Managed identities is a powerful resource in Azure Portal. We have a new feature that allows the cloud administrator to assign an RBAC permission automatically from the same blade where we create the managed identities.
For example, my function had the managed identity enabled, and to assign RBAC roles, we need to click on the Azure Role Assignments button to start a new wizard that performs all the hard work for us.
The wizard allows the definition of the scope, subscription, and role. Click on Save when complete. For now, the result won’t show up in the original blade, but I believe that change will come soon to the Azure Portal.
If you want to double-check if the role was assigned, go to the place where you assigned the permission. In my case, it was subscription. Check the RBAC roles, and we can see that our managed identity for our function is listed there.