1

I have following setup in my azure. I have Private network setup. in which my azure functions are running. I am using managed identity to access KeyVault information.

so far i have tried creating private endpoint, added system identity in azure function. added same user with proper role assignment in key vault, Updated IP address from Custom domain section in azure function to add in Key Vault's Firewalls and Virtual Network section, updated all nuget packages in my project. but none of those approach resolved Error:

Azure.Identity.AuthenticationFailedException: ManagedIdentityCredential authentication failed: Service request failed - 400 Bad Request

Also, My code is using ManagedIdentityCredential for credentials. but nothing is working.

e2eDev
  • 301
  • 4
  • 12

1 Answers1

0
  • the error you are getting is an auth error make sure that there is no logical error in your code. I used the following code
var credential = new ManagedIdentityCredential();
            var client = new SecretClient(new Uri("https://<KEY_VAULT_NAME>.vault.azure.net/"), credential);
            var secret = await client.SetSecretAsync("secretName", "secretValue");
            var d = await client.GetSecretAsync("secretName");

The system assigned identities are turned on

  • If you are allowing only specific ip addresses to pass through the firewall then I might not work as azure function is serverless technology where ip addresses are bound to change depending upon scenario.
  • so you will have to allow the entire virtual net on which the function is configured.

enter image description here

Select existing virtual network and add the existing vnet and don't use private endpoint.

Mohit Ganorkar
  • 1,917
  • 2
  • 6
  • 11