This repository provides a scalable baseline for Azure Function written in Python.
MIT License
This repository provides a scalable baseline for Azure Functions written in Python. It demonstrates:
The infrastructure as code (IaC) is written in Terraform and uses all the latest and greatest Azure Function features to ensure high security standards and the lowest attack surface possible. The code can be found in the /code/infra
folder and creates the following resources:
The Azure Function is configured in a way to fulfill highest compliance standards. In addition, the end-to-end setup takes care of wiring up all services to ensure a productive experience on day one. For instance, the Azure Function is automatically being connected to Azure Application Insights and the Application Insights service is being connected to the Azure Log Analytics Workspace.
The deployed services ensure a compliant network setup using the following features:
The deployed services ensure a compliant authentication & authorization setup using the following features:
The deployed services ensure a compliant encryption setup using the following features:
The Azure Function code is written in Python and leverages the new Web Framework integration supported by the v2 Python programming model. This allows to rely on proven frameworks such as FastAPI and Flask. The Azure Function application code can be found in the /code/function
folder.
This sample uses FastAPI as a baseline which is a scalable, modern, fast and proven web framework for APIs built in Python. More details about FastAPI can be found here.
This sample uses Open Telemetry and the FastAPI and Azure Application Insights integration for end to end tracking of API calls using logs and metrics and dependency calls. More information about Open Telemetry can be found here.
This sample exposes a health endpoint that includes header validation (Header x-ms-auth-internal-token
) to ensure that only the health check feature of the Azure Function it self is allowed to call this endpoint. When trying to reach this endpoint from outside, the request will be blocked with a 400 response.
Testing of the Azure Functon application code. The testing is done using pytest
. Tests are stored in the /tests
folder and should be extended for new functionality that is being implemented over time. The pytest.ini
is used to reference the Azure Functon project for imports. This file makes sure that the respective python objects from the Azrue Function application code can be imported into the tests and validated accordingly.
The following architecture is created by this repository: