findajay
commented
11 months ago @pragnagopa Is there any update on this ticket ?
Open findajay opened 1 year ago
findajay
commented
11 months ago @pragnagopa Is there any update on this ticket ?
findajay
commented
11 months ago We are facing similar permission issue with EventHub as well. Where assigning role on consumer group is not enough for processing of event. Currently, eventhub triggers require the role to be granted on eventhub level, not only on consumer group. This is not optimal for security, different consumers might subscribe to each other's groups
In our recent debugging session on azure function queue trigger, we found out that role Azure Service Bus Data Receiver is not enough to get it working, and we need to explicitly assign Azure Service Bus Data Owner.
This breaks the principle of least privilege and should be looked in.
Package : microsoft.azure.functions.worker.extensions.servicebus extension version : 5.7.0 Function extension : V4 Framwork : Net7.0 Runtime : Linux Mode : Docker container