We welcome user feedback and feature requests!

Add "Allow access to Azure services" in Azure App Service IP restrictions

Re this thread

https://www.yammer.com/azureadvisors/#/Threads/show?threadId=945875058

I'd used PowerShell to manually add IP restrictions a couple of weeks ago. Right away my App Insights availability tests started failing so I narrowed the test location down to Dublin IE and allowed those IP/Subnets.

Add an option similar to SQL Server "Allow access to Azure services" That white lists Azure App insights availability tests for selected regions.

Thanks

Luke

61 votes
Vote
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
You have left! (?) (thinking…)
Luke Dearden shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

There was some confusion about this feature due to the documentation for it and UX originally released had a bug.

The IP Restrictions feature works as an ALLOW list, rather than a DENY list as originally stated.

The ask here is still valid, there are other services in azure (like SQL) that have UI to explicitly allow other azure services to reach the database. While this is convenient for development scenarios, it’s not a good idea for securing the resource.

We’ll keep an eye on this request and see if it gathers more up-votes.

-Byron

2 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...
  • Shahid Iqbal commented  ·   ·  Flag as inappropriate

    Same issue really with Azure DevOps agents not being able to view the site during a deployment so UI tests fail.
    Would be great to either give the same option as azure sql does or allow importing of ip restrictions in a more workable manner. File upload (ideally in same format as we can get for IP ranges for Azure)

  • Xinyi Ou commented  ·   ·  Flag as inappropriate

    This is currently causing an issue for us when importing Azure Function into Azure API Management. We have added the IP address of the APIM to the allow list, but the import functionality breaks unless we temporary disable the IP Restrictions on the App Service. It would be great to know what IPs we need to add to allow for this, or to have the Allow Azure Services (if the traffic is coming from the UI for APIM).

Feedback and Knowledge Base