I created an azure functions premium tier to be able to have proxies on it but when trying to add a proxy I cantThis is what im getting right now !!
As Bowman mentioned in the comments, Azure function based on Linux systems cannot edit proxy on the Azure portal.
You need to create a proxies.json locally and deploy it to the Azure portal. the proxies.json looks like this:
{
"$schema": "http://json.schemastore.org/proxies",
"proxies": {
"proxy1": {
"matchCondition": {
"methods": [ "GET" ],
"route": "/api/{test}"
},
"backendUri": "https://<AnotherApp>.azurewebsites.net/api/<FunctionName>"
}
}
}
Note:
proxies.json is located in the root of a function app directory. For more details, you can refer to this official documentation.
Related
I'm new to azure functions so bear with me.
I'm working on a microservice that will use a blob storage trigger and input/output bindings to process data and write to a database, but I am having trouble with the basic blob storage trigger function. For reference, I am developing in Visual Studio Code using Python with the V2 model of programming as listed in the azure documentation I have installed the Azure functions extension and the azurite extension, but in my local.settings.json I have added the connection string to the Value AzureWebJobStorage and put the Feature Flag and Storage Type.
{
"IsEncrypted": false,
"Values": {
"FUNCTIONS_WORKER_RUNTIME": "python",
"AzureWebJobsStorage": "DefaultEndpointsProtocol=REDACTED;AccountName=REDACTED;AccountKey=REDACTED;EndpointSuffix=core.windows.net",
"AzureWebJobsFeatureFlags": "EnableWorkerIndexing",
"AzureWebJobsSecretStorageType": "files",
"FUNCTIONS_EXTENSION_VERSION": "~4",
"APPINSIGHTS_INSTRUMENTATIONKEY": "REDACTED",
"APPLICATIONINSIGHTS_CONNECTION_STRING": "REDACTED",
"user":"REDACTED",
"host":"REDACTED",
"password":"REDACTED",
"dbname":"REDACTED",
"driver":"REDACTED"
}
}
I had our architect create the necessary resources for me (gen2 Storage Account, function app), and our company has protocols in place for security, meaning the network access is disabled for the storage account and a private endpoint is configured, but not for the function App because the deployment process wouldn't work.
In my function_app.py I have this for the blob trigger.
#app.function_name(name="BlobTrigger1")
#app.blob_trigger(arg_name="myblob", path="samples-workitems/{name}",
connection="")
def test_function(myblob: func.InputStream):
logging.info(f"Python blob trigger function processed blob \n"
f"Name: {myblob.name}\n"
f"Blob Size: {myblob.length} bytes")
Host.json
{
"version": "2.0",
"logging": {
"applicationInsights": {
"samplingSettings": {
"isEnabled": true,
"excludedTypes": "Request"
}
}
},
"extensions": {
"blobs": {
"maxDegreeOfParallelism": 4
}
},
"extensionBundle": {
"id": "Microsoft.Azure.Functions.ExtensionBundle",
"version": "[3.15.0, 4.0.0)"
},
"concurrency": {
"dynamicConcurrencyEnabled": true,
"snapshotPersistenceEnabled": true
}
}
When I run the app locally using
Azurite: Start
func host start
it spits out.
It is also worth noting I have a util folder with simple scripts. They DO NOT FOLLOW THE BLUEPRINT SCHEMA. I don't know if this is the problem or if I can keep doing this, but then functions in them aren't meant to be azure functions, more like helper functions.
Storage account networking
Container view
Azure Function in the cloud. I haven't deployed to this function because it didn't work.
It is very frustrating because I don't know if the problem lies with the way the resource was configured or if it's my mistake with the code I wrote, the way I set this up, or if it's a simple issue with the settings in one of the Json files.
In my app's secrets.json file, I have the following section.
"Serilog": {
"WriteTo": [
{
"Name": "AzureTableStorage",
"Args": {
"storageTableName": "Logging",
"connectionString": "DefaultEndpointsProtocol=xxxxxxxxxxx"
}
}
]
}
I am attempting to deploy to Azure and have added the keys to my app service's configuration like this.
Serilog__WriteTo__Name
Serilog__WriteTo__Args__storageTableName
Serilog__WriteTo__Args__connectionString
However, the application will not start (just shows an errror: "If you are the application administrator, you can access the diagnostic resources.") if I use either of the two longer keys. I have another setting named CosmosConnectionSettings__ContainerName which works fine, so it seems to be a problem with the nesting rather than they key lengths.
The app service is configured to use Linux.
Is there a better way to approach this, and is this limitation documented anywhere?
I think it's not the nesting's fault.
I have test it on my side, here is my secrets.json file:
{
"Serilog": {
"WriteTo": {
"Name": "AzureTableStorage",
"Args": {
"storageBlobName": "1.jpg",
"connectionString": "DefaultEndpointsProtocol=https;AccountName=XXX;AccountKey=XXX;"
}
}
}
}
And I write the value to the endpoint page like this:
Here is the Appsettings in my configuration on portal:
The Appsettings I set works well on azure web app.
My suggestion is:
Check how you use the key AzureTableStorage and connectionString in your scripts.
Test your project on IIS. Actually if it works well on IIS, it should work well on Azure.
I have one web app running on a Azure appservice plan. The web app has a lot of settings defined in Application settings of the Web App. Now I want to replicate that web app with all its Application settings. I got the REST API to list down all the settings available for any web app (/api/settings). Although there is a POST call to add/update the settings , But it is not updating Application settings.
Is there any REST API to add/update the Application settings of Azure web app ?
Thanks,
Abhiram
Is there any REST API to add/update the Application settings of Azure web app ?
Yes, we could update the application setting with the following Update Application Settings REST API
Put https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resource group}/providers/Microsoft.Web/sites/{WebAppName}/config/appsettings?api-version=2016-08-01
Body
{
"id": "subscriptions/{subscriptionId}/resourceGroups/{resource group}/providers/Microsoft.Web/sites/{WebAppName}/config/appsettings",
"name": "appsettings",
"type": "Microsoft.Web/sites/config",
"location": "South Central US",
"tags": {
"hidden-related:/subscriptions/{subscriptionId}/resourceGroups/{groupName}/providers/Microsoft.Web/serverfarms/tomfreePlan": "empty"
},
"properties": {
"WEBSITE_NODE_DEFAULT_VERSION": "6.9.1",
"Test1": "testValue1" //Added value
}
}
Note: we could use the following List Application Settings REST API post way to list the appsetting body.
Post https://management.azure.com/subscriptions/{subscription}/resourceGroups/CXP-{resourceGroup}/providers/Microsoft.Web/sites/{WebAppName}/config/appsettings/list?api-version=2016-08-01
To my knowledge, there is not. But have you considered scripting your Web App settings with an ARM template? This is exactly the kind of thing that ARM templates are intended for.
An example of the properties section of a Web App's ARM template that lets you script appSettings and connectionStrings is listed below:
"properties": {
"name": "YourWebAppsName",
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', YourAppServicePlanName)]",
"siteConfig": {
"appSettings": [
{
"name": "someAppSettingKey",
"value": "someAppSettingValue"
},
{
"name": "someOtherAppSettingKey",
"value": "someOtherAppSettingValue"
}
],
"connectionStrings": [
{
"name": "defautlConnection",
"connectionString": "YourConnectionString",
"type": "2"
},
]
}
When you deploy an ARM template, Azure will ensure that the target resource's settings match what's specified in your template.
Visual Studio has a project type for developing and deploying these. It's the Azure Resource Group project type located under the Cloud node in the project templates.
As an added bonus, you can check these ARM templates into source control alongside your code.
I have created an azure function app in VS 2017.
i've included a proxies.json file and published the app.
However I can't see the proxies in the Azure portal.
All it says is:
Proxies (preview) (Read Only)
I have gone into function settings, and there are no settings to enable proxies. I think that was the old method, (not for developing the function in visual studio)
proxies.json looks like this:
{
"$schema": "http://json.schemastore.org/proxies",
"proxies": {
"user": {
"matchCondition": {
"methods": [ "GET" ],
"route": "/user/{user}"
},
"backendUri": "https://<mycontainer>.blob.core.windows.net/html/test.html/{user}"
}
}
}
Ok I figured it out....
the proxies.json file should have copy to output directory as "copy always" in the properties panel in VS.
I have an azure function app that I would like to set up in repeatable (automated) manner so that I can duplicate it in different environments/resource groups. I'm able to create the function app via the azure cli, but I also need to configure the CORS options such that I can call it from a browser.
I've found where to do that in the azure portal web ui,
in the 'Platform Features' tab(https://learn.microsoft.com/en-us/azure/azure-functions/functions-how-to-use-azure-function-app-settings#cors), but I can't find anything about modifying that setting via azure cli, or by the VSTS deployment task that I've set up to do releases when I change the functions in the app.
It seems you can even specify the CORS setting for local development via the local.settisg.json, but that only applies locally (https://learn.microsoft.com/en-us/azure/azure-functions/functions-run-local#local-settings). Were I deploying the app via the azure function tools cli I could supposedly specify the --publish-local-settings flag when I deploy, but I'm not deploying that way.
It seems like there must be a way to modify the CORS configuration without using the web UI, am I just not finding it?
Fabio's answer is correct, Azure Resource Manager templates work for this. Since the example he linked to was about logic apps and not azure functions, the getting the template right required a few changes and I wanted to add some detail that may help others get there faster.
To craft the template I ended up downloading the automation template from the function app that I created manually, and then deleting stuff until I got to what I think is the minimum. Here's what I'm using:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"function_app_name": {
"defaultValue": "my-function-app",
"type": "string"
}
},
"variables": {},
"resources": [
{
"comments": "CORS allow origins *.",
"type": "Microsoft.Web/sites/config",
"name": "[concat(parameters('function_app_name'), '/web')]",
"apiVersion": "2016-08-01",
"properties": {
"cors": {
"allowedOrigins": [
"*"
]
}
},
"dependsOn": []
}
]
}
I also have a parameters file that goes with this that looks like this:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"function_app_name": {
"value": null
}
}
}
and then I have an Azure Resource Group Deployment step in my release definition that deploys this and substitutes the desired function app name depending on the environment I'm deploying to.
To set CORS settings programatically, you want to use ARM.
Here's an example you can follow: https://msftplayground.com/2016/08/setting-api-definition-url-cors-value-arm/
I tend to favour automating the fucntion CORS entries as part of the deployment (after function app resource has already been built with an ARM template earlier in the pipeline or another pipeline).
Since you can have multiple functions within a function app, I consider the CORS requirements specific to the function being deployed within a function app and I feel any CORS entries should be part of the actual function deployment process.
I use Azure CLI to automate the CORS setup. Please refer to How to set CORS via Automation for Azure Functions
az functionapp cors add --allowed-origins
[--ids]
[--name]
[--resource-group]
[--slot]
[--subscription]
You can also check/display existing entries like this:
az functionapp cors show --name MyFunctionApp --resource-group MyResourceGroup