Welcome to today’s post.
I will discuss how to secure an Azure function.
The most important reason why we would want to secure our Azure function is that with Azure functions that are http triggered, unauthorized use of the function can lead to high bandwidth, costs, and high CPU usage. In cases where the trigger is used to integrate components of a system, the access should be a priority.
In a previous post, I showed how to deploy an Azure Serverless Function.
I will show how to secure an Azure function that uses Http triggers.
There are two types of keys that can be used to secure functions:
Host keys: These allow access to all functions within a function app.
Function keys: These allow access to individual functions that are defined.
Obtaining a new function key for an Azure function can be done by opening the function app within the Azure portal.
Click on Manage.
The following screen opens:
Select Add a new function key.
Provide a key name. Leave the key field blank as it will be auto generated.
Save the key.
Open the Kudu console.
Browse to the folder containing the function.json file:
Open the function.json file.
Change the authLevel value to function.
Save the change.
Go back to the Function Manage screen.
Copy the function key.
Open a browser. Enter the function URL, appending the route. Submit.
An error should show 401. This is an authentication error.
Now try the following: Enter the function URL, appending the route, then append the following:
?code=[your function key]
The function should return a response.
The Azure functional authentication is working as expected.
That’s all for today’s post.
I hope this post has been informative and useful.
Andrew Halil is a blogger, author and software developer with expertise of many areas in the information technology industry including full-stack web and native cloud based development, test driven development and Devops.