Azure Function App failing to access the Key Vault Secrets

Sumeetha Mogasati 126 Reputation points
2022-08-22T09:41:51.11+00:00

Hi,

  • Function App (Premium Plan) is whitelisted by adding the function app Subnet to the Key Vault network firewall.
  • Within the Key Vault, the access policy is created with all (Secrets) permissions for the Function App to access Secrets stored within the Key Vault.
  • During the publishing of the Function App, the configuration is done for the Key Vault, where the Key vault connection string is stored in the Function App - App Settings.

During the execution, Function App failed to access the Secrets stored within the Key Vault with the exception copied below.
233502-azkv.png

Below is the copied source code used to access the secrets from the Function App.

public async Task<string> GetSecretValue(string keyvault, string strIdentifier)  
        {  
            string value = "";  
            AzureServiceTokenProvider azureServiceTokenProvider = new AzureServiceTokenProvider();  
            var keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));  
              
            var secretBundle = await keyVaultClient.GetSecretAsync("https://" + strIdentifier + ".vault.azure.net/secrets/" + keyvault).ConfigureAwait(false);  
            value = secretBundle.Value;              
            Console.WriteLine(value);  
            return value;  
        }  

Unfortunately, during the debugging process function app uses my identity, works as expected and throws no exceptions. After publishing the function app, the exception mentioned above is thrown, which is time-consuming to troubleshoot.

I would greatly appreciate any help. Thanks

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,451 questions
Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
5,929 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.