I'm trying to use Powershell to set IP Security Restrictions. My syntax is not returning any errors, but settings are not changing. The "ipSecurityRestrictions" property is a hashtable.
$r = Get-AzureRmResource -ResourceGroupName *resource-group-name* -ResourceType Microsoft.Web/sites/config -ResourceName resourcename/web -ApiVersion 2016-08-01
$p = $r.Properties
$p.ipSecurityRestrictions = @{ ipAddress = "0.0.0.0"; subnetMask = "0.0.0.0" }
Set-AzureRmResource -ResourceGroupName *resource-group-name* -ResourceType Microsoft.Web/sites/config -ResourceName resourcename/web -ApiVersion 2016-08-01 -PropertyObject $p
It's not a permissions issue, and there are no errors returned. To change a property that is not a hashtable, such as the phpVersion the following code is working fine:
$p.phpVersion = "7.0"
Anyone successfully set ipSecurityRestrictions using this method?
ipSecurityRestrictions should be object array. Please have a try to change code as following. It works correctly for me.
$r = Get-AzureRmResource -ResourceGroupName "Resoucegroup name" -ResourceType Microsoft.Web/sites/config -ResourceName resourcename/web -ApiVersion 2016-08-01
$p = $r.Properties
$p.ipSecurityRestrictions = @()
$restriction = @{}
$restriction.Add("ipAddress","0.0.0.0")
$restriction.Add("subnetMask","0.0.0.0")
$p.ipSecurityRestrictions+= $restriction
Set-AzureRmResource -ResourceGroupName "Resoucegroup name" -ResourceType Microsoft.Web/sites/config -ResourceName resourcename/web -ApiVersion 2016-08-01 -PropertyObject $p
After that we can get the result from the resources azure
(https://resources.azure.com).
We also can get powershell cmd from the resource azure.
Here is a convenience function to add a rule:
function Add-AzureIpRestrictionRule
{
[CmdletBinding()]
Param
(
# Name of the resource group that contains the App Service.
[Parameter(Mandatory=$true, Position=0)]
$ResourceGroupName,
# Name of your Web or API App.
[Parameter(Mandatory=$true, Position=1)]
$AppServiceName,
# rule to add.
[Parameter(Mandatory=$true, Position=2)]
[PSCustomObject]$rule
)
$ApiVersions = Get-AzureRmResourceProvider -ProviderNamespace Microsoft.Web |
Select-Object -ExpandProperty ResourceTypes |
Where-Object ResourceTypeName -eq 'sites' |
Select-Object -ExpandProperty ApiVersions
$LatestApiVersion = $ApiVersions[0]
$WebAppConfig = Get-AzureRmResource -ResourceType 'Microsoft.Web/sites/config' -ResourceName $AppServiceName -ResourceGroupName $ResourceGroupName -ApiVersion $LatestApiVersion
$WebAppConfig.Properties.ipSecurityRestrictions = $WebAppConfig.Properties.ipSecurityRestrictions + @($rule) |
Group-Object name |
ForEach-Object { $_.Group | Select-Object -Last 1 }
Set-AzureRmResource -ResourceId $WebAppConfig.ResourceId -Properties $WebAppConfig.Properties -ApiVersion $LatestApiVersion -Force
}
Usage example:
Login-AzureRmAccount
# determine current ip
$clientIp = Invoke-WebRequest 'https://api.ipify.org' | Select-Object -ExpandProperty Content
$rule = [PSCustomObject]@{
ipAddress = "$($clientIp)/32"
action = "Allow"
priority = 123
name = '{0}_{1}' -f $env:computername, $env:USERNAME
description = "Automatically added ip restriction"
}
Add-AzureIpRestrictionRule -ResourceGroupName "myResourceGroup" -AppServiceName "myAppServiceName" -rule $rule
Source: Configure Azure App Service IP Restrictions using PowerShell
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://i.stack.imgur.com/SQYfH.png', '推荐 老娘就宠你 的文章《Azure Resource Manager IP Security Restrictions us》','https://www.manongdao.com/article-179675.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}