Environment Variables for the Function App
You can use the following environment variables to modify how the function app works.
[
{
"name": "API_KEY",
"value": "<key>",
"slotSetting": false
},
{
"name": "API_SECRET",
"value": "<secret>",
"slotSetting": false
},
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "<key>",
"slotSetting": false
},
{
"name": "APPLICATIONINSIGHTS_CONNECTION_STRING",
"value": "<string>",
"slotSetting": false
},
{
"name": "AUDIT_LOGS_CUSTOM_TABLE",
"value": "Custom-Illumio_Auditable_Events_CL",
"slotSetting": false
},
{
"name": "AWS_KEY",
"value": "<key>",
"slotSetting": false
},
{
"name": "AWS_REGION_NAME",
"value": "<region>",
"slotSetting": false
},
{
"name": "AWS_SECRET",
"value": "<secret>",
"slotSetting": false
},
{
"name": "AZURE_CLIENT_ID",
"value": "<client-id from entra app>",
"slotSetting": false
},
{
"name": "AZURE_CLIENT_SECRET",
"value": "<secret from entra>",
"slotSetting": false
},
{
"name": "AZURE_TENANT_ID",
"value": "<tenant id from entra>",
"slotSetting": false
},
{
"name": "AzureWebJobs.Replicator.Disabled",
"value": "1",
"slotSetting": false
},
{
"name": "AzureWebJobsStorage",
"value": "DefaultEndpointsProtocol=https;AccountName=
illumiostorage;AccountKey=<key>;
EndpointSuffix=core.windows.net",
"slotSetting": false
},
{
"name": "DCE_ENDPOINT",
"value": "<dce endpoint>",
"slotSetting": false
},
{
"name": "DCR_ID",
"value": "<dcr_id>",
"slotSetting": false
},
{
"name": "FLOW_LOGS_CUSTOM_TABLE",
"value": "Custom-Illumio_Flow_Events_CL",
"slotSetting": false
},
{
"name": "FUNCTIONS_EXTENSION_VERSION",
"value": "~4",
"slotSetting": false
},
{
"name": "FUNCTIONS_WORKER_RUNTIME",
"value": "python",
"slotSetting": false
},
{
"name": "LOG_ANALYTICS_URI",
"value": "<LA url>",
"slotSetting": false
},
{
"name": "logTypes",
"value": "All",
"slotSetting": false
},
{
"name": "MAX_QUEUE_MESSAGES_MAIN_QUEUE",
"value": "150",
"slotSetting": false
},
{
"name": "MAX_SCRIPT_EXEC_TIME_MINUTES",
"value": "60",
"slotSetting": false
},
{
"name": "networkTrafficLogTypes",
"value": "all",
"slotSetting": false
},
{
"name": "ORG_ID",
"value": "8",
"slotSetting": false
},
{
"name": "PCE_FQDN",
"value": "<fqdn>",
"slotSetting": false
},
{
"name": "PCE_PORT",
"value": "443",
"slotSetting": false
},
{
"name": "SCHEDULE_AWS_SQS",
"value": "0 */5 * * * *",
"slotSetting": false
},
{
"name": "SCHEDULE_AZURE_QUEUE_MANAGER",
"value": "0 */5 * * * *",
"slotSetting": false
},
{
"name": "SCHEDULE_ILLUMIO_API_POLLING",
"value": "0 */2 * * * *",
"slotSetting": false
},
{
"name": "SQS_FILES_READ_LIMIT",
"value": "200",
"slotSetting": false
},
{
"name": "SQS_QUEUE_URL",
"value": "<sqs url>",
"slotSetting": false
},
{
"name": "WEBSITE_RUN_FROM_PACKAGE",
"value": "<package zip>",
"slotSetting": false
},
{
"name": "WORKLOADS_API_LOGS_CUSTOM_TABLE",
"value": "Custom-Illumio_Workloads_Summarized_API_CL",
"slotSetting": false
},
{
"name": "WORKSPACE_ID",
"value": "<workspace id>",
"slotSetting": false
}
]SCHEDULE_ILLUMIO_API_POLLING: This is a cron schedule that defines how frequently the Illumio API should be polled.
SCHEDULE_AZURE_QUEUE_MANAGER: This is a cron schedule that defines how frequently the Azure Queue Manager should run.
SCHEDULE_AWS_SQS: This is a cron schedule that defines how frequently AWS SQS should be polled for new messages.
SQS_FILES_READ_LIMIT: This is a limit that defines how many messages can be consumed for each execution of TimedSQSFunctionApp. If the function app is the "premium" type, add the AzureFunctionsJobHost__functionTimeout environment variable and assign -1 as its value. For the consumption app, the maximum duration an app can run for is 10 minutes, but for the premium app, you can override this value.