Azure功能和限制IP [英] Azure Functions and restricting IPs

问题描述

我真的很想在即将到来的项目中使用Azure Functions，但是有没有办法像在Web.Config中的ipSecurity中那样创建IP白名单?

I would really like to use Azure Functions for an upcoming project, but is there a way to create a whitelist of IPs like in ipSecurity in Web.Config?

他们正在使用authLevel功能，因此那里有一些保护.我的客户对白名单有安全要求.

They are using authLevel function, so there is some protection there. My customer has a security requirement for a whitelist.

看着资源浏览器，似乎有一个属性 ipSecurityRestrictions 可能有用，但是我在Azure函数实例上看不到它.

Looking at the resource explorer there seems to be a property ipSecurityRestrictions that might work, but I don't see it on my Azure function instance.

推荐答案

不幸的是，由于您无法控制web.config，因此无法做到这一点.

Unfortunately, as you don't have control over a web.config this isn't doable that way.

您可以在函数本身中进行ip验证，也可以添加诸如API管理之类的解决方案来阻止流量.

You could do the ip validation within the function itself or add a solution like API Management to block traffic.

如果您愿意在专用(而非消耗计划)上运行，则可以使用带有所需IP白名单的经过修改的web.config将功能运行库作为站点扩展部署为站点扩展:

If you're willing to run on dedicated (not consumption plan), you can deploy the functions runtime as a site extension with a modified web.config with the ip whitelist you need: https://github.com/Azure/azure-webjobs-sdk-script/wiki/Deploying-the-Functions-runtime-as-a-private-site-extension

这篇关于Azure功能和限制IP的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！