2

Related to this tutorial (Using PowerShell Modules in Azure Functions) I can run PowerShell in my Function Apps. right now I want to run this PowerShell tutorial from microsoft (Build your first Azure data factory using Azure PowerShell). In first step I should run this PowerShell codes:

PowerShell Login-AzureRmAccount
PowerShell Get-AzureRmSubscription
#Run the following command to select the subscription that you want to work with. This subscription should be the same as the one you used in the Azure portal. 
PowerShell Get-AzureRmSubscription -SubscriptionName <SUBSCRIPTION NAME> | Set-AzureRmContext

problem is that this tutorial is for using PowerShell in Local machine (using PoserShell from Windows), but I need to run this tutorial using Function Apps, then I need to change the scenarios...
can you please guide me how I should change or use Login-AzureRmAccount and Get-AzureRmSubscription?

Improve this question

2 Answers 2

Reset to default
3

By default, Login-AzureRmAccount does an interactive login, which won't work in an Azure Function. Instead, you'll need to log in using a Service Principal, e.g.

Login-AzureRmAccount -ServicePrincipal -ApplicationId  "http://my-app" -Credential $pscredential -TenantId $tenantid

Azure PowerShell docs have more info on this.

As for selecting the subscription, there is no difference between doing it interactively or in a Function.

Please do keep in mind that PowerShell is an experimental language in Azure Functions, and is not fully supported.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Azure function is one kind of app service and only owns limited permission. If you want to Login Azure with it, you may need to using Azure Keyvault and Service Principle to help you login Azure automatically. There are main steps you need to do:

  1. Using powershell to create self-signed certificate and export it to local

  2. Use powerhshell to create a service principal for signing in automatically

  3. Upload the self-signed Certificate Thumbprint and configure SSL (Upload the PFX file) for the azure function

  4. Create a keyvault and set the access policy for service principal

  5. Create azure function app, then use self-signed certificate thumbprint , appid and other information in the azure function to sign in automatically. Last you can use cmdlet Get-AzureKeyVaultSecret to retrieve the contents of the certificate and rebuild the certificate.

You can refer to this article to create Azure Keyvault and Service Principle. Then you can use powershell in your Function App to login Azure automatically.

After Adding powershell to your Function App and configure all settings, you can run these scripts:Login-AzureRmAccount -ServicePrincipal -CertificateThumbprint $certThumbprint -ApplicationId $appId -TenantId $tenantId

enter image description here

See more details about Azure Service Principle in this document.

This blog can also be helpful to you.

NOTE:The self-signed certificate needs to be imported into the azure function through the portal and configured with WEBSITE_LOAD_CERTIFICATES in the app setting

Improve this answer

1 Comment

Hi, @Reza Amya , Did try this solution? May I know if your issue has resolved?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.