Unable to change the status of Managed Identity to On in Azure Function

Question

Hello: I want to allow my Azure Function access to my Key Vault, but I'm unable to change the status of Identity to On. I click the On switch, I click Save, and I click Yes to confirm the change. The controls are grayed out (disabled) while it executes the action. In the upper-right corner I'm notified with "Enabling system assigned managed identity", but the action never completes and the controls stay disabled. When I navigate away from the page and return, the status is still Off. I've attempted to set the status to On many times allowing it to run for many hours, even over-night, but nothing changes; the action continues to run while the controls stay disabled. How can this be resolved? I need my function app to have key vault access. Thanks

Answer 1

@Charles Woodruff Thanks for reaching out. Can you please validate the below steps:

1. Want to confirm whether you have the "Owner" or "Contributor" role on the subscription or resource group that contains the Azure Function to perform this operation or the granular permission on your resource group?
2. Make sure that you are using a version of the Azure Function that supports system-assigned managed identities. System-assigned managed identities are supported in version 2.x and later of the Azure Function
3. There could be intermittent issue in azure portal if you have already validated the above first two points. If you are not able to enable the system-assigned managed identity for your Azure Function from azure portal, then please try using PowerShell to enable it. You can use the Set-AzWebApp cmdlet to enable the system-assigned managed identity for your Azure Function.

Set-AzWebApp -ResourceGroupName <resource-group-name> -Name <function-app-name> -AssignIdentity $true

In case if the above didn't help then please share the latest operation ID and timeframe in UTC along with the session ID from portal (ctrl + alt + d) so I can review and assist you further.