Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature request: export Functions host keys #699

Open
gunzip opened this issue Jan 15, 2018 · 6 comments · May be fixed by #4066

Comments

@gunzip
Copy link

commented Jan 15, 2018

Terraform Version

0.10.6

Affected Resource(s)

azurerm_function_app

Expected Behavior

Should export Functions host keys

Actual Behavior

It only exports id and default_hostnames:
https://www.terraform.io/docs/providers/azurerm/r/function_app.html#attributes-reference

@TsuyoshiUshio

This comment has been minimized.

Copy link
Contributor

commented Jun 9, 2018

Hi @tombuildsstuff , @katbyte

I also want this feature, do you plan to implement this feature?
If not, I'd love to contribute it.

@katbyte katbyte added enhancement and removed new-resource labels Jun 10, 2018

@katbyte

This comment has been minimized.

Copy link
Contributor

commented Jun 10, 2018

Hi @TsuyoshiUshio,

Currently this is not on our short term roadmap so if you were to contribute it would be fantastic 🙂

@TsuyoshiUshio

This comment has been minimized.

Copy link
Contributor

commented Jul 3, 2018

Hi @katbyte, @tombuildsstuff

I have a question for implementing this feature.

I finish investigating how to implement it now ready to code. However, I have one question. This API is not the API of AppService. https://github.com/Azure/azure-functions-host/wiki/Key-management-API

Also, Lifecycle is slight different from the creation of the FunctionApp. The function Key is auto generated for each Azure Functions. Which means process is something like this.

  1. Create a Function App
  2. Deploy Functions on the function app
  3. Get the AdminAccessToken from the AppService API
  4. Retrive the Function Keys (via KeyManagement API)

In this case, we can't fetch the functions key from the function_app resource. We need to create a new resource. However, we don't need to create the new resource. Usually, Terraform resource has Create/Update/Read methods. The new resource (maybe, azure_arm_function_app_keys) only requires Read. If we add something, the API can re-generate the key (I'm not sure we need this or not). In this case, how can I implement that. Just empty implementation of Create/Update with delegate to Read method is right?

@TsuyoshiUshio

This comment has been minimized.

Copy link
Contributor

commented Jul 3, 2018

I might understand. All I need is implement data_source_function_app.go , right? When I contributed this repo last time, you might haven't had it, right? I'll start to create pull request. :)

@lawrencegripper

This comment has been minimized.

Copy link
Contributor

commented Jul 16, 2019

If anyone ends up here looking for a workaround while the API's are updated in the Go SDK to enable this feature I wrote one up here: https://blog.gripdev.xyz/2019/07/16/terraform-get-azure-function-key/

@frankie567

This comment has been minimized.

Copy link

commented Jul 18, 2019

@lawrencegripper You saved my day, your solution works perfectly.

As a side note, when dealing with EventGrid triggers, we need the system key, not the default one (a 401 is raised in that case). So change this part:

 "value": "[listkeys(concat(variables('functionAppId'), '/host/default'), '2018-11-01').functionKeys.default]"

To this:

"value": "[listkeys(concat(variables('functionAppId'), '/host/default'), '2018-11-01').systemKeys.eventgrid_extension]"
@lawrencegripper lawrencegripper referenced a pull request that will close this issue Aug 12, 2019
0 of 3 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
6 participants
You can’t perform that action at this time.