stackoom
  简体   繁体   中英

Using User Managed Identity in Azure function Service Bus triggers not working

 原文  2022-02-01 07:56:54       azure/ azure-functions/ azureservicebus/ azure-managed-identity

Question

I have a function that uses Service bus trigger and wanted to use "User Managed Identity". I couldn't get this working even after following all the config settings. Below is the config I am using:

The Function trigger looks like: 

public static async Task Run([ServiceBusTrigger("myqueue", Connection = "ServiceBusUsrIdty")] ServiceBusReceivedMessage[] servBusRcvMsg, ILogger log)

In the App settings:

ServiceBusUsrIdty__fullyQualifiedNamespace = <service bus namespace>.servicebus.windows.net
ServiceBusUsrIdty__clientId = <client id of the user managed identity>
ServiceBusUsrIdty__credential = "managedidentity"

With the above setting, I couldn't get it working and I then added the below as well but no luck AzureWebJobsServiceBusUsrIdty = "Endpoint=sb://.servicebus.windows.net/;Authentication=ManagedIdentity"

I am using the package: Azure.Messaging.ServiceBus v7.5.1 The User managed identity is added in the Function App settings and it was granted "Contributor" access in the service bus

What else am I missing to get this working? The documentation from Microsoft doesn't sufficient details though.

3 answers

solution1
 1  2022-02-09 10:11:07

There is slight syntax mistake in the Service Bus connection stored in the ' AzureWebJobsServiceBusUsrIdty '.

It means the connection string must have a space between " Managed " and " Identity ", ie

Endpoint=sb://myendpoint.servicebus.windows.net/;Authentication=Managed Identity

Include the space for the Authentication value as shown above and run the function.

Refer here for more information

solution2
 1  2022-02-17 15:02:24

I don't believe you should need anything other than your ServiceBusUsrIdty__fullyQualifiedNamespace setting. I have a .net 6 Azure Function that is connecting to Service Bus without issue with just that setting. Within your code you should only need to reference "ServiceBusUsrIdty" in the Connection parameter of the ServiceBus attribute, eg Connection = "ServiceBusUsrIdty" . The "__fullyQualifiedNamespace" in essence tells the library that you are using Managed Identity.

Do you have Identity turned on for the Function and have you granted that Managed Identity access to Service Bus via one of the roles under Access control (IAM), eg "Azure Service Bus Data Receiver" and "Azure Service Bus Data Owner"?

solution3
 0  2022-02-22 05:21:37

You will need to add " Azure Service Bus Data Receiver " role.

Also check what version of the sdk you are using, you will need Microsoft.Azure.WebJobs.Extensions.ServiceBus Version="5.2.0" or higher

These resources might help.

Azure Service Bus trigger for Azure Functions

Azure Functions developer guide

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to debug Azure Function triggered by Service Bus that uses Managed Identity Authenticated REST API call to Azure Service Bus using Managed Identity Managed Service Identity not working as expected in Azure Function Azure Government Service Bus Managed Identity Trying to use Managed Identity with Azure Service Bus Azure Function Service Bus - Managed Identity - Service Bus account connection string What is the correct format of connectionstring for Azure Service Bus when using Managed Identity for my App Service? How to properly add health check for azure service bus when using managed identity (and rebus) Call Azure Function from Data Factory using Managed Service Identity Azure Function App Azure Service Bus trigger triggers twice
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM