Reputation: 47
Can you use a Managed Identity to access an Azure Function from an Azure App Service?
I have created an Azure Function that is called by a single Azure Web App I also created. I want to secure the Azure Function to only allow the Azure Web App to call it. I know how to do it by creating an App Registration and passing ClientID and Secrets. But I was wondering if I can do it by using the Azure Web App's Service Identity. That way I do not need to maintain the ClientID and Secrets. Any advice would be appreciated. Thank you.
Upvotes: 1
Views: 844
Answers (1)
Reputation: 16138
As noted in the comments, you can use MSI for this.
As an alternative approach you could also lock it down on the network layer by integrating the App Service into a VNET and lock down incoming traffic on the Function to that one subnet of the App Service.
Upvotes: 1
Related Questions
- Unable to use 'User-managed identity' with Azure Function App
- Azure - System Assigned Managed Identities for Function App
- Using managed identities to invoke a http triggered function app inside another function app
- Can you assign a user Managed Identity for individual functions in a Function App?
- User assigned managed identity with azure function - is it possible?
- Is it possible to enable Managed Identity between Azure function and Azure Web API?
- Is managed identity available for communication between API Management service and Azure functions?
- Use Azure Managed Identities for service to service calls
- Can Managed Identity of a Azure Function have access across multiple subscriptions?
- Azure Function connectivity with app service which has windows authentication