I have an Azure Powershell function that needs to access and update data in an Azure Storage table. To avoid issues in the future I only want the function to have the least amount of privileges needed on the table.
I can define those privileges as an Azure AD custom role and apply that to the Azure Function Managed Identity. When I use New-AzStorageContext I can't see a way of using the Managed Identity. Including -UseConnectedAccount causes the function to fail.
I'm after any suggestions on the best way of resolving this. I have looked at the Azure Storage token options but they only seem to grant temporary access.