It can be challenging to run locally an azure function using managed identity instead of connection strings. To do so, you have to follow these steps:
[FunctionName("EmailFunction")] public Task RunAsync([QueueTrigger("emails", Connection = "Storage")] string user, ILogger log) {
return _emailService.Send(user);
}
- The attribute Connection in the QueueStorage attribute indicates that we are grabbing the connection string from the application settings (local.settings.json in case of local development)
- The local.settings.json file should look like the following
{
"IsEncrypted": false,
"Values": {
"AzureWebJobsStorage__blobServiceUri": "https://[YOUR_STORAGE_ACCOUNT_NAME].blob.core.windows.net",
"AzureWebJobsStorage__queueServiceUri": "https://[YOUR_STORAGE_ACCOUNT_NAME].queue.core.windows.net",
"AzureWebJobsStorage__tenantId": “[APP_REGISTRATION_TENANT_ID]”,
"AzureWebJobsStorage__clientId": "[APP_REGISTRATION_CLIENT_ID]”,
"AzureWebJobsStorage__clientSecret": “[APP_REGISTRATION_CLIENT_SECRET]”,
"Storage__queueServiceUri": "https://[YOUR_STORAGE_ACCOUNT_NAME].queue.core.windows.net",
"Storage__tenantId": "[APP_REGISTRATION_TENANT_ID]",
"Storage__clientId": "[APP_REGISTRATION_CLIENT_ID]",
"Storage__clientSecret": "[APP_REGISTRATION_CLIENT_SECRET]”,
"FUNCTIONS_WORKER_RUNTIME": "dotnet"
}
}
- Replace [YOUR_STORAGE_ACCOUNT_NAME] by the name of the storage account you have created in step 3
- Replace [APP_REGISTRATION_TENANT_ID] by the tenant id of the app registration created in step 1
- Replace [APP_REGISTRATION_CLIENT_ID] by the client id of the app registration created in step 1
- Replace [APP_REGISTRATION_CLIENT_SECRET] by the client id of the app registration created in step
Enjoy