Created
August 24, 2018 06:36
-
-
Save pregress/dab3193dc3f7d9806eb0433ccc1145b0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Add-WebAppIPRestrictions { | |
Param( | |
[Parameter(Position = 0, Mandatory = $true, HelpMessage = "WebApp name", ValueFromPipeline = $false)] | |
$WebApp, | |
[Parameter(Position = 1, Mandatory = $true, HelpMessage = "Resource group name", ValueFromPipeline = $false)] | |
$ResourceGroupName, | |
[Parameter(Position = 2, Mandatory = $true, HelpMessage = "Restricted IP address: 1.1.1.1/1 (including mask)", ValueFromPipeline = $false)] | |
$IPAddress, | |
[Parameter(Position = 4, Mandatory = $true, HelpMessage = "Restricted IP Priority", ValueFromPipeline = $false)] | |
$Priority, | |
[Parameter(Position = 5, Mandatory = $true, HelpMessage = "Restricted IP address mask", ValueFromPipeline = $false)] | |
$Name, | |
[Parameter(Position = 6, Mandatory = $true, HelpMessage = "Allow or Deny", ValueFromPipeline = $false)] | |
[ValidateSet('Allow','Deny')] | |
$Action | |
) | |
$resourceName = "$($WebApp)/web" | |
$r = Get-AzureRmResource -ResourceGroupName $ResourceGroupName -ResourceType Microsoft.Web/sites/config -ResourceName $resourceName -ApiVersion 2018-02-01 | |
$p = $r.Properties | |
if($p.ipSecurityRestrictions -eq $null) | |
{ | |
#Create the collection if there are no restrictions | |
$p.ipSecurityRestrictions = @() | |
} | |
if ($ipAddress -in $p.ipSecurityRestrictions.ipAddress) | |
{ | |
"IP address $IPAddress is already added as restricted to $WebApp." | |
return | |
} | |
elseif ($Name -in $p.ipSecurityRestrictions.name) | |
{ | |
"IP restriction with name: $Name is already added as restricted to $WebApp." | |
return | |
} | |
"Adding restriction $IPAddress to $WebApp" | |
$restriction = @{} | |
$restriction.Add("ipAddress",$IPAddress) | |
$restriction.Add("action",$Action) | |
$restriction.Add("priority",$Priority) | |
$restriction.Add("name", $Name) | |
$p.ipSecurityRestrictions += $restriction | |
Set-AzureRmResource -ResourceGroupName $ResourceGroupName -ResourceType Microsoft.Web/sites/config -ResourceName $resourceName -ApiVersion 2018-02-01 -PropertyObject $p -force | |
} | |
function Remove-WebAppIPRestrictions { | |
Param( | |
[Parameter(Position = 0, Mandatory = $true, HelpMessage = "WebApp name", ValueFromPipeline = $false)] | |
$WebApp, | |
[Parameter(Position = 1, Mandatory = $true, HelpMessage = "Resource group name", ValueFromPipeline = $false)] | |
$ResourceGroupName, | |
[Parameter(Position = 2, Mandatory = $true, HelpMessage = "Restricted IP address: 1.1.1.1/1 (including mask)", ValueFromPipeline = $false)] | |
$IPAddress | |
) | |
$resourceName = "$($WebApp)/web" | |
$r = Get-AzureRmResource -ResourceGroupName $ResourceGroupName -ResourceType Microsoft.Web/sites/config -ResourceName $resourceName -ApiVersion 2018-02-01 | |
$p = $r.Properties | |
if($p.ipSecurityRestrictions -eq $null) | |
{ | |
#Create the collection if there are no restrictions | |
$p.ipSecurityRestrictions = @() | |
} | |
if (!($ipAddress -in $p.ipSecurityRestrictions.ipAddress)) | |
{ | |
"IP address $IPAddress is not in ip restrictions of $WebApp." | |
return | |
} | |
"Removing restriction $IPAddress to $WebApp" | |
$p.ipSecurityRestrictions = $p.ipSecurityRestrictions | where ipAddress -ne $IPAddress | |
Set-AzureRmResource -ResourceGroupName $ResourceGroupName -ResourceType Microsoft.Web/sites/config -ResourceName $resourceName -ApiVersion 2018-02-01 -PropertyObject $p -force | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment