I have an Azure Function triggered by a CosmosDBTrigger. Internally it seems to use DefaultAzureCredential which tries different types of credentials in a specific order. Deployed on the Function App we want to use Managed Identities, this works by setting an app configuration <CONNECTION_NAME_PREFIX>__credential to managedidentities as I have seen here https://learn.microsoft.com/en-us/azure/azure-functions/functions-reference?tabs=cosmos&pivots=programming-language-csharp#local-development-with-identity-based-connections.
In this case it uses the ManagedIdentityCredential and does not try first with EnvironmentCredential or WorkloadIdentityCredential.
Locally, we don't have a managed identity, so it tries the first four types of credentials until it gets to the VisualStudioCredential which then works (because I am logged into Visual Studio). This however takes time and it also displays errors when starting up the function as it tries to invoke GetToken for the different types of credentials unsuccessfully.
Usually, you can disable certain types of credentials by do something like this:
new DefaultAzureCredential(
new DefaultAzureCredentialOptions
{
ExcludeEnvironmentCredential = true,
ExcludeWorkloadIdentityCredential = true,
ExcludeManagedIdentityCredential = true,
...
);
but I could not figure out how this would work with the CosmosDBTrigger.
How can I disable certain types of credentials for the CosmosDBTrigger locally?