Sometimes we may want to programmatically turn our Azure Functions off or on or do other management tasks with them. This post will show you how you can Manage Azure Functions with Managed Identity Logic Apps.
What you’ll need:
- Azure Function
- Logic App
- Azure Active Directory (pretty much always included now right?)
Setup Managed Identity Logic App
This assumes you’ve already created your Logic App. Once created, go into it and under Settings click on Identity, then toggle the Status to On.
Once setup you can see the Application registration under Azure Active Directory. Then select all Applications under Manage and select All Applications drop down under Application Type.
Add Logic App Identity to Azure Function
Azure Functions don’t really follow the layout of the Azure portal. To add the Logic App Identity open your Azure Function, then select Platform Features then All Settings.
Once that opens we have something that conforms to the Azure portal layout. Next click on Access control (IAM) and then Add a role assignment.
Then, give it Contributor role, Assign access to Logic App then search for your Logic App and select it.
Add Logic App Step to Manage Azure Function
As of writing the only action that can use Managed Identity is HTTP Post. For my purpose I’m using a Logic App to start and stop an Azure Function at certain times. Triggered from on a Azure Monitor Log Search Alert that I’ll talk about in a later post.
Under Authentication select Managed Identity.
To stop the Azure Function we’ll use https://management.azure.com/subscriptions/subscriptionID/resourceGroups/azurefunctionresourcegroupname/providers/Microsoft.Web/sites/SolarDailyMonitor/stop?api-version=2015-08-01
To start the Azure Function we’ll use https://management.azure.com/subscriptions/subscriptionID/resourceGroups/azurefunctionresourcegroupname/providers/Microsoft.Web/sites/SolarDailyMonitor/start?api-version=2015-08-01
Using Managed Identity Logic Apps, there are a number of tasks that can be performed. All of the API Management Tasks for Azure Functions are located here https://docs.microsoft.com/en-us/rest/api/appservice/webapps/listapplicationsettings