[英]Azure function can access Key Vault when run locally in visual Studio but not when run on the portal
I am reading values from a key vault in an azure function. When running locally it works.我正在从 azure function 中的密钥保管库中读取值。在本地运行时它有效。 After deploying and running from the portal it give the error.
从门户部署和运行后,它给出了错误。
This is how i am getting the data from key vault:这就是我从 Key Vault 获取数据的方式:
var vaultUrl = Environment.GetEnvironmentVariable("KV_URL");
var client = new SecretClient(vaultUri: new Uri(vaultUrl), credential: new DefaultAzureCredential());
KeyVaultSecret graphSecret = client.GetSecret("val1");
KeyVaultSecret tenantId = client.GetSecret("val2");
KeyVaultSecret clientId = client.GetSecret("val3");
I have created a system assigned identity for the function in the portal and granted it read and list rights on the key vault secrets.我在门户中为 function 创建了一个系统分配标识,并授予它读取和列出密钥保管库机密的权限。
I dont have any logging set up in the function, which could possibly give more information.我没有在 function 中设置任何日志记录,这可能会提供更多信息。 Is application insights the only way to gather information from the function as it runs?
应用程序洞察是从 function 运行时收集信息的唯一方法吗?
Here the Key Vault URL is defined in the local.settings.json
so that you're getting that using Environment.GetEnvironmentVariable
locally .这里的 Key Vault URL 在
local.settings.json
中定义,因此您可以在本地使用Environment.GetEnvironmentVariable
获取它。
When running in the Azure Portal, you have to store this Key Vault URI in the Azure Function App > Configuration > Application settings, then the same code works in Azure also .在 Azure 门户中运行时,您必须将此 Key Vault URI 存储在 Azure Function App > Configuration > Application settings 中,然后相同的代码也可以在 Azure 中运行。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.