In this article, we will talk about how to provision an Azure SQL Database with authentication restricted to Active Directory users/groups/applications. We will use Pulumi to do that.
If you are using Azure Functions chances are you are using the setting
AzureWebJobsStorage in your Function App configuration. And it is quite likely that the value of this setting which is a secret is stored in a non-secured way directly in your Function App configuration, available to anyone who has access to this configuration. But do not worry, we will see in this article how we can make your Function App more secure by removing this secret.
Microsoft.Data.SqlClient v3.0.0, a new authentication mode
Active Directory Default has been released. Let's see what this means when querying an Azure SQL Database from some C# code.
If you have no interest in reading the blog post and just want the final script, you can find it on this GitHub repository.