After updating to 5.0 Connect-AzAccount is not working properly anymore

[PaulVrugt]

Description

Is there any documentation about what the changes to Connect-AzAccount are? with Az.Account 2 (Azure powershell 5.0) or higher, I cannot login using Connect-AzAccount anywhere anymore. Locally it opens a dialog in which I can login. After login, I get messages stating unable to acquire token for tenant xxx, and all azure powershell methods fail.

On function apps, I can no longer use Connect-AzAccount to connect using a managed identity (system or user defined). The calls succeeds, but 0 subscriptions are listed from Get-AzSubscription. This used to work flawlessly until the azure powershell version in my function app was updated to 5.0. Now my function app simply doesn't work anymore.

What's the deal here?

Steps to reproduce

I'll update this as soon as I am sure i can reproduce the issue in any subscription. I think the function app scenario is easiest to reproduce. This scenario includes:

• Create a function app with powershell support
• Set a user defined managed identity on the function app
• Create a function, and try to login with the user defined managed identity using Connect-AzAccount -Identity -AccountId "<clientid of UDMI>" -SubscriptionId "xxx"

when you leave out the -SubscriptionId it seems to work, but when you then list the available subscription Get-AzSubscription it returns 0 subscriptions.

Environment data

PSVersiontable of function app:

2020-10-30T18:18:26.736 [Information] OUTPUT: Name                           Value
2020-10-30T18:18:26.737 [Information] OUTPUT: ----                           -----
2020-10-30T18:18:26.738 [Information] OUTPUT: PSVersion                      7.0.3
2020-10-30T18:18:26.738 [Information] OUTPUT: PSEdition                      Core
2020-10-30T18:18:26.739 [Information] OUTPUT: GitCommitId                    7.0.3
2020-10-30T18:18:26.740 [Information] OUTPUT: OS                             Microsoft Windows 10.0.14393
2020-10-30T18:18:26.740 [Information] OUTPUT: Platform                       Win32NT
2020-10-30T18:18:26.740 [Information] OUTPUT: PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
2020-10-30T18:18:26.741 [Information] OUTPUT: PSRemotingProtocolVersion      2.3
2020-10-30T18:18:26.741 [Information] OUTPUT: SerializationVersion           1.1.0.1
2020-10-30T18:18:26.742 [Information] OUTPUT: WSManStackVersion              3.0

Module versions

Available modules on the function app

2020-10-30T18:23:59.531 [Information] OUTPUT: ModuleType Version    PreRelease Name                                PSEdition ExportedCommands
2020-10-30T18:23:59.532 [Information] OUTPUT: ---------- -------    ---------- ----                                --------- ----------------
2020-10-30T18:23:59.533 [Information] OUTPUT: Script     5.0.0                 Az                                  Core,Desk
2020-10-30T18:23:59.535 [Information] OUTPUT: Script     2.1.0                 Az.Accounts                         Core,Desk {Disable-AzDataCollection, Disable-AzCon…
2020-10-30T18:23:59.536 [Information] OUTPUT: Script     1.1.1                 Az.Advisor                          Core,Desk {Get-AzAdvisorRecommendation, Enable-AzA…
2020-10-30T18:23:59.537 [Information] OUTPUT: Script     2.0.0                 Az.Aks                              Core,Desk {Get-AzAksCluster, New-AzAksCluster, Rem…
2020-10-30T18:23:59.538 [Information] OUTPUT: Script     1.1.4                 Az.AnalysisServices                 Core,Desk {Resume-AzAnalysisServicesServer, Suspen…
2020-10-30T18:23:59.573 [Information] OUTPUT: Script     2.1.0                 Az.ApiManagement                    Core,Desk {Add-AzApiManagementApiToGateway, Add-Az…
2020-10-30T18:23:59.575 [Information] OUTPUT: Script     1.1.0                 Az.ApplicationInsights              Core,Desk {Get-AzApplicationInsights, New-AzApplic…
2020-10-30T18:23:59.576 [Information] OUTPUT: Script     1.4.0                 Az.Automation                       Core,Desk {Get-AzAutomationHybridWorkerGroup, Remo…
2020-10-30T18:23:59.577 [Information] OUTPUT: Script     3.1.0                 Az.Batch                            Core,Desk {Remove-AzBatchAccount, Get-AzBatchAccou…
2020-10-30T18:23:59.578 [Information] OUTPUT: Script     2.0.0                 Az.Billing                          Core,Desk {Get-AzBillingInvoice, Get-AzBillingPeri…
2020-10-30T18:23:59.579 [Information] OUTPUT: Script     1.6.0                 Az.Cdn                              Core,Desk {Get-AzCdnProfile, Get-AzCdnProfileSsoUr…
2020-10-30T18:23:59.580 [Information] OUTPUT: Script     1.8.0                 Az.CognitiveServices                Core,Desk {Get-AzCognitiveServicesAccount, Get-AzC…
2020-10-30T18:23:59.581 [Information] OUTPUT: Script     4.6.0                 Az.Compute                          Core,Desk {Remove-AzAvailabilitySet, Get-AzAvailab…
2020-10-30T18:23:59.582 [Information] OUTPUT: Script     1.0.3                 Az.ContainerInstance                Core,Desk {New-AzContainerGroup, Get-AzContainerGr…
2020-10-30T18:23:59.583 [Information] OUTPUT: Script     2.0.0                 Az.ContainerRegistry                Core,Desk {New-AzContainerRegistry, Get-AzContaine…
2020-10-30T18:23:59.585 [Information] OUTPUT: Script     1.1.0                 Az.DataBoxEdge                      Core,Desk {Get-AzDataBoxEdgeJob, Get-AzDataBoxEdge…
2020-10-30T18:23:59.587 [Information] OUTPUT: Script     1.0.1                 Az.Databricks                       Core,Desk {Get-AzDatabricksVNetPeering, Get-AzData…
2020-10-30T18:23:59.678 [Information] OUTPUT: Script     1.11.0                Az.DataFactory                      Core,Desk {Set-AzDataFactoryV2, Update-AzDataFacto…
2020-10-30T18:23:59.682 [Information] OUTPUT: Script     1.0.2                 Az.DataLakeAnalytics                Core,Desk {Get-AzDataLakeAnalyticsDataSource, New-…
2020-10-30T18:23:59.684 [Information] OUTPUT: Script     1.2.8                 Az.DataLakeStore                    Core,Desk {Get-AzDataLakeStoreTrustedIdProvider, R…
2020-10-30T18:23:59.685 [Information] OUTPUT: Script     1.0.0                 Az.DataShare                        Core,Desk {New-AzDataShareAccount, Get-AzDataShare…
2020-10-30T18:23:59.688 [Information] OUTPUT: Script     1.1.0                 Az.DeploymentManager                Core,Desk {Get-AzDeploymentManagerArtifactSource, …
2020-10-30T18:23:59.689 [Information] OUTPUT: Script     2.0.0                 Az.DesktopVirtualization            Core,Desk {Disconnect-AzWvdUserSession, Get-AzWvdA…
2020-10-30T18:23:59.690 [Information] OUTPUT: Script     1.0.2                 Az.DevTestLabs                      Core,Desk {Get-AzDtlAllowedVMSizesPolicy, Get-AzDt…
2020-10-30T18:23:59.691 [Information] OUTPUT: Script     1.1.2                 Az.Dns                              Core,Desk {Get-AzDnsRecordSet, New-AzDnsRecordConf…
2020-10-30T18:23:59.692 [Information] OUTPUT: Script     1.3.0                 Az.EventGrid                        Core,Desk {New-AzEventGridTopic, Get-AzEventGridTo…
2020-10-30T18:23:59.692 [Information] OUTPUT: Script     1.7.0                 Az.EventHub                         Core,Desk {New-AzEventHubNamespace, Get-AzEventHub…
2020-10-30T18:23:59.693 [Information] OUTPUT: Script     1.6.1                 Az.FrontDoor                        Core,Desk {New-AzFrontDoor, Get-AzFrontDoor, Set-A…
2020-10-30T18:23:59.693 [Information] OUTPUT: Script     2.0.0                 Az.Functions                        Core,Desk {Get-AzFunctionApp, Get-AzFunctionAppAva…
2020-10-30T18:23:59.693 [Information] OUTPUT: Script     4.0.0                 Az.HDInsight                        Core,Desk {Get-AzHDInsightJob, New-AzHDInsightSqoo…
2020-10-30T18:23:59.694 [Information] OUTPUT: Script     1.1.0                 Az.HealthcareApis                   Core,Desk {New-AzHealthcareApisService, Remove-AzH…
2020-10-30T18:23:59.694 [Information] OUTPUT: Script     2.6.0                 Az.IotHub                           Core,Desk {Add-AzIotHubKey, Get-AzIotHubEventHubCo…
2020-10-30T18:23:59.695 [Information] OUTPUT: Script     3.0.0                 Az.KeyVault                         Core,Desk {Add-AzManagedHsmKey, Get-AzManagedHsmKe…
2020-10-30T18:23:59.695 [Information] OUTPUT: Script     1.0.0                 Az.Kusto                            Core,Desk {Add-AzKustoClusterLanguageExtension, Ad…
2020-10-30T18:23:59.696 [Information] OUTPUT: Script     1.3.2                 Az.LogicApp                         Core,Desk {Get-AzIntegrationAccountAgreement, Get-…
2020-10-30T18:23:59.696 [Information] OUTPUT: Script     1.1.3                 Az.MachineLearning                  Core,Desk {Move-AzMlCommitmentAssociation, Get-AzM…
2020-10-30T18:23:59.697 [Information] OUTPUT: Script     1.1.0                 Az.Maintenance                      Core,Desk {Get-AzApplyUpdate, Get-AzConfigurationA…
2020-10-30T18:23:59.697 [Information] OUTPUT: Script     2.0.0                 Az.ManagedServices                  Core,Desk {Get-AzManagedServicesAssignment, New-Az…
2020-10-30T18:23:59.698 [Information] OUTPUT: Script     1.0.2                 Az.MarketplaceOrdering              Core,Desk {Get-AzMarketplaceTerms, Set-AzMarketpla…
2020-10-30T18:23:59.698 [Information] OUTPUT: Script     1.1.1                 Az.Media                            Core,Desk {Sync-AzMediaServiceStorageKey, Set-AzMe…
2020-10-30T18:23:59.698 [Information] OUTPUT: Script     2.2.0                 Az.Monitor                          Core,Desk {Get-AzMetricDefinition, Get-AzMetric, R…
2020-10-30T18:23:59.699 [Information] OUTPUT: Script     4.1.0                 Az.Network                          Core,Desk {Add-AzApplicationGatewayAuthenticationC…
2020-10-30T18:23:59.699 [Information] OUTPUT: Script     1.1.1                 Az.NotificationHubs                 Core,Desk {Get-AzNotificationHub, Get-AzNotificati…
2020-10-30T18:23:59.699 [Information] OUTPUT: Script     2.3.0                 Az.OperationalInsights              Core,Desk {New-AzOperationalInsightsAzureActivityL…
2020-10-30T18:23:59.700 [Information] OUTPUT: Script     1.3.1                 Az.PolicyInsights                   Core,Desk {Get-AzPolicyEvent, Get-AzPolicyState, G…
2020-10-30T18:23:59.700 [Information] OUTPUT: Script     1.1.2                 Az.PowerBIEmbedded                  Core,Desk {Remove-AzPowerBIWorkspaceCollection, Ge…
2020-10-30T18:23:59.702 [Information] OUTPUT: Script     1.0.3                 Az.PrivateDns                       Core,Desk {Get-AzPrivateDnsZone, Remove-AzPrivateD…
2020-10-30T18:23:59.703 [Information] OUTPUT: Script     3.0.0                 Az.RecoveryServices                 Core,Desk {Get-AzRecoveryServicesBackupProperty, G…
2020-10-30T18:23:59.703 [Information] OUTPUT: Script     1.4.0                 Az.RedisCache                       Core,Desk {Remove-AzRedisCachePatchSchedule, New-A…
2020-10-30T18:23:59.704 [Information] OUTPUT: Script     1.0.3                 Az.Relay                            Core,Desk {New-AzRelayNamespace, Get-AzRelayNamesp…
2020-10-30T18:23:59.704 [Information] OUTPUT: Script     3.0.0                 Az.Resources                        Core,Desk {Get-AzProviderOperation, Remove-AzRoleA…
2020-10-30T18:23:59.704 [Information] OUTPUT: Script     1.4.1                 Az.ServiceBus                       Core,Desk {New-AzServiceBusNamespace, Get-AzServic…
2020-10-30T18:23:59.705 [Information] OUTPUT: Script     2.2.0                 Az.ServiceFabric                    Core,Desk {Add-AzServiceFabricClientCertificate, A…
2020-10-30T18:23:59.705 [Information] OUTPUT: Script     1.2.0                 Az.SignalR                          Core,Desk {New-AzSignalR, Get-AzSignalR, Get-AzSig…
2020-10-30T18:23:59.706 [Information] OUTPUT: Script     2.11.1                Az.Sql                              Core,Desk {Get-AzSqlDatabaseTransparentDataEncrypt…
2020-10-30T18:23:59.706 [Information] OUTPUT: Script     1.1.0                 Az.SqlVirtualMachine                Core,Desk {New-AzSqlVM, Get-AzSqlVM, Update-AzSqlV…
2020-10-30T18:23:59.706 [Information] OUTPUT: Script     3.0.0                 Az.Storage                          Core,Desk {Get-AzStorageAccount, Get-AzStorageAcco…
2020-10-30T18:23:59.707 [Information] OUTPUT: Script     1.3.0                 Az.StorageSync                      Core,Desk {Invoke-AzStorageSyncCompatibilityCheck,…
2020-10-30T18:23:59.707 [Information] OUTPUT: Script     1.0.1                 Az.StreamAnalytics                  Core,Desk {Get-AzStreamAnalyticsFunction, Get-AzSt…
2020-10-30T18:23:59.707 [Information] OUTPUT: Script     1.0.0                 Az.Support                          Core,Desk {Get-AzSupportService, Get-AzSupportProb…
2020-10-30T18:23:59.708 [Information] OUTPUT: Script     1.0.4                 Az.TrafficManager                   Core,Desk {Add-AzTrafficManagerCustomHeaderToEndpo…
2020-10-30T18:23:59.709 [Information] OUTPUT: Script     2.0.0                 Az.Websites                         Core,Desk {Get-AzAppServicePlan, Set-AzAppServiceP…
2020-10-30T18:23:59.709 [Information] OUTPUT:
2020-10-30T18:23:59.709 [Information] OUTPUT:     Directory: C:\Program Files (x86)\SiteExtensions\Functions\3.0.14916\workers\powershell\7\Modules
2020-10-30T18:23:59.710 [Information] OUTPUT:
2020-10-30T18:23:59.710 [Information] OUTPUT: ModuleType Version    PreRelease Name                                PSEdition ExportedCommands
2020-10-30T18:23:59.710 [Information] OUTPUT: ---------- -------    ---------- ----                                --------- ----------------
2020-10-30T18:23:59.711 [Information] OUTPUT: Manifest   0.3.0                 Microsoft.Azure.Functions.PowerShe… Core      {Get-OutputBinding, Invoke-ActivityFunct…
2020-10-30T18:23:59.711 [Information] OUTPUT: Manifest   1.2.5                 Microsoft.PowerShell.Archive        Desk      {Compress-Archive, Expand-Archive}
2020-10-30T18:23:59.711 [Information] OUTPUT: Manifest   7.0.0.0               Microsoft.PowerShell.Management     Core      {Add-Content, Clear-Content, Get-Clipboa…
2020-10-30T18:23:59.712 [Information] OUTPUT: Manifest   7.0.0.0               Microsoft.PowerShell.Utility        Core      {Export-Alias, Get-Alias, Import-Alias, …
2020-10-30T18:23:59.712 [Information] OUTPUT: Script     1.4.7                 PackageManagement                   Desk      {Find-Package, Get-Package, Get-PackageP…
2020-10-30T18:23:59.713 [Information] OUTPUT: Script     2.2.4.1               PowerShellGet                       Desk      {Find-Command, Find-DSCResource, Find-Mo…
2020-10-30T18:23:59.713 [Information] OUTPUT: Binary     2.0.3                 ThreadJob                           Desk      Start-ThreadJob

Debug output

Error output

This is the error showing in the function app when running:
Connect-AzAccount -Identity -AccountId "xxx" -SubscriptionId "xxx"
where accountid is a user defined managed identity on the function app. When the system defined managed identity is disabled, the Connect-AzAccount fails with a different error.

2020-10-30T18:19:26.775 [Error] EXCEPTION: The provided account xxx does not have access to subscription ID "xxx". Please try logging in with different credentials or a different subscription ID.Exception             :Type        : System.Management.Automation.PSInvalidOperationExceptionErrorRecord :Exception             :Type    : System.Management.Automation.ParentContainsErrorRecordExceptionMessage : The provided account xxx does not have access to subscription ID "xxx". Please try logging in with different credentials or a different subscription ID.HResult : -2146233087CategoryInfo          : InvalidOperation: (:) [], ParentContainsErrorRecordExceptionFullyQualifiedErrorId : InvalidOperationTargetSite  :Name          : LoginDeclaringType : Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClientMemberType    : MethodModule        : Microsoft.Azure.PowerShell.Cmdlets.Accounts.dllStackTrace  :at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantId, String subscriptionId, String subscriptionName, SecureString password, Boolean skipValidation, Action`1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation)at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass106_1.<ExecuteCmdlet>b__3()at System.Threading.Tasks.Task`1.InnerInvoke()at System.Threading.Tasks.Task.<>c.<.cctor>b__274_0(Object obj)at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback callback, Object state)--- End of stack trace from previous location where exception was thrown ---at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback callback, Object state)at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot, Thread threadPoolThread)--- End of stack trace from previous location where exception was thrown ---at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass106_0.<ExecuteCmdlet>b__0(AzureRmProfile localProfile, RMProfileClient profileClient, String name)at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass111_0.<SetContextWithOverwritePrompt>b__0(AzureRmProfile prof, RMProfileClient client)at Microsoft.Azure.Commands.Profile.Common.AzureContextModificationCmdlet.ModifyContext(Action`2 contextAction)at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.SetContextWithOverwritePrompt(Action`3 setContextAction)at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.ExecuteCmdlet()at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.<>c__3`1.<ExecuteSynchronouslyOrAsJob>b__3_0(T c)at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet, Action`1 executor)at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet)at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord()Message     : The provided account xxx does not have access to subscription ID "xxx". Please try logging in with different credentials or a different subscription ID.Source      : Microsoft.Azure.PowerShell.Cmdlets.AccountsHResult     : -2146233079CategoryInfo          : CloseError: (:) [Connect-AzAccount], PSInvalidOperationExceptionFullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommandInvocationInfo        :MyCommand        : Connect-AzAccountScriptLineNumber : 19OffsetInLine     : 1HistoryId        : 1ScriptName       : C:\home\site\wwwroot\FrontDoorUpdateTimerTrigger\run.ps1Line             : Connect-AzAccount -Identity -AccountId "xxx" -SubscriptionId "xxx"PositionMessage  : At C:\home\site\wwwroot\FrontDoorUpdateTimerTrigger\run.ps1:19 char:1+ Connect-AzAccount -Identity -AccountId "b5dcd3b6-6601-4158-a5b6-893b1 …+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~PSScriptRoot     : C:\home\site\wwwroot\FrontDoorUpdateTimerTriggerPSCommandPath    : C:\home\site\wwwroot\FrontDoorUpdateTimerTrigger\run.ps1InvocationName   : Connect-AzAccountCommandOrigin    : InternalScriptStackTrace      : at <ScriptBlock>, C:\home\site\wwwroot\FrontDoorUpdateTimerTrigger\run.ps1: line 19PipelineIterationInfo :
2020-10-30T18:19:26.900 [Error] Executed 'Functions.FrontDoorUpdateTimerTrigger' (Failed, Id=64631a45-e1de-4353-bbff-2381e6c53970, Duration=15826ms)Result: FailureException: The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: The provided account xxx does not have access to subscription ID "xxx". Please try logging in with different credentials or a different subscription ID.Stack:    at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input)at System.Management.Automation.Runspaces.Pipeline.Invoke()at System.Management.Automation.PowerShell.Worker.ConstructPipelineAndDoWork(Runspace rs, Boolean performSyncInvoke)at System.Management.Automation.PowerShell.Worker.CreateRunspaceIfNeededAndDoWork(Runspace rsToUse, Boolean isSync)at System.Management.Automation.PowerShell.CoreInvokeHelper[TInput,TOutput](PSDataCollection`1 input, PSDataCollection`1 output, PSInvocationSettings settings)at System.Management.Automation.PowerShell.CoreInvoke[TInput,TOutput](PSDataCollection`1 input, PSDataCollection`1 output, PSInvocationSettings settings)at System.Management.Automation.PowerShell.CoreInvoke[TOutput](IEnumerable input, PSDataCollection`1 output, PSInvocationSettings settings)at System.Management.Automation.PowerShell.Invoke[T](IEnumerable input, IList`1 output, PSInvocationSettings settings)at System.Management.Automation.PowerShell.Invoke[T]()at Microsoft.Azure.Functions.PowerShellWorker.PowerShell.PowerShellExtensions.InvokeAndClearCommands[T](PowerShell pwsh) in D:\a\1\s\src\PowerShell\PowerShellExtensions.cs:line 45at Microsoft.Azure.Functions.PowerShellWorker.PowerShell.PowerShellManager.InvokeNonOrchestrationFunction(DurableController durableController, IDictionary outputBindings) in D:\a\1\s\src\PowerShell\PowerShellManager.cs:line 283at Microsoft.Azure.Functions.PowerShellWorker.PowerShell.PowerShellManager.InvokeFunction(AzFunctionInfo functionInfo, Hashtable triggerMetadata, TraceContext traceContext, IList`1 inputData, FunctionInvocationPerformanceStopwatch stopwatch) in D:\a\1\s\src\PowerShell\PowerShellManager.cs:line 226at Microsoft.Azure.Functions.PowerShellWorker.RequestProcessor.InvokeFunction(AzFunctionInfo functionInfo, PowerShellManager psManager, FunctionInvocationPerformanceStopwatch stopwatch, InvocationRequest invocationRequest) in D:\a\1\s\src\RequestProcessor.cs:line 333at Microsoft.Azure.Functions.PowerShellWorker.RequestProcessor.ProcessInvocationRequestImpl(StreamingMessage request, AzFunctionInfo functionInfo, PowerShellManager psManager, FunctionInvocationPerformanceStopwatch stopwatch) in D:\a\1\s\src\RequestProcessor.cs:line 306

[dingmeng-xue]

@PaulVrugt , thanks for reporting.

Since Az.Accounts 2.1, we replaced Azure Directory Authentication Library with Microsoft Authentication Library(MSAL) for authentication. We have found couple issues. One of them are related to MSI user account. We are working it and will provide update soon.

[dcaro]

@PaulVrugt we are working on those issues with the highest priority.
In the meantime, can you take a dependency on Az 4.8 as described on this page:
https://docs.microsoft.com/en-us/azure/azure-functions/functions-reference-powershell?tabs=portal#dependency-management

[erich-wang]

@PaulVrugt , please follow the following steps to workaround:

1. Update requirements.psd1
   Replace the line below

    'Az' = '5.*'

with

    'Az.Accounts' = '1.9.5'
    'Az' = '4.8'

2. Update profile.ps1
   Add one line Import-Module Az.Accounts -RequiredVersion 1.9.5 before any other Azure PowerShell cmdlets, e.g.

if ($env:MSI_SECRET) {
    Import-Module Az.Accounts -RequiredVersion 1.9.5
    Disable-AzContextAutosave -Scope Process | Out-Null
    Connect-AzAccount -Identity -AccountId 'xxxxxxxxxxxx'
}

3. Restart your function app

[erich-wang]

Updated:
We've just released on updated version Az.Accounts 2.1.2 to fix this issue. You should not see this issue anymore if creating new Function App; for existing Function App, please follow steps below if you still see the issue:

1. Update requirements.psd1
   Replace the line below

    'Az' = '5.*'

with

    'Az.Accounts' = '2.1.2'
    'Az' = '5.*'

2. Restart your function app

[PaulVrugt]

@erich-wang thanks for the workaround, I can confirm that it works. I'll try the updated version (2.1.1) later