User assigned managed identity in azure functions throwing value cannot be null
Question
I have a http post azure functions that is created using power shell 6.2. It requires access to azure key vault to retrieve secrets. It works perfectly when I assign system assigned managed identity. However, getting the attached error whilst executing with user assigned managed identity.
What I have done so far.
- Created a user assigned managed identity under azure managed identity service.
- Added a contributor role in my KeyVault Access control(IAM) -> in the assign access drop down I chose user assigned managed identity.
- Also, in the KeyVault access policy section, added newly created user assigned identity with get and list secret permissions
- Finally added the new user assigned managed identity in the azure function's identity tab.
I have read that user assigned managed identity requires clinet_id but no idea where to configure it in the azure function's post request.
2 answers
solution1
0 2020-03-25 10:36:32
Using the REST protocol, you can refer to this article to append a clientid query parameter like this,
GET /MSI/token?resource=https://vault.azure.net&api-version=2017-09-01&clientid=xxxx
With SDK, you can specify the clientid in the connection string, refer to https://docs.microsoft.com/en-us/azure/key-vault/service-to-service-authentication#connection-string-support
solution2
0 ACCPTED 2020-03-25 18:20:13
PowerShell 函数的解决方法在这里: https : //github.com/Azure/azure-functions-host/issues/5797#issuecomment-601864473
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.