Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Function identity and storage network access #228

Merged
merged 10 commits into from
Jul 1, 2024
Merged

Function identity and storage network access #228

merged 10 commits into from
Jul 1, 2024

Conversation

mmcfarland
Copy link
Member

Description

The function apps are allocated a subnet in the deployment's vnet, and that vnet is associated with the two storage accounts which the functions communicate with (the host storage account which operates the function, and the image output account). The storage accounts are otherwise restricted from public access. Additionally, access keys were disabled on the storage accounts so the Function App was transitioned to use Managed Identity for accessing hte underlying storage, including during the "remote build".

Two upgrades support this transition: from a Consumption to a Premium App Service Plan and to a more recent version of the Linux Function App.

Builds off of existing PRs:
Supersedes #227
Supersedes #226

@mmcfarland mmcfarland changed the title Function identity and network access Function identity and storage network access Jun 29, 2024
@mmcfarland mmcfarland merged commit cfaf0a8 into main Jul 1, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@elayrocks elayrocks elayrocks approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mmcfarland @elayrocks