0

I've been developing a handful of azure functions and have came across an issue with the way azure functions is handling sensitive data. e.g. passport numbers

My function takes this data and sends it to a reglatory body for approval.

This works fine locally, however, when depolyed it seems that azure functions is altering the variable this is stored in and the request fails.

I 100% want to avoid outputing personal information into logs so it makes it difficult to debug. Due to it working locally, I'm confident that the problem lies within how Azure Functions is handing such things.

RossPerry
  • 7
  • 2
  • I'm confident that Azure Functions does not modify variable contents withouth explicitly being told to do so. Can you post some code showing the way you set and modify the variables – Peter Bons Mar 15 '23 at 11:58
  • You have to supply something more than what you have. Code and a sample payload is the only thing that will allow us to properly help you. – Skin Mar 15 '23 at 20:10
  • All I really needed was a yes or no. What peter says makes 100% sense but my issue was driving me crazy. I found out that I needed to change UNMASK permissions from the account I was using to access our database. – RossPerry Mar 29 '23 at 11:08

1 Answers1

0

Does Azure Functions automatically change variables that contain sensitive data?

  • I do agree with @Peter Bons that Variables containing sensitive data are not automatically changed by Azure Functions.

  • It is the developer's who need to ensure that sensitive data is handled securely and code given to only required users.

  • Azure Functions provides several secure ways to handle sensitive data, such as using Azure Key Vault to store and retrieve secrets, using environment variables to store sensitive data, and using managed identities to securely access Azure resources.

  • You can also use Configuration Section to store data.

For further you can refer this worked by me.

RithwikBojja
  • 5,069
  • 2
  • 3
  • 7