The problem is solved: in KeyVault, we haven't added the Azure Function subnet.
Application settings in Azure Fucntion: AccessToKeyVaultDenied
Hello,
To get the connection string of a Azure Storage in Azure Function, we are using the Applicationg Settings in the configuration menu. The problem is that we are receiving the following error:
AccessToKeyVaultDenied --> Key Vault reference was not able to be resolved because site was denied access to Key Vault reference's vault.
In theory, everything is ok.
- In KeyVault, the secrets are well created and we have create an Access Policy for the Azure Function with “Get” and “List” privileges in the Secrets Permission.
- Manage Identity is ON in Azure Function.
- In Azure Function, the Application Settings has the correct syntax, and the references are valid. We have executed the “Diagnose and solve problems” tool to check that.
We are using Azure Function Premium plan, but I must say that this way to access the secrets works before with a Consumption plan.
Do you know what can be the problem here?
Thanks!
EDIT
I have create another Azure Function with Concumption Plan and the Application Settings are working with the same configuration as the Premium one. Is it possible that the Premium Functions works in another way? Hay can we access then to the Secrets in KeyVault?
2 answers
Sort by: Most helpful
-
-
Priyanka Kumari 0 Reputation points Microsoft Employee
2024-03-04T05:09:13.99+00:00 Problem Resolved.
My scenario was my resources web app and key vault attached with private endpoint on same Vnet.
Solution: virtual link was missed from private DNS zone . SO i have attached the vnet to the dnszone virtual link.