question

CampbellThompson-9120 avatar image
0 Votes"
CampbellThompson-9120 asked ·

Audit/Deny ipSecurityRestrictions through Azure Policy

Hi there,

I'm trying to create a custom policy to match ipSecurityRestriction rules for our organisational Public IP addresses.

I want to do this for Function Apps in the first instance, but once I have the policy created, I'll align it to other publicly facing Web Apps.

I'm having a real problem with the format of the policy. I'm feeding our Public IPs in to the policy via a parameter array, but I can't find the correct syntax to give a non-compliance. I've even tried to use a single IP to evaluate against, but I either get all of my resources reporting 100% compliant or 100% non-compliant, depending on the condition format.

Has anyone got a working policy that they can socialise? I'd be really appreciative.

Thanks in advance,

CT

azure-policy
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

DCtheGeek avatar image
0 Votes"
DCtheGeek answered ·

What alias are you using for the Public IPs? Can you share the rule portion of the policy definition?

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.