function

[SOLVED] Azure Function "Host keys" not created with Terraform

Issue

if I create a Azure Function manually through portal App Keys are created:
enter image description here

If I try the same through terraform:

The Function App

  resource "azurerm_function_app" "resize_images" {
    name                      = format("%s%s%s%s", module.subscription_prefix.prefix, "pfunctionapp", lower(local.environment), "0001")
    location                  = azurerm_resource_group.azure_functions.location
    resource_group_name       = azurerm_resource_group.azure_functions.name
    app_service_plan_id       = module.app_service_plan.id
  
    # AzureRM 1.x needs this
    #storage_connection_string = local.azure_functions_storage_account_primary_connection_string
  
    # AzureRM 2.x needs this
    storage_account_name       = data.azurerm_storage_account.resize_storage.name
    storage_account_access_key = data.azurerm_storage_account.resize_storage.primary_access_key
  
    app_settings = {
      AzureWebJobsDashboard          = data.azurerm_storage_account.resize_storage.primary_connection_string
      AzureWebJobsStorage            = data.azurerm_storage_account.resize_storage.primary_connection_string
      BLOB_STORAGE_CONNECTION_STRING = data.azurerm_storage_account.resize_storage.primary_connection_string
      CONTAINER_NAME = "images"
      FUNCTIONS_EXTENSION_VERSION = "~3"
      WEBSITE_HTTPLOGGING_RETENTION_DAYS = "3"
      WEBSITE_RUN_FROM_PACKAGE = "1"
    }
  
    version = "~3"
  
    tags = local.tags
  }

No App Keys are create:
enter image description here

Within Terraform documentation there is nothing how to create those keys, but you can read them as data.

Could anyone point me to a correct direction how the keys where created?!

Solution

By default, keys are stored in a Blob storage container in the account provided by the AzureWebJobsStorage setting. In your code, the keys indeed were auto-generated on that associated storage account but did not display on the Azure Function app UI.

After my validation, if you remove the WEBSITE_RUN_FROM_PACKAGE = "1" in the app_settings, then you will see default App keys in your Function app. When you add a WEBSITE_RUN_FROM_PACKAGE setting to your function app settings, it enables your function app to run from a package. I think this overrides the default Azure function deployment behavior more or less. Read this for more detials.

Answered By – Nancy Xiong

Answer Checked By – Pedro (BugsFixing Volunteer)

Leave a Reply

Your email address will not be published. Required fields are marked *