Support for Azure Managed Service Identities in EventHub (and other) triggers
In Event Hub, I can add my Function App's MSI as a data reader, but in the function I cannot use trigger bindings to read from the queue without using a SecureAccess Key. We are trying to go password free wherever possible, and Azure has been promoting this course of action, so why do we need secret keys for reading from the queue? It then forces us to create and share a secret key for partner teams to read from our queue, rather than just permissioning them in Event Hub.
Ben Cassell
shared this idea
This remains unplanned, but is still very much of interest. Please keep the votes coming.
5 comments
-
Ben Dursley
commented
Would love to have this for Service Bus Triggers!
-
Piotr
commented
Hi Azure App Service team.
I just tested it with Azure functions and it still. In my project I see it references Microsoft.Azure.ServiceBus 4.1.1. So will this break in future?
-
Please note that the behavior captured in the post by Arturo was considered unintentional from the SDK team and removed in a later version update. We are working with them to make this formally supported, but right now the instructions in that post may no longer work.
-
Pete@Qualitas
commented
Interested in this across the board, my current need is Storage Queue and SB Subscription Triggers...
(for Queue) just needs to take a TokenCredential and QueueUri as per Azure.Storage.Queues.QueueClient constructor. -
Joey Eng
commented
Thanks, Arturo!