0

I am new to Azure Functions and I want to create a queue trigger Function to consume the items in specific queue. But when I create queue trigger function in vscode, it keeps show that I lack some permissions.

The client 'live.com#***@gmail.com' with object id '***' does not have authorization to perform action 'Microsoft.Storage/storageAccounts/listKeys/action' over scope '/subscriptions/**/resourceGroups/***/providers/Microsoft.Storage/storageAccounts/***' or the scope is invalid. If access was recently granted, please refresh your credentials.

The permissions I am now obtaining for this queue are as follows: permissions I have for this queue

The permissions I am now obtaining for the storage account are as follows: permissions I have for this storage account

I am confused that which kind of permissions I need to create a queue triggered function to consume items in specific queue?

Thank you!

superDu
  • 67
  • 9

1 Answers1

0

When creating a function from VS Code using the Azure SDK, it will try to get the access key of the storage: by default this how you can authenticate to the storage. The error you're receiving is saying that you don't have permission to list the storage access keys.

From this documentation, these are the roles that has the Microsoft.Storage/storageAccounts/listkeys/action RBAC action:

Thomas
  • 24,234
  • 6
  • 81
  • 125