We welcome user feedback and feature requests!

Allow Azure App Service IP Restriction configuration by PowerShell Script

At the moment an Azure App service has the ability to white list IP addresses through the Networking > IP Restriction blade. It would be useful if this could be configured through PowerShell.

81 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Graham Williamson shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    9 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Anonymous commented  ·   ·  Flag as inappropriate

        @Anders Wahlqvist , that doesn't work unfortunately. It all works nice and fine until you try to commit that change

        Set-AzureRMResource : {"Code":"BadRequest","Message":"HTTP request body must not be empty.","Target":null,"Details":[{"
        Message":"HTTP request body must not be empty."},{"Code":"BadRequest"},{"ErrorEntity":{"ExtendedCode":"51016","MessageT
        emplate":"HTTP request body must not be empty.","Parameters":[],"Code":"BadRequest","Message":"HTTP request body must n
        ot be empty."}}],"Innererror":null}
        At line:1 char:1
        + Set-AzureRMResource -ResourceId $config.ResourceId -Properties $confi ...
        + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo : CloseError: (:) [Set-AzureRmResource], ErrorResponseMessageException
        + FullyQualifiedErrorId : BadRequest,Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.SetAzureResou
        rceCmdlet

      • Anders Wahlqvist commented  ·   ·  Flag as inappropriate

        This has actually been possible for quite some time, maybe not completely straight forward compared to having support for it in the AzureRm.Websites cmdlets but to give you a hint (you obviously want to change the array of IP addresses you're adding):

        $WebAppConfig = Get-AzureRMResource -ResourceName MyWebApp -ResourceType Microsoft.Web/sites/config -ResourceGroupName MyResourceGroup

        $WebAppConfig.Properties.ipSecurityRestrictions = @([PSCustomObject] @{ ipAddress = '127.0.0.1' ; subnetMask = '255.0.0.0' })

        Set-AzureRmResource -ResourceId $WebAppConfig.ResourceId -Properties $WebAppConfig.Properties -ApiVersion 2016-08-01

      • Anonymous commented  ·   ·  Flag as inappropriate

        Any updates? Why cant you guys just use security groups like aws? We have to jump through a ton of hoops just to allow Traffic manager to probe an app service?

      Feedback and Knowledge Base