azureazure-functionsazure-keyvaultazure-managed-identity

MSINotEnabled - Can't use KeyVault Reference in Azure Function


I'm trying to use a User Assign Managed Identity to retrieve access in KeyVault reference in Azure Function.

enter image description here

I'm following this doc https://learn.microsoft.com/en-us/azure/app-service/app-service-key-vault-references?tabs=azure-cli#:~:text=you%20haven%27t%20already.-,Configure,-the%20app%20to to reference the keyvault in the application configuration.

I followed these steps:

  1. Created User Assign Managed Identity.

  2. Created a policy in Keyvault and gave permissions GET and LIST to User Assign Managed Identity.

  3. Set the User Assign Managed Identity in Azure Function Identity

  4. Set properties application setting like this:

Any thoughts on this?


Solution

  • just found that when the keyVaultReferenceIdentity property is created in the Function using the portal our IaC (App Settings), it doesn't recognize the User Assigned identity as the one to authenticate in KeyVault, but if you run the PATCH described in the following link using PowerShell, it works.

    https://learn.microsoft.com/en-us/azure/app-service/app-service-key-vault-references?tabs=azure-powershell#access-vaults-with-a-user-assigned-identity

    it should be enough to the reference to KeyVault works