Following "Access to App Services should be restricted" recommendation for public App service

Lars Rinde 21 Reputation points
2019-12-03T12:52:57.31+00:00

We have some app services that are private (and have IP restrictions applied), but some are supposed to be publicly accessible. I would like to keep the recommendation rule active on the subscription level, but can't find a way to solve it or suppress for our public services. The recommendation text itself also only seem to refer to the case where you want to disable public access.

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,923 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ryan Hill 25,981 Reputation points Microsoft Employee
    2019-12-10T18:36:51.193+00:00

    Hi @Lars Rinde , sincerest apologies for the delayed response. To suppress your recommendation rules, have a look at https://learn.microsoft.com/en-us/azure/security-center/tutorial-security-policy#disable-security-policies and let me know if this is helpful or not.

    Having said that, while it's definitely not required, the recommended rule can in-fact be applied to your public facing services by placing a WAF on either Azure Front Door or App Gateway so traffic is forced through the WAF.