Open thancyya opened 1 year ago
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @AnatoliB, @Francisco-Gamino, @shreyabatra4.
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @AnatoliB, @Francisco-Gamino, @shreyabatra4.
Description
Attempting to add a system managed identity to a function app that already has a user managed identity causes the function app to lose the user managed identity
Prior to adding a system managed identity, the identity parameter of the function app was set to "userassigned"
After running the following command
Update-AzFunctionApp -Name Name -ResourceGroupName ResourceGroupName -IdentityType SystemAssigned
, the output becomes this and it loses the user assignment:However if this is attempted via the Azure Portal, the functionality works as expected, enabling the system managed identity and retaining the user managed identity. Querying the object in PowerShell shows this:
Note that the type changes to "SystemAssignedUserAssigned"
This type is not a supported by the Update-AzFunctionApp cmdlet. The options are SystemAssigned, UserAssigned, None So it does not appear that there is any way to use this cmdlet to allow both a system managed identity and a user managed identity at the same time, as adding one will remove the other.
I would like to use PowerShell to set the system managed identity without removing the user managed identities so that both can be used concurrently
It looks like this affects the webapp cmdlet also as
Set-AzWebApp -AssignIdentity $true -Name FunctionAppExample23 -ResourceGroupName Example-rg
has the same behaviorIssue script & Debug output
Environment data
Module versions
Error output
No response