I have a web application where "Azure Storage connection string" is passed as an environment variable in docker-compose file.
The problem is that Azure Storage is only related with a few features of the app, and if invalid connection string was passed, we won't noticed it until relevant functions failed in production.
I have tried entrypoint.sh for the app container. It seems to be a great place to check environment variables. But I cannot find a solution to validate "Azure Storage connection string" in this script.
Is it possible to validate "Azure Storage connection string" before making the app up & running?
Related
Lately I've had trouble with deploying a Function App via Azure CLI. Last week on Tuesday, I was still able to deploy a Function App via Azure CLI.
This week, like any other day before that, I used fairly common Azure Function Tools command func azure functionapp publish. The version of Azure Function Tools I am using is 3.0.3233.
Now I am getting this error every time:
Retry: 1 of 3
Error creating a Blob container reference. Please make sure your connection string in "AzureWebJobsStorage" is valid
Retry: 2 of 3
Error creating a Blob container reference. Please make sure your connection string in "AzureWebJobsStorage" is valid
Retry: 3 of 3
Error creating a Blob container reference. Please make sure your connection string in "AzureWebJobsStorage" is valid
I checked that AzureWebJobsStorage setting has a correct value, I even connected to storage account connection string via Azure Storage Explorer app.
Just in case, I created a new Function App in another region and I still get the same error.
Has anyone else encountered this error? I suspect this is an error in the tool itself, maybe a faulty build?
I suspect that AzureWebJobsStorage is not present/invalid in App Settings section of the function app in the Azure portal.
Make sure that it is added there and you are not deleting those settings through CLI/templates and recreating them without AzureWebJobsStorage.
I answer to my own question. It seems that this was a transient error. Without changing any code, today I was able to redeploy my function app. Cheers.
If you don't have "Allow storage account key access" enabled , you get this error.
There could be other scenarios as well. But the error does not say anything .
I have configured my WebAPI to get Azure Storage connection string out of Azure KeyVault using Managed Identity.
For that, I have created an Azure AD dedicated user, which is given permission to get/list secrets from Azure KeyVault. I then assigned this user to my AZURE_USERNAME environment variable and I have configured Visual Studio to use this account.
It all works fine as long as I run the WebAPI in IIS Express when I debug from Visual Studio. However I want to run the WebApi from my local IIS when I debug in Visuall Studio.
What am I missing here ? I suspect it is because local IIS does not run with the configured user above, but what would be the workaround ?
The error I get is
AzureServiceTokenProviderException: Parameters: Connection String: [No connection string specified], Resource: https://vault.azure.net, Authority: https://login.windows.net/some_id. Exception Message: Tried the following 3 methods to get an access token, but none of them worked.
In the end I created a dedicated service principal in azure ad which is then added to my applications's users. This service principal is referenced by the environment variable on the dev machine.
I have made progress on this and it is now working in local IIS but...
to make it work, I added the following environment variables:
as documented here
However it means this only works for ONE Service Principal at a time. What if I want all of my local WebApi running at the same time (which is the case) in the local IIS. How can I handle that with DefaultAzureCredential ?
Another solution is to create an AzureServiceTokenProvider instance by passing a connection string parameter that will specify the tenant and application secret.
var azureServiceTokenProvider = new AzureServiceTokenProvider("RunAs=App;AppId=2ad1fe1f-d93f-4973-a1e5-e7019638b90a;TenantId=your-tenant-here.onmicrosoft.com;AppKey=your-app-secret-here");
In such a way there is no more need to use the environment variables.
Check it here
I made a Web API service that I published on Azure. I want to be able to write to my blob storage from this service, so I need to add an environment variable for the storage connection string. In the Console (under Development Tools of the app service) I write the command:
D:\home\site\wwwroot>setx AZURE_STORAGE_CONNECTION_STRING "<MyConnectionString>"
But I get the message:
Error: Access to the registry path is denied
You can set the connection string in the portal by navigating to the Configuration section of the web app and add a new Key with named "AZURE_STORAGE_CONNECTION_STRING" and the value
or set the connection string using the CLI command,
az webapp config connection-string set --connection-string-type {ApiHub, Custom, DocDb, EventHub, MySql, NotificationHub, PostgreSQL, RedisCache, SQLAzure, SQLServer, ServiceBus}
[--ids]
[--name]
[--resource-group]
[--settings]
[--slot]
[--slot-settings]
[--subscription]
I have WebJobs running under my Azure Web App. For Web App you can set that the Web App will use remote connection strings (that you setup on Azure portal).
Is it possible to do the same for WebJobs?
So they would be looking for remote connection string instead of using a connections string from (for example) "app.config".
Could you add the connection string as Web Config value that can be accessed by either the site or webjob?
Further more details you could refer to this blog:Configuring Azure Web Jobs.
The main steps are as follows:
Install CloudConfigurationManager package Microsoft.WindowsAzure.ConfigurationManager
Set your connection strings to the app setting.
Retrieve connection string using the CloudConfigurationManager:
var myConnectionString = CloudConfigurationManager.GetSetting("MyConnectionString");
I found out that a connection string setup on Azure Portal overwrites connection string with the same name in .config files. Which means that no additional setup is required.
Azure Portal Connection string takes priority over local *.config connection string.
I successfully tested this.
I created an Azure Function App in Visual Studio 2015. The App has a trigger for service bus queues. The app works perfectly when I run it locally. It is able to read the data from the Service Bus queue (configured via a variable named AzureSBConnection) and log it in my database.
But it gives me the following error when deployed in Azure:
Function ($ServiceBusQueueTriggerFunction) Error: Microsoft.Azure.WebJobs.Host: Error indexing method 'Functions.ServiceBusQueueTriggerFunction'. Microsoft.Azure.WebJobs.ServiceBus: Microsoft Azure WebJobs SDK ServiceBus connection string 'AzureWebJobsAzureSBConnection' is missing or empty.
Note that my connection is called AzureSBConnection and not AzureWebJobsAzureSBConnection. Also, the connection works locally. And finally, the deployed file looks exactly like the local file.
The Visual Studio structure looks like the following:
The function.json file has a bunch of settings as shown below:
Then in the Appsettings.json file, I have the following:
For deploying, I FTPed the files to the D:\home\site\wwwroot location for my Function App in Azure. The final structure in Kudu looks like:
And if I go inside my function folder:
Here is the deployed function.json:
And here is the deployed appsettings:
The deployed json files are exactly the same as the local files. But the deployed version is erroring out because of the missing AzureWebJobsAzureSBConnection. What am I doing wrong?
Only environment variables are supported for app settings and connection strings.
You need to make sure that the environment variable AzureWebJobsAzureSBConnection is set on your Function's app settings in the portal:
and then once there, you need to add the AzureWebJobsAzureSBConnection variable with the proper connection string:
and then you can access this via code by:
Environment.GetEnvironmentVariable(name, EnvironmentVariableTarget.Process);
This will obtain the value from either the appsettings.json or the environment variable depending on where the function is being executed from, (local debugging or deployed on Azure)
It is able to read the data from the Service Bus queue (configured via a variable named AzureSBConnection) But it gives me the following error when deployed in Azure:
After you deployed your application to Azure Function, your application will read the connection string from environment setting. Currently, connection settings in appsettings.json will not update environment setting automatically. We could click [Configure app settings] button as #flyte mentioned to check whether the connection string is configured successfully. If not, you could add it manually in app setting box.
Note that my connection is called AzureSBConnection and not AzureWebJobsAzureSBConnection
Please go to [Integrate] page to check whether the [Service Bus connection] is configured successfully. If not, you could reset it by clicking the [new] link.