Get the list of firewall rules on a Postgres Instance in Azure return empty in a azure function

Question

I'm trying to get the list of firewall rules on a Postgres Instance in Azure, using the azure-js-sdk. Locally it works like a charm, I've got the list of firewall rules from my selected postgres instance.

   ...
   const azureCredential = new DefaultAzureCredential();
   const subscriptionClient = new SubscriptionClient(azureCredential);
   const postgresCli = new PostgreSQLManagementClient(azureCredential, "mySubscriptionId");
   const fwRules = postgresCli.firewallRules.listByServer("myResourceGroup", "myServerName");

   for await (const fwRule of fwRules) {
      context.log.info("in the for of fwRules");
      context.log.info("DELETING ", fwRule.name, " in ", azResourceGroup);
      ...
   }

However, when I run this code in a serverless function, the fwRules object is empty and it does'nt display my firewall rules. And there is no exception.

index.ts

const httpTrigger: AzureFunction = async function (context: Context, req: HttpRequest): Promise<void> {
    try {
      const azureCredential = new DefaultAzureCredential();
      const subscriptionClient = new SubscriptionClient(azureCredential);
      const postgresCli = new PostgreSQLManagementClient(azureCredential, "mySubscriptionId");
      const fwRules = postgresCli.firewallRules.listByServer("myResourceGroup", "myServerName");

      for await (const fwRule of fwRules) {
         context.log.info("in the for of fwRules");
         context.log.info("DELETING ", fwRule.name, " in ", azResourceGroup);
         ...
      }
    }
    catch (e) {
        context.log.error(e);
        context.res = { status: 500, body: 'Internal Server Error' };
    }
};

function.json

    "bindings": [
    {
      "authLevel": "function",
      "type": "httpTrigger",
      "direction": "in",
      "name": "req",
      "methods": [
        "get"
      ]
    },
    {
      "type": "http",
      "direction": "out",
      "name": "res"
    }
  ],
  "scriptFile": "../target/foobar/index.js"

Do you something wrong with this code ? Or did you already faced this problem ? I don't know how I can debug further this code to understand the reason why it does not enter the loop.

Regards, Blured.

Answer 1

You can try another approach to connect with Azure PostgreSQL DB from Azure Function App and try to get the firewall rules adterwords.

Step 1: Configure Azure AD Authentication for PostgreSQL

Step 2: Enable managed identity for the Function app

Step 3: Use the managed identity ID to create a user in Postgres

Step 4: Write code for function app

Step 5: Test the function app and connect to Postgres

Check the connection and get the firewall rules.

Refer: Connect from Function app with managed identity to Azure Database for PostgreSQL