Azure功能和集装箱审核 [英] Azure Function & Container Audit

问题描述

我在Azure容器中有一个文件，可以通过Azure函数访问该文件.

I have a file in an Azure container which is accessed via an Azure Function.

调用该函数时-只有首先针对Azure AD进行AuthD，然后才加载文件.

When the function is invoked - it is first AuthD against Azure AD only then the file is loaded.

识别谁"的最简单方法是什么?访问了我的文件?

What is the simplest way to identify "who" accessed my file ?

任何用户ID都不作为参数传递.该广告中有1000多个用户.

Any user id is NOT passed as parameter. There are 1000+ users in that AD.

请指导.

推荐答案

App Service通过使用特殊的标头将用户声明传递给您的应用程序.不允许外部请求设置这些标头，因此仅在由App Service设置时才存在.一些示例标头包括:

App Service passes user claims to your application by using special headers. External requests aren't allowed to set these headers, so they are present only if set by App Service. Some example headers include:

X-MS-CLIENT-PRINCIPAL-NAME

X-MS-CLIENT-PRINCIPAL-NAME

X-MS-CLIENT-PRINCIPAL-ID

X-MS-CLIENT-PRINCIPAL-ID

您可以使用 request.headers ['your-header-name'] 获得相应的值.代码示例如下:

You can use request.headers['your-header-name'] to get the corresponding value. The code example is as follows:

public static async Task<HttpResponseMessage> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", "post", Route = null)]
HttpRequest httpRequest, 
ILogger logger)
{   
    var name1=httpRequest.Headers["X-MS-CLIENT-PRINCIPAL-NAME"].ToString();
}

有关更多详细信息，您可以参考此官方文档，或者您也可以参考此

For more details, you can refer to this official document, or you can also refer to this post.

这篇关于Azure功能和集装箱审核的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！