code for article pfeilbr/azure-functions-playground
learn azure functions.
message(s) in the azure storage queue
Managed Identity for Function in Azure Console
- app settings can be access via environment variables. See Configure function app settings in Azure Functions
- Use Key Vault references to store secrets stored in Key Vault. They are automatically fetched and provided as environment variables to your function.
- see Secure App Settings variables in Azure Functions
- e.g. App Settings Value KeyVault Reference
- Functions have in/out bindings defined in
- To access other azure resources/services from a function, you configure a managed identity on the function app and provide access to Azure resources for that identity using Azure role-based access control. See Azure Services that support managed identities - Azure AD.
- system-assigned managed identity - identity tied to and managed by a specific service. when that service instance is deleted, the identity is deleted with it.
- user-assigned managed identity - not owned by a specific service. lifecycle is fully managed by you. can be assigned to multiple services.
- Azure Durable Functions documentation - lets you write stateful functions in a serverless compute environment. Similar to AWS Step Functions, but implemented as language level library.
- shared access signature (SAS) URLs for granting limited access. Similar to S3 signed URLs. See Grant limited access to data with shared access signatures (SAS) - Azure Storage
A shared access signature is a signed URI that points to one or more storage resources. The URI includes a token that contains a special set of query parameters. The token indicates how the resources may be accessed by the client. One of the query parameters, the signature, is constructed from the SAS parameters and signed with the key that was used to create the SAS. This signature is used by Azure Storage to authorize access to the storage resource.
- Triggers and bindings in Azure Functions
- Azure Functions scale and hosting - covers limits and constraints
- Using Managed Identity between Azure Functions and Azure Storage - Code Samples
- How to use managed identities for App Service and Azure Functions
- Configure function app settings in Azure Functions
- Secure App Settings variables in Azure Functions
- Source Application Settings from Key Vault
Twitter • Reddit