Azure Functions on ACA - Where are the keys? #2637
Description
Issue description
I tried to explore Azure Function on ACA but was unable to get anything other than the ANONYMOUS auth mode to work.
The blueprint was generated using func init --python --docker
Following files are not the default.
function_app.py:
@app.function_name(name="HttpTrigger1")
@app.route(route="req")
def main(req):
user = req.params.get("user")
return f"Hello, {user}!"Running the function locally using func start works fine.
Now to the problematic part - both deployed on Azure as well as when running locally with --enableAuth I am unable to get the keys to authenticate my requests against $HOST/api/req.
Optimally the keys would be stored in an Azure Secret Vault and not a random Blob Store (why is that even the default?).
I tried setting following variables in the local settings as well as in the env of the workload, but it did not work.
"AzureWebJobsStorage": "UseDevelopmentStorage=true"- only used locally, not set on the workload"AzureWebJobsSecretStorageType": "keyvault""AzureWebJobsSecretStorageKeyVaultUri": "https://VAULT_NAME.vault.azure.net"
How am I supposed to handle auth here? Transitioning to Azure Function not on ACA is not an option.
Steps to reproduce
- Copy the
function_app.pyfile - Deploy
- Try to run
Expected behavior
I would expect the keys to be present in the KeyVault.
Actual behavior
There were no keys in the KeyVault.
Screenshots
Imagine a 401 Screenshot here