EventGridTrigger is not working Secure Function App (Register in Azure AD)

Question

Hi Team,

Facing issue in afte function app Authentication.

I created one EventGridTrigger function as per the below code.

[Function("EventBasedTrigger")]
public async Task Run([EventGridTrigger] EventGridEvent eventGridEvent,
[BlobInput("{data.url}", Connection = "demoblobconnection")] string inputBlob, ILogger log, FunctionContext context)
{
_logger.LogInformation("This is test for blob event grid trigger");

}  

Issue: I configured EventGridTopic and EventSubscription filter on my storage account as well. EventGridTrigger is triggering when I am going to upload the file on my StorageAccount/Container if there is no Service Principle configured in my deployed Function App.

But After Service Principle (Azure AD Registration) is configured in my deployed function App, EventBasedTrigger is not working. I added a role as "EventDataSender" for my function app, still not working.

Please help me with this.

Answer 1

@Chandan Kumar Singh ,

Thanks for reaching out to Q&A forum.

As per the Eventgrid documentation, Azure functions is not a supported handler for the AzureAD or MSI authentication methods. For Azure AD and MSI, only webhooks are supported. So I would suggest you to create a http trigger function and expose it as a webhook endpoint. This webhook can be integrated with Azure AD so that the events can be authenticated.

https://learn.microsoft.com/en-us/azure/event-grid/security-authentication#using-azure-active-directory-azure-ad

Feel free to reach out to me if you have any queries or concerns.

Answer 2

hello, yes there is documentation for it:

https://learn.microsoft.com/en-us/azure/event-grid/security-authentication#using-client-secret-as-a-query-parameter

We were having same issue. However I want to check if there is any feature in backlog to support UMI in future?

And does anyone know the EventGrid support team alias? please share..

Thanks,
Apoorva