Creating Azure resources — Part 2

This is the second article of a series of articles which we develop an API using Azure functions.

In here we’ll create the Azure resources which will be used.

The API will be hosted as an Azure function app service and please follow the below steps to create one.

  1. Click on “Create a Resource”
  2. Type “function app” in the search text box area and select the “Function App” option.

3. Select an unique name for the function app name and, fill in the rest of the details. This is what I have done,

4. Click the “Create” button and let the portal do it’s magic in the background. You’ll see a notification in the top of your screen once this is done as shown below.

As I mentioned in the introduction I will be using an SQL server database because I “think” most of us .NET developers have been working on that particular database for a long time.

  1. Click “Create a resource” and type “SQL database” in the search text box and select the “SQL Database” option from the drop down.

2. If you don’t already have an SQL server created first select to create one, and then create the database under that server. These are my settings,

3. Then click on “Review + Create” and Azure will create the SQL server (if you selected to create a server) and the database and will give you a nice notification once it’s done.

We will be using AKV to store sensitive information such as connection strings. The recommended place to store these settings are inside of an key vault.

  1. Same as before click “Create resource” and type “key vault” and select the “Key Vault” option from the drop down.
  2. Fill in the details and below are similar setting which I have in mine,

that’s all the resources which we’ll be needing to setup in the portal for the application to work in the end.

The recommended way to use AKV is to create a managed service identity (MSI) for the application service and, specifying which level of access in AKV it’s allowed.

  1. Go the function app which you created in the portal and select “identity” as shown below,

2. Switch on identity for the function app. This will create the principal for the function app. Next we’ll use this principal to provide access in the AKV

3. Go the azure key vault you created earlier and, add the principal which you created for the function app

4. Click on “+ Add New” button and select the function app which you created.

5. Under “Secret Permissions” select at least “get” and “list” as shown below and click “Ok”. Doing this will allow this identity to get or list secrets in the AKV.

That concludes the setting up of the resources in the Azure.

All these setting up of the resources can be done by using Azure ARM templates and, even can be automated in the deployment pipeline.

In the next article we’ll create the solution structure and explain what each and every projects role.

Thanks!