search

Azure-Samples / azure-functions-flex-consumption-samples

Samples for Azure Functions Flex Consumption
MIT License
32 stars 21 forks source link

Include integration with a virtual network in the templates #41

Open Yvand opened 1 month ago

Yvand commented 1 month ago

This issue is for a: (mark with an x)

- [ ] bug report -> please search issues before submitting
- [x] feature request
- [ ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)

Minimal steps to reproduce

Use the Bicep sample to deploy an Azure Functions Flex Consumption. In the storage account, ensure that public network access is deactivated, and add your own public IP to the list On your PC, create a simple functions project and try to publish it using this command: func azure functionapp publish <funcAppName> It fails with this error:

Received Token using system assigned identity
Failed to upload because Azure Storage responded with Forbidden : Response status code does not indicate success: 403 (This request is not authorized to perform this operation.)..
Failed to upload blob package to storage account with Error: Response status code does not indicate success: 403 (This request is not authorized to perform this operation.).

Expected/desired behavior

I can fix this issue if I create a virtual network, associate it with the Azure functions app, and add that virtual network to the list of authorized networks in the storage account.

Mention any other details that might be useful

For security reasons, public network access is deactivated on my storage account (and using managed identity is mandatory), hence this feature request.
Thank you for providing those useful templates.

nzthiago commented 1 month ago

Good feedback, we can include a basic bicep sample that also includes VNet. Meanwhile, all the starter templates mentioned here include VNet integration. The .NET and Java (currently, we'll update the others) have an optional parameter to skip VNet but by default they include the VNet. Here's a copy of the samples just in case:

Yvand commented 1 month ago

@nzthiago actually I submitted a pull request to HTTP (TypeScript | Node 20) to include it: https://github.com/Azure-Samples/functions-quickstart-typescript-azd/pull/6