Using Managed Service Identity in Azure Functions to Access Azure SQL Database

Managed Service Identity (MSI) in Azure is a fairly new kid on the block. What it allows you to do is keeping your code and configuration clear of keys and passwords, or any kind of secrets in general. Let’s say you have an Azure Function accessing a database hosted in Azure SQL Database. Often, developers put credentials for SQL Server authentication into the Function’s application settings in terms of a connection string. That takes sensitive information out of the code, but still quite often, configuration is checked into source control. Wouldn’t it be great to manage credentials completely outside of the application realm and push that responsibility to the platform? That’s what MSI allows you to do and this post describes how to go about it.

Continue reading