You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When deploying with mvn clean package azure-functions:deploy, I keep getting this error:
[ERROR] Failed to execute goal com.microsoft.azure:azure-functions-maven-plugin:1.36.0:deploy (default-cli) on project contoso-functions: deploy to Function App with resource creation or updating: AzureToolkitRuntimeException: If you are using a StorageSharedKeyCredential, and the server returned an error message that says 'Signature did not match', you can compare the string to sign with the one generated by the SDK. To log the string to sign, pass in the context key value pair 'Azure-Storage-Log-String-To-Sign': true to the appropriate method call.
[ERROR] If you are using a SAS token, and the server returned an error message that says 'Signature did not match', you can compare the string to sign with the one generated by the SDK. To log the string to sign, pass in the context key value pair 'Azure-Storage-Log-String-To-Sign': true to the appropriate generateSas method call.
[ERROR] Please remember to disable 'Azure-Storage-Log-String-To-Sign' before going to production as this string can potentially contain PII.
[ERROR] Status code 403, "<?xml version="1.0" encoding="utf-8"?><Error><Code>KeyBasedAuthenticationNotPermitted</Code><Message>Key based authentication is not permitted on this storage account.
[ERROR] RequestId:e58527e9-801e-006f-3fc2-50078a000000
[ERROR] Time:2024-12-17T20:30:13.9011558Z</Message></Error>"
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
az login
azd init --template azure-functions-java-flex-consumption-azd
azd env set SKIP_VNET true
azd up
This gives me a function with a user managed identity on the flex consumption plan. Deploying with azd does work fine:
azd deploy
Then I updated the pom.xml to deploy with maven instead:
<?xml version="1.0" encoding="UTF-8" ?>
<projectxmlns="http://maven.apache.org/POM/4.0.0"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.contoso</groupId>
<artifactId>contoso-functions</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>jar</packaging>
<name>Azure Java Functions</name>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>17</java.version>
<azure.functions.maven.plugin.version>1.36.0</azure.functions.maven.plugin.version>
<azure.functions.java.library.version>3.1.0</azure.functions.java.library.version>
<functionAppName>func-api-j6iykckw56zem-functions</functionAppName>
</properties>
<dependencies>
<dependency>
<groupId>com.microsoft.azure.functions</groupId>
<artifactId>azure-functions-java-library</artifactId>
<version>${azure.functions.java.library.version}</version>
</dependency>
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-storage-queue</artifactId>
<version>12.24.0</version>
</dependency>
<!-- Test -->
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter</artifactId>
<version>5.11.0-M2</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-identity</artifactId>
<version>1.14.2</version>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId>
<version>5.12.0</version>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.1</version>
<configuration>
<source>${java.version}</source>
<target>${java.version}</target>
<encoding>${project.build.sourceEncoding}</encoding>
</configuration>
</plugin>
<plugin>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-functions-maven-plugin</artifactId>
<version>${azure.functions.maven.plugin.version}</version>
<configuration>
<auth><type>azure_cli</type></auth>
<!-- function app name -->
<appName>${functionAppName}</appName>
<!-- function app resource group -->
<resourceGroup>rg-azfuncqueuetest</resourceGroup>
<!-- function app service plan name -->
<appServicePlanName>plan-j6iykckw56zem</appServicePlanName>
<!-- function app region--><!-- refers https://github.com/microsoft/azure-maven-plugins/wiki/Azure-Functions:-Configuration-Details#supported-regions for all valid values -->
<region>northeurope</region>
<!-- function pricingTier, default to be consumption if not specified --><!-- refers https://github.com/microsoft/azure-maven-plugins/wiki/Azure-Functions:-Configuration-Details#supported-pricing-tiers for all valid values -->
<pricingTier>Flex Consumption</pricingTier>
<!-- Whether to disable application insights, default is false --><!-- refers https://github.com/microsoft/azure-maven-plugins/wiki/Azure-Functions:-Configuration-Details for all valid configurations for application insights-->
<disableAppInsights>false</disableAppInsights>
<runtime>
<!-- runtime os, could be windows, linux or docker-->
<os>linux</os>
<javaVersion>17</javaVersion>
</runtime>
<appSettings>
<property>
<name>FUNCTIONS_EXTENSION_VERSION</name>
<value>~4</value>
</property>
</appSettings>
<deploymentStorageResourceGroup>rg-azfuncqueuetest</deploymentStorageResourceGroup>
<storageAuthenticationMethod>UserAssignedIdentity</storageAuthenticationMethod>
<userAssignedIdentityResourceId>id-api-j6iykckw56zem</userAssignedIdentityResourceId>
<deploymentStorageContainer>deploymentpackage</deploymentStorageContainer>
<deploymentStorageAccount>stj6iykckw56zem</deploymentStorageAccount>
</configuration>
<executions>
<execution>
<id>package-functions</id>
<goals>
<goal>package</goal>
</goals>
</execution>
</executions>
</plugin>
<!--Remove obj folder generated by .NET SDK in maven clean-->
<plugin>
<artifactId>maven-clean-plugin</artifactId>
<version>3.1.0</version>
<configuration>
<filesets>
<fileset>
<directory>obj</directory>
</fileset>
</filesets>
</configuration>
</plugin>
</plugins>
</build>
</project>
Triggering the deployment with maven:
az login
mvn clean package azure-functions:deploy
This results in the above error on the deployment goal (the clean and package steps work fine):
[ERROR] Status code 403, "<?xml version="1.0" encoding="utf-8"?><Error><Code>KeyBasedAuthenticationNotPermitted</Code><Message>Key based authentication is not permitted on this storage account.
I tried many variations in this pom (e.g. using the client id for userAssignedIdentityResourceId) but no matter what, I end up with this error.
According to this error, the maven build is not honoring the user based identity authentication. The authentication itself is most likely ok with proper roles for the user assigned identity, because the deployment with azd deploy does work and - from my understanding - is using the same authentication (azure cli and user assigned identity) so I am not sure what is going on.
The text was updated successfully, but these errors were encountered:
When deploying with
mvn clean package azure-functions:deploy, I keep getting this error:Steps to reproduce
I created a flex consumption based project by following these instructions: https://github.com/Azure-Samples/azure-functions-java-flex-consumption-azd
This gives me a function with a user managed identity on the flex consumption plan. Deploying with
azddoes work fine:Then I updated the
pom.xmlto deploy with maven instead:Triggering the deployment with maven:
This results in the above error on the deployment goal (the clean and package steps work fine):
I tried many variations in this pom (e.g. using the client id for userAssignedIdentityResourceId) but no matter what, I end up with this error.
According to this error, the maven build is not honoring the user based identity authentication. The authentication itself is most likely ok with proper roles for the user assigned identity, because the deployment with
azd deploydoes work and - from my understanding - is using the same authentication (azure cli and user assigned identity) so I am not sure what is going on.The text was updated successfully, but these errors were encountered: