How to Configure Azure Functions Consumption Plan to use System Assigned Managed Identity with underlinig Storage Account

Question

After creating an Azure Functions with a Consumption Plan and a System Assigned Managed Identity linked to the underlying Storage Account, the Function displays a warning: 'Storage is not configured properly, Function scaling will be limited.'

• Managed Identity (System Assigned) is enabled for the Function with the Consumption Plan.
• I have already checked the Storage Account and the Permissions.
• The Storage Account is available in the same region and same resource group.
• The Azure Functions Identity has been assigned the 'Storage Blob Data Owner' role.

In the Function configuration, under application settings, I use:

• AzureWebJobsDashboard__accountName with the Storage account name
• AzureWebJobsStorage__accountName with the Storage account name

I do not use (as it is required for Premium plan functions) in the application settings:

• WEBSITE_CONTENTAZUREFILECONNECTIONSTRING
• WEBSITE_CONTENTSHARE

The troubleshooting document at https://learn.microsoft.com/en-us/azure/azure-functions/functions-recover-storage-account#storage-account-was-deleted suggests using WEBSITE_CONTENTAZUREFILECONNECTIONSTRING and WEBSITE_CONTENTSHARE, but other blogs and MS Learn resources do not include this.

The setup works when I switch to the Storage Account Key, but not with the System Assigned Managed Identity.

Is there anything else I am missing?

Thanks,

Michael

Answer 1

Hi @Schneider, Michael

Appears you're experiencing the issue outlined in https://github.com/MicrosoftDocs/azure-docs/issues/86604. Using a managed identity with a Consumption isn't currently supported. The workaround currently is to utilize storage keys. I see that referenced GitHub issue went unanswered. I'll raise this concern with the product group and provide an update.