Azure Resource Manager IP Security Restrictions using Powershell

前端未结

关注

 2  553

I\'m trying to use Powershell to set IP Security Restrictions. My syntax is not returning any errors, but settings are not changing. The \"ipSecurityRestrictions\" property

相关标签:

2条回答

青春惊慌失措

2020-12-11 05:00

Here is a convenience function to add a rule:

function Add-AzureIpRestrictionRule
{
    [CmdletBinding()]
    Param
    (
        # Name of the resource group that contains the App Service.
        [Parameter(Mandatory=$true, Position=0)]
        $ResourceGroupName, 

        # Name of your Web or API App.
        [Parameter(Mandatory=$true, Position=1)]
        $AppServiceName, 

        # rule to add.
        [Parameter(Mandatory=$true, Position=2)]
        [PSCustomObject]$rule 
    )

    $ApiVersions = Get-AzureRmResourceProvider -ProviderNamespace Microsoft.Web | 
        Select-Object -ExpandProperty ResourceTypes |
        Where-Object ResourceTypeName -eq 'sites' |
        Select-Object -ExpandProperty ApiVersions

    $LatestApiVersion = $ApiVersions[0]

    $WebAppConfig = Get-AzureRmResource -ResourceType 'Microsoft.Web/sites/config' -ResourceName $AppServiceName -ResourceGroupName $ResourceGroupName -ApiVersion $LatestApiVersion

    $WebAppConfig.Properties.ipSecurityRestrictions =  $WebAppConfig.Properties.ipSecurityRestrictions + @($rule) | 
        Group-Object name | 
        ForEach-Object { $_.Group | Select-Object -Last 1 }

    Set-AzureRmResource -ResourceId $WebAppConfig.ResourceId -Properties $WebAppConfig.Properties -ApiVersion $LatestApiVersion -Force    
}

Usage example:

Login-AzureRmAccount
# determine current ip
$clientIp = Invoke-WebRequest 'https://api.ipify.org' | Select-Object -ExpandProperty Content

$rule = [PSCustomObject]@{
    ipAddress = "$($clientIp)/32"
    action = "Allow"  
    priority = 123 
    name = '{0}_{1}' -f $env:computername, $env:USERNAME 
    description = "Automatically added ip restriction"
}

Add-AzureIpRestrictionRule -ResourceGroupName "myResourceGroup" -AppServiceName "myAppServiceName" -rule $rule

Source: Configure Azure App Service IP Restrictions using PowerShell

0 讨论(0)

粉色の甜心

2020-12-11 05:01

ipSecurityRestrictions should be object array. Please have a try to change code as following. It works correctly for me.

$r = Get-AzureRmResource -ResourceGroupName "Resoucegroup name" -ResourceType Microsoft.Web/sites/config -ResourceName resourcename/web -ApiVersion 2016-08-01

$p = $r.Properties
$p.ipSecurityRestrictions = @()
$restriction = @{}
$restriction.Add("ipAddress","0.0.0.0")
$restriction.Add("subnetMask","0.0.0.0")
$p.ipSecurityRestrictions+= $restriction

Set-AzureRmResource -ResourceGroupName  "Resoucegroup name" -ResourceType Microsoft.Web/sites/config -ResourceName resourcename/web -ApiVersion 2016-08-01 -PropertyObject $p

After that we can get the result from the resources azure (https://resources.azure.com).

We also can get powershell cmd from the resource azure.

0 讨论(0)