Feature Request: IP Restrictions for Web Apps

[istairbn]

Azure Web Apps by default are accessible to the world. Obviously in some cases, we want to restrict access to certain IP addresses.

Currently you can set that in the web.config using the IpSecurityRestriction Class

https://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.management.websites.models.ipsecurityrestriction?view=azure-dotnet

It looks like this has been implemented in the SDK for Go

https://github.com/Azure/azure-sdk-for-go/blob/fad8443a79b0e755c18c3bec29a8d2bedab0b421/profiles/latest/web/mgmt/web/models.go#L825

Could this go on the roadmap? Given Terraform's fantastic support for CIDR ranges, it should be straight foward to use it to lock events down to required ranges.

[perbergland]

Is there any way to create these restrictions dynamically, e.g. from the outbound_ip_addresses list from some other web apps?

For SQL server, the ip_restrictions are a separate resource - I think that may be needed for the app_service and slot as well but maybe there's some interpolation syntax that I don't know about.

[tombuildsstuff]

hey @istairbn @perbergland

Support for this shipped in v1.6.0 - as such I'm going to close this issue for the moment.

Thanks!

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!