Azure Powershell function - Ongoing least privilege access to Azure Storage Table

Copper Contributor

Hi,

 

I have an Azure Powershell function that needs to access and update data in an Azure Storage table. To avoid issues in the future I only want the function to have the least amount of privileges needed on the table.

 

I can define those privileges as an Azure AD custom role and apply that to the Azure Function Managed Identity. When I use New-AzStorageContext I can't see a way of using the Managed Identity. Including -UseConnectedAccount causes the function to fail.

 

I'm after any suggestions on the best way of resolving this. I have looked at the Azure Storage token options but they only seem to grant temporary access.

 

Michael

1 Reply