How do I list the keys of an azure function app using the listKeys ARM function?
My template:
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {},
"resources": [],
"outputs": {
"referenceOutput": {
"type": "object",
"value": "[listkeys(resourceId('Microsoft.Web/sites/functions', 'my-function-app','my-function'),'2016-08-01').key]"
}
}
And then run with:
az group deployment create -g my-rg --template-file ./arm.json --mode incremental
Error:
No route registered for '/api/functions/my-function/listkeys?api-version=2016-08-01'
Try following template.
"outputs": {
"FunctionAppName": {
"type": "string",
"value": "[parameters('functionName')]"
},
"Key": {
"type": "string",
"value": "[listsecrets(resourceId('Microsoft.Web/sites/functions', parameters('existingFunctionAppName'), parameters('functionName')),'2015-08-01').key]"
},
"Url": {
"type": "string",
"value": "[listsecrets(resourceId('Microsoft.Web/sites/functions', parameters('existingFunctionAppName'), parameters('functionName')),'2015-08-01').trigger_url]"
}
}
More information about this please refer to this question.
You also could use Function App Api to list this.
GET /admin/functions/{functionname}/keys
If you use bash shell, you could use the following example.
TENANT=""
CLIENT_ID=""
CLIENT_SECRET=""
SUBSCRIPTION_ID=""
RESOURCE_GROUP="shuiapp"
FUNCTION_APP_NAME="shuifunction"
API_URL="https://$FUNCTION_APP_NAME.scm.azurewebsites.net/api/functions/admin/token"
SITE_URL="https://$FUNCTION_APP_NAME.azurewebsites.net/admin/functions/HttpTriggerPowerShell1/keys"
### Grab a fresh bearer access token.
ACCESS_TOKEN=$(curl -s -X POST -F grant_type=client_credentials -F resource=https://management.azure.com/ -F client_id=$CLIENT_ID -F client_secret=$CLIENT_SECRET https://login.microsoftonline.com/$TENANT/oauth2/token | jq '.access_token' -r)
### Grab the publish data for the Funciton App and output it to an XML file.
PUBLISH_DATA=$(curl -s -X POST -H "Content-Length: 0" -H "Authorization: Bearer $ACCESS_TOKEN" https://management.azure.com/subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP/providers/Microsoft.Web/sites/$FUNCTION_APP_NAME/publishxml?api-version=2016-08-01)
echo $PUBLISH_DATA > publish_data.xml
### Grab the Kudu username and password from the publish data XML file.
USER_NAME=$(xmlstarlet sel -t -v "//publishProfile[@profileName='$FUNCTION_APP_NAME - Web Deploy']/@userName" publish_data.xml)
USER_PASSWORD=$(xmlstarlet sel -t -v "//publishProfile[@profileName='$FUNCTION_APP_NAME - Web Deploy']/@userPWD" publish_data.xml)
### Generate a JWT that can be used with the Functions Key API.
JWT=$(curl -s -X GET -u $USER_NAME:$USER_PASSWORD $API_URL | tr -d '"')
### Grab the '_master' key from the Functions Key API.
KEY=$(curl -s -X GET -H "Authorization: Bearer $JWT" $SITE_URL | jq -r '.value')
This approach for retrieving keys appears to be an issue right now per an announcement on Azure Wiki.
I have had luck using a scripted version that is built around a call similar to this:
az rest --method post --uri "/subscriptions/%subscriptionId%/resourceGroups/%resourceGroup%/providers/Microsoft.Web/sites/%webAppName%/host/default/listKeys?api-version=2018-11-01" --query functionKeys.default --output tsv
The original blog post that I got this info from is here.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With