System-assigned identity
If we don’t want to use to store any credentials in code, we can use a system assigned managed identity which is restricted to one per resource and is tied to the lifecycle of this resource. We can grant permissions to the managed identity by using Azure role-based access control (Azure RBAC). Alos, the managed identity is authenticated with Azure AD.
...
We can assign via PowerShell : Run the Update-AzFunctionApp -IdentityType command to create a system-assigned identity for a function app.
| Code Block | ||
|---|---|---|
| ||
Update-AzFunctionApp -Name $functionAppName -ResourceGroupName $resourceGroupName -IdentityType SystemAssigned |