, or more around a general pattern?
There are patterns in Durable Functions for dealing with human interaction flows if looking to build your own MFA flow: https://docs.microsoft.com/en-us/azure/azure-functions/durable/durable-functions-overview?tabs=csharp#human
-
Add RPC support for Azure Functions
RPC support for Azure functions to allow compile-time verification of RPC calls. As it is, HTTP trigger endpoints are not verifiable at compile-time.
1 voteWaiting for more feedback in the comments to assign this item
Alex
Azure Functions PM Team -
Built-in role for Azure functions
There is now built-in role Azure functions. I would like see soem built-in role for Azure Functions. For example,
- Developer Role
- Platform Admin role
- Read-only role
- Security role.
is there any roadmap for built-in role for Azure Functions.
1 voteI believe the request here is for roles like an equivalent of “Web App Contributor” which adjusts specific permissions different from the standard “Contributor” Role.
It’s a valid request, but currently unplanned. Please keep the votes coming, and it would be great to get some examples of what proposed roles might look like.
Do remember that you can always create custom roles: https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles
-
Allow High Density scaling Azure Function in Container on a single Elastic Plan Instance
I have an Azure Function in a linux container running on the Elastic Service Plan.
Currently I can not scale the number of containers of the same azure function container within the same Elastic Service Plan.
It would be great to have this as I need my Azure Function to run in isolation, but still want to be able to scale to multiple container instances.
I have lots of room to spare in the Elastic Service Plan, but currently the only way to scale, is scaling to multiple elastic plan instances.
In short I would like to be able to…
1 voteI’m not sure I understand what you’re requesting.
Today in the Premium Linux plan your application will run multiple concurrent executions in the same container, then when that container reaches its CPU or memory limits another container will be added automatically.Can you provide more detail on the bottleneck you’re experiencing?
-
Durable Functions Workflow fixes support
Workflows on Durable Functions is great until you make some bug in it. And when you do (not "if you do") make a bug, it may result in thousands or even millions of workflows in inappropriate state, or waiting for never-happen events, or just hang in some infinite loop - there are a lot of ways things can go wrong.
And we need some way to recover the system from those mistakes. Cancellation is one option (AFAIK, it still doesn't support cancelling sub-orchestrators and activities, so not very useful anyway), but workflows sometimes may take days or months to get…1 voteAre you able to resolve these issues by fixing the underlying problem and rewinding the orchestration? https://docs.microsoft.com/en-us/azure/azure-functions/durable/durable-functions-instance-management?tabs=csharp#rewind-instances-preview
- Anthony -
Expose StorageClientFactory or QueueProcessorFactory to enable triggering on client-side-encrypted queues
With WebJobs, a custom StorageClientFactory can set an EncryptionPolicy in the DefaultRequestOptions such that encrypted queue messages are transparently decrypted when triggering a WebJob.
Alternatively, the EncryptionPolicy can be set on a queue by queue basis using a custom QueueProcessorFactory.
If these, or a more general way to modify the JobHostConfiguration were provided, then we would be able to store the storage connection string in Azure KeyVault and use client side encryption with Azure Functions apps.
1 voteMarking to needs feedback per below:
Nothing planned but still curious on this one. I think the ask is that you could decrypt on trigger. I expect trigger would work today but you’d have to have decrypt in code per execution. Is hope to decrypt before execution? – Jeff
- Don't see your idea?