Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
PowerShell scripts to bulk add IP ranges to Restricted Access feature of Azure App Service
Param(
[Parameter(Mandatory = $true)]
[string] $ResourceGroupName,
[Parameter(Mandatory = $true)]
[string] $AppServiceName,
[Parameter(Mandatory = $true)]
[string] $SubscriptionId,
[Parameter(Mandatory = $true)]
[string] $RulePriority
)
$ErrorActionPreference = "Stop"
$AvailabilityTestIpsFile = Get-Content "$PSScriptRoot/AvailabilityTestIps.txt"
$AvailabilityTestIpsLines = $AvailabilityTestIpsFile.Split([Environment]::NewLine)
$IsHeader = $True
$CurrentGroup = $Null;
$NewIpRestrictions = @();
ForEach($Line in $AvailabilityTestIpsLines){
if($IsHeader){
$CurrentGroup = $Line;
$IsHeader = $False
continue
}
if([System.String]::IsNullOrEmpty($Line)){
$IsHeader = $True #next line will be header
continue
}
$Ip = $Null
if($Line.Contains("/")){
$Ip = $Line;
}else{
$Ip = "$Line/32";
}
$NewIpRestrictions += @{
ipAddress = $Ip;
action = "Allow";
priority = $RulePriority;
name = "Av IP $CurrentGroup";
description = "Availability Test IP $CurrentGroup";
tag = "Default";
}
}
& "$PSScriptRoot\AddRestrictedIPAzureAppService.ps1" -ResourceGroupName $ResourceGroupName -AppServiceName $AppServiceName -SubscriptionId $SubscriptionId -NewIpRules $NewIpRestrictions
Param(
[Parameter(Mandatory = $true)]
[string] $ResourceGroupName,
[Parameter(Mandatory = $true)]
[string] $AppServiceName,
[Parameter(Mandatory = $true)]
[string] $SubscriptionId,
[Parameter(Mandatory = $true)]
[string] $RulePriority
)
$ErrorActionPreference = "Stop"
$IPv4s = (Invoke-WebRequest -Uri "https://www.cloudflare.com/ips-v4").Content.TrimEnd([Environment]::NewLine).Split([Environment]::NewLine);
$IPv6s = (Invoke-WebRequest -Uri "https://www.cloudflare.com/ips-v6").Content.TrimEnd([Environment]::NewLine).Split([Environment]::NewLine);
$NewIpRestrictions = @();
foreach($IPv4 in $IPv4s){
$NewIpRestrictions += @{
ipAddress = $IPv4;
action = "Allow";
priority = $RulePriority;
name = "Cloudflare IPv4";
description = "Cloudflare IPv4";
tag = "Default";
}
}
foreach($IPv6 in $IPv6s){
$NewIpRestrictions += @{
ipAddress = $IPv6;
action = "Allow";
priority = $RulePriority;
name = "Cloudflare IPv6";
description = "Cloudflare IPv6";
tag = "Default";
}
}
& "$PSScriptRoot\AddRestrictedIPAzureAppService.ps1" -ResourceGroupName $ResourceGroupName -AppServiceName $AppServiceName -SubscriptionId $SubscriptionId -NewIpRules $NewIpRestrictions
Param(
[Parameter(Mandatory = $true)]
[string] $ResourceGroupName,
[Parameter(Mandatory = $true)]
[string] $AppServiceName,
[Parameter(Mandatory = $true)]
[string] $SubscriptionId,
[Parameter(Mandatory = $true)]
[Hashtable[]] $NewIpRules
)
$ErrorActionPreference = "Stop"
Import-Module Az
if($Null -eq (Get-AzContext)){
Login-AzAccount
}
Select-AzSubscription -SubscriptionId $SubscriptionId
$APIVersion = ((Get-AzResourceProvider -ProviderNamespace Microsoft.Web).ResourceTypes | Where-Object ResourceTypeName -eq sites).ApiVersions[0]
$WebAppConfig = Get-AzResource -ResourceName $AppServiceName -ResourceType Microsoft.Web/sites/config -ResourceGroupName $ResourceGroupName -ApiVersion $APIVersion
foreach ($NewIpRule in $NewIpRules) {
$WebAppConfig.Properties.ipSecurityRestrictions += $NewIpRule
}
Set-AzResource -ResourceId $WebAppConfig.ResourceId -Properties $WebAppConfig.Properties -ApiVersion $APIVersion
Australia East
20.40.124.176/28
20.40.124.240/28
20.40.125.80/28
Brazil South
191.233.26.176/28
191.233.26.128/28
191.233.26.64/28
France Central (Formerly France South)
20.40.129.96/28
20.40.129.112/28
20.40.129.128/28
20.40.129.144/28
France Central
20.40.129.32/28
20.40.129.48/28
20.40.129.64/28
20.40.129.80/28
East Asia
52.229.216.48/28
52.229.216.64/28
52.229.216.80/28
North Europe
52.158.28.64/28
52.158.28.80/28
52.158.28.96/28
52.158.28.112/28
Japan East
52.140.232.160/28
52.140.232.176/28
52.140.232.192/28
West Europe
51.144.56.96/28
51.144.56.112/28
51.144.56.128/28
51.144.56.144/28
51.144.56.160/28
51.144.56.176/28
UK South
51.105.9.128/28
51.105.9.144/28
51.105.9.160/28
UK West
20.40.104.96/28
20.40.104.112/28
20.40.104.128/28
20.40.104.144/28
Southeast Asia
52.139.250.96/28
52.139.250.112/28
52.139.250.128/28
52.139.250.144/28
West US
40.91.82.48/28
40.91.82.64/28
40.91.82.80/28
40.91.82.96/28
40.91.82.112/28
40.91.82.128/28
Central US
13.86.97.224/28
13.86.97.240/28
13.86.98.48/28
13.86.98.0/28
13.86.98.16/28
13.86.98.64/28
North Central US
23.100.224.16/28
23.100.224.32/28
23.100.224.48/28
23.100.224.64/28
23.100.224.80/28
23.100.224.96/28
23.100.224.112/28
23.100.225.0/28
South Central US
20.45.5.160/28
20.45.5.176/28
20.45.5.192/28
20.45.5.208/28
20.45.5.224/28
20.45.5.240/28
East US
20.42.35.32/28
20.42.35.64/28
20.42.35.80/28
20.42.35.96/28
20.42.35.112/28
20.42.35.128/28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.