Azure Functions
An Azure service that provides an event-driven serverless compute platform.
Powershell Azure Function throws EXCEPTION: Connect-AzAccount : An attempt was made to access a socket in a way forbidden by its access permissions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 16%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
Roman Muntyanu
1
Reputation point
Hi
I have Powershell Azure function which is called directly by logic app as one of the steps in the workflow. Authentication was established by using system assigned managed identity approach and all was working.
I needed to refactor the way how this function app is called as the function was long running and implemented orchestration durable function approach. Now I call the function from another Azure function using HttpClient using the code below
var authenticationContext = new AuthenticationContext($"https://login.microsoftonline.com/{tenantId}");
var clientCredential = new ClientCredential(clientId, clientSecret);
AuthenticationResult authenticationResult = await authenticationContext.AcquireTokenAsync(audienceId, clientCredential);
_client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", authenticationResult.AccessToken);
HttpResponseMessage result = await _client.PostAsync(url, null);
I successfully passed authentication and execution reached the code in the function but it throws exception when it reaches the line Connect-AzAccount -Identity in my profile.ps1 file
EXCEPTION: Connect-AzAccount : An attempt was made to access a socket in a way forbidden by its access permissions
Both functions have system Assigned managed identity. I assigned "Contributor" role to the caller function with a scope of the function
that I am calling.
I read posts about similar issue but for the case when User assigned managed identity was used which is not in my case.
Any tips/help would be appreciated
Thanks,
Romanm
Azure Functions
Windows for business | Windows Server | User experience | PowerShell
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 68%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
JayaC-MSFT 5,606 Reputation points2020-07-29T12:27:33.56+00:00 @RomanMuntyanu-7199 I have tried to replicate the issue with both the system and user assigned managed identity. I am afraid i couldn't replicate the issue and did not encounter the mentioned exception.
Hence, I wish to engage with you offline for a closer look and provide a quick and specialized assistance, please send an email with subject line “Attn:Jaya” to AzCommunity[at]Microsoft[dot]com referencing this thread along with the function app resource name, function names, subscription ID, failed invocation ID’s and timeframe (UTC) of the issue.
-
JayaC-MSFT 5,606 Reputation points
2020-07-30T19:26:12.723+00:00 @RomanMuntyanu-7199 Could you please share the required details in an email as mentioned in the previous comment , so that we could connect over an offline session to understand the issue better and conclude quickly?
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 44%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIP%3C/text%3E%3C/svg%3E)
Igor Pavicevic 1 Reputation point2020-09-10T07:37:40.137+00:00 I have the same issue using an user managed identity, might I send you an e-mail, too?
Sign in to comment
Sign in to answer