I got a reply from one of Azure's official GitHub maintainers when asking what roles to apply to a guest account to collaborate, with the reply:
"to address the question of what permissions are needed for "guest accounts" - the answer is a lot. Far more than what would entail being a "guest" account. The first error from your screenshot is the ability to register Microsoft.Web to the subscription itself. This is a very broad permission that affects far more than just functions. The other errors you have in that screenshot are all around creating supporting resources for the functions app. Again, these permissions have far broader impact than just getting a functions app up and running.
I am not familiar with what PlayFab's subscription model is. But to me, setting up a Functions App is something PlayFab would need to do on your behalf. Or maybe this even doesn't belong in the PlayFab subscription, but in your own subscription and you communicate between the PlayFab one and your own. But anyways - I am not familiar with what PlayFab's model is, so I am just throwing general ideas out there."
When I ask PF what minimum resources I need to host Azure funcs, how to create Guest accounts for collaboration or what minimum permissions/roles are required to get a Guest account working for Functions? I am either told it's "out of their scope" or they simply do not know. As you folks are now called Azure PlayFab and forced this experience on us, it should be within your scope -- at least, the minimum to get started.
Seems like there's a desync of responsibility -- why wouldn't PF be able to help us the most basic of issues if that is our only option for cloud script? The legacy one at least let me get started fast and do basic things (yes, it was bad, but it was at least supported).
1. Not a single PF member knows even the most basic features you'd apply to a 101 quickstart. The average dev here is not soloing here with 0 devs - Guest accounts / permissions are required and after hours of research, we still never figured it out. I am currently running full admin on my client's billing account, which is reckless practice but the only way I could move on.
2. The quickstart link given is specific to Azure; not PlayFab. This helps no one and puts your devs in a hole since it doesn't show any of the prerequisites to get started (significantly more difficult than the functions, themselves). Not to mention they guide you to the most expensive resources, for what little they do show (eg: Windows costs 50% more and they blindly ask users to choose that one without explanation).
You guys (PF) need training -- and bare minimum responsibility to at least offer documentation specific to PF instead of just shooting us a general link to enterprise infra. Since your Quickstart nonchalantly links to raw Azure to "figure it out" (requiring quite the vast amount of research/training/education), this also misleads new PF users into believing that it's easy to set this up. It is not.
Please take an ounce of responsibility and help your devs, please, with some docs and bare minimum training.
1. How to create an Azure account (if you create the "free trial" that the average person will do,for example, you cannot even create a Function and will get vague errors because trials are limited to 32-bit, while Funcs are 64-bit).
2. How to create a guest account - it's not intuitive at all. Even finding the correct place to add is not intuitive - and you need to add in more than one place.
3. Permissions/Roles - The errors show what permissions are missing, but don't say what roles are required. If I get a storage error and browse storage roles, there are about 20. All collaborators likely are all admin'd up because no one has any clue what roles to add, even if you figure out #2.
4. How to create a Function - step by step, going for the most minimalistic pricing as well. NO, don't select "Windows" - show devs to choose Linux. Emphasize US west 2. If there are common errors, show the FAQ as they are all incredibly vague.
Help out your own users so we can help out others. NO ONE KNOWS! If PF doesn't know, how do you expect your users to know?
(Apologies for the aggressiveness of this post, but this really should have gone unsaid - I am utterly shocked how long it took me to get this rolling, how 0 support is offered and even 0 docs specific to PF. This has been an absolutely horrible, alpha-like experience)