What is the simplest approach to auditing the IP Address Whitelists for the following Azure resources: API Gateways, Function Apps, Storage Accounts, and SQL Databases/Servers?
We control access to those Azure Resources to an approved list of IP Addresses. We want to regularly check those lists and compare them to a baseline.
My original idea was to write a Powershell script that queried all of those resources&amp;amp;amp;#39; Whitelists and comparing to my approved list. But now I find that there&amp;amp;amp;#39;s no Powershell script to query Database level firewall rules, only servers. I can use T-SQL, but I wanted to keep it simple and use a single tool.
Is there another tool that would make that simpler? Or another way to use Powershell to gather all that info? I had also considered using LogAnalytics to alert support if a log that would create or modify those firewall comes through any of those resources.
Can anyone offer a different approach that I may be missing? Or a modification on my current approach that would minimize &amp;amp;amp;#34;the administrative overhead&amp;amp;amp;#34; of this activity?