question

BhakuniPriyankaCW-1103 avatar image
0 Votes"
BhakuniPriyankaCW-1103 asked MayankBargali-MSFT edited

Azure function App: HTTP and Queue Trigger Connection parameter


 public static void Run([QueueTrigger("myqueue-items", 
                                    Connection = "QueueStorage")]string myQueueItem, ILogger log)

Considering, the above sample code, I have placed the connection string "QueueStorage" in the Configuration setting in the portal. This configuration setting uses a key-vault to fetch the primary connection string from secrets.
Now the issue is, currently we are storing both primary and secondary connection strings in the key vault. I have created two variables in the Configuration setting to fetch primary and secondary connection strings respectively.
The feature which I need to add in my Azure function is in case there is some issue while fetching the primary connection string, I need to pull the secondary connection string.

Is there any way this could be handled in the Connection parameter w.r.t the above code, considering in the Connection parameter, I can place only one Configuration setting related variable?

Thanks a lot for the help here.

azure-functionsazure-key-vault
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

BhakuniPriyankaCW-1103 avatar image
0 Votes"
BhakuniPriyankaCW-1103 answered MayankBargali-MSFT edited

Thanks a lot, for the help. I actually followed below two references which helped in my scenario.

https://github.com/Azure/azure-functions-host/issues/6423
https://gist.github.com/paulbatum/c301e8ca07b2561db91030a1566383fa

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@BhakuniPriyankaCW-1103 Thanks for your response. I have convert your comment to answer. Feel free to "Accept as Answer" so it can help community members.

1 Vote 1 ·
MayankBargali-MSFT avatar image
0 Votes"
MayankBargali-MSFT answered MayankBargali-MSFT converted comment to answer

@BhakuniPriyankaCW-1103 Unfortunately you cannot define two connection string to the same trigger. There is no out of box feature that can help with your scenario.
You need to write your custom logic and use REST API to update the properties.appSettings with the primary or secondary connection string for your configuration property that you are using in your code.

Note: Any changes to applications settings and connection strings will restart your application

If you don't want to use the connection string then you can refer to Using Managed Identity between Azure Functions and Azure Storage sample.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you for the response.

The managed identity option seems promising, but I cannot find a straightforward way to achieve it from the Queue Trigger.
I have added the managed identity and the corresponding roles which are needed in the Azure portal. Post this addition, I am able to find a way to access the storage account from inside the Queue Trigger but I am still unsure what should be the value of the connection parameter in this case.
How the connection parameter could be changed to get the benefit of the managed identity

0 Votes 0 ·
MayankBargali-MSFT avatar image MayankBargali-MSFT BhakuniPriyankaCW-1103 ·

@BhakuniPriyankaCW-1103 Managed Identity is more towards allows your app to easily access other Azure AD-protected resources such as Azure Key Vault etc.
The sample talks about the HTTP trigger for operation on storage account. If you are looking specifically looking to use the Queue Trigger or any other function available trigger (service bus, event hub, eventgrid etc.) then it is not possible as the connection string is used by the function runtime and there is no out of box feature for the same. As you have mentioned about HTTP trigger so I misunderstood that you also want to see the option with Http Trigger with storage operation therefor shared the managed identity option.

0 Votes 0 ·