Terraform-provider-azurerm: Function App IP Restrictions

Created on 10 Apr 2019  ยท  13Comments  ยท  Source: terraform-providers/terraform-provider-azurerm

Community Note

  • Please vote on this issue by adding a ๐Ÿ‘ reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

It would be nice if we could have the ip_restrictions configuration block in Azure Function App resource. This is already available in the App Service resource.

Keep up the good work!

New or Affected Resource(s)

  • azurerm_function_app

Potential Terraform Configuration

resource "azurerm_function_app" "global_app_function" {
    name                      = "hub-deployer-${var.deployment_suffix}"
    location                  = "${azurerm_resource_group.main_rg.location}"
    resource_group_name       = "${azurerm_resource_group.main_rg.name}"
    app_service_plan_id       = "${azurerm_app_service_plan.global_app_serviceplan.id}"
    storage_connection_string = "${azurerm_storage_account.global_function_storage.primary_connection_string}"
    https_only                = "true"
    # NOT AVAILABLE FOR FUNCTION APP IN TERRAFORM
    ip_restriction  = {
        ip_address = "65.245.25.32"
        subnet_mask = "255.255.255.255"
    }

References

enhancement servicfunctions
Source
picture simonlegeek
👍19

All 13 comments

Hi , Can we expect this change request will be implemented soon or not?

jitendrakandpal55 picture jitendrakandpal55 on 5 Jul 2019

Can we also get the SCM/kudu IP restriction filter added as well as it is almost identical? Propose a syntax like so:

resource "azurerm_function_app" "global_app_function" {
    name                      = "hub-deployer-${var.deployment_suffix}"
    location                  = "${azurerm_resource_group.main_rg.location}"
    resource_group_name       = "${azurerm_resource_group.main_rg.name}"
    app_service_plan_id       = "${azurerm_app_service_plan.global_app_serviceplan.id}"
    storage_connection_string = "${azurerm_storage_account.global_function_storage.primary_connection_string}"
    https_only                = "true"
    # NOT AVAILABLE FOR FUNCTION APP IN TERRAFORM
    ip_restriction  = {
        ip_address = "1.2.3.4"
        subnet_mask = "255.255.255.255"
    }
    scm_ip_restriction  = {
        ip_address = "5.6.7.8"
        subnet_mask = "255.255.255.255"
    }
}
alastairtree picture alastairtree on 9 Aug 2019

It would also be nice to be able to set vnet/subnet based restrictions.

LucaPrete picture LucaPrete on 20 Aug 2019
👍1

Hey all, I believe we now have all the functionality for restrictions in the provider so I'll be closing this down. Feel free to reopen or submit a new PR if some functionality has been missed after version 1.34.0 of the provider goes out.

mbfrahry picture mbfrahry on 30 Aug 2019
🎉1

Guys, this is great, but I don't see this reflected in the docs, here: https://www.terraform.io/docs/providers/azurerm/r/function_app.html

Am I missing anything?

BTW, I don't even see an option for the VNET integration, which would preclude vnet/subnet filtering from working.

Thanks

LucaPrete picture LucaPrete on 31 Aug 2019
👍1

Hey @LucaPrete, unfortunately it hasn't released yet. You'll have to wait until version 1.34.0 goes out the door before you'll be able to see it on terraform.io. You could build your own provider off the master branch if you need it immediately

mbfrahry picture mbfrahry on 31 Aug 2019

Hi Matthew,

Does the vnet subnet based restrictions are also available in this release.

Thanks,
Jitendra

Get Outlook for Androidhttps://aka.ms/ghei36

From: Matthew Frahry notifications@github.com
Sent: Saturday, August 31, 2019 4:06:33 PM
To: terraform-providers/terraform-provider-azurerm terraform-provider-azurerm@noreply.github.com
Cc: jitendrakandpal55 jitendra.kandpal@outlook.com; Manual manual@noreply.github.com
Subject: Re: [terraform-providers/terraform-provider-azurerm] Function App IP Restrictions (#3229)

Hey @LucaPretehttps://github.com/LucaPrete, unfortunately it hasn't released yet. You'll have to wait until version 1.34.0 goes out the door before you'll be able to see it on terraform.io. You could build your own provider off the master branch if you need it immediately

โ€”
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHubhttps://github.com/terraform-providers/terraform-provider-azurerm/issues/3229?email_source=notifications&email_token=AMRCWVU3JNWDEMD22HWMBI3QHKCHTA5CNFSM4HE75V6KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5TOP7A#issuecomment-526837756, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AMRCWVS5Q33KQY43EV5QLLDQHKCHTANCNFSM4HE75V6A.

jitendrakandpal55 picture jitendrakandpal55 on 1 Sep 2019
👍1

Great, thanks. Do you know the release date?

Il giorno dom 1 set 2019 alle ore 09:19 jitendrakandpal55 <
[email protected]> ha scritto:

Hi Matthew,

Does the vnet subnet based restrictions are also available in this release.

Thanks,
Jitendra

Get Outlook for Androidhttps://aka.ms/ghei36

From: Matthew Frahry notifications@github.com
Sent: Saturday, August 31, 2019 4:06:33 PM
To: terraform-providers/terraform-provider-azurerm <
[email protected]>
Cc: jitendrakandpal55 jitendra.kandpal@outlook.com; Manual <
[email protected]>
Subject: Re: [terraform-providers/terraform-provider-azurerm] Function App
IP Restrictions (#3229)

Hey @LucaPretehttps://github.com/LucaPrete, unfortunately it hasn't
released yet. You'll have to wait until version 1.34.0 goes out the door
before you'll be able to see it on terraform.io. You could build your own
provider off the master branch if you need it immediately

โ€”
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub<
https://github.com/terraform-providers/terraform-provider-azurerm/issues/3229?email_source=notifications&email_token=AMRCWVU3JNWDEMD22HWMBI3QHKCHTA5CNFSM4HE75V6KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5TOP7A#issuecomment-526837756>,
or mute the thread<
https://github.com/notifications/unsubscribe-auth/AMRCWVS5Q33KQY43EV5QLLDQHKCHTANCNFSM4HE75V6A

.

โ€”
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/terraform-providers/terraform-provider-azurerm/issues/3229?email_source=notifications&email_token=AARY7UBOKO7KGOOBW5E5SG3QHNUJHA5CNFSM4HE75V6KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5T4HTI#issuecomment-526894029,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AARY7UFFTFQU4AFRJ56SE7TQHNUJHANCNFSM4HE75V6A
.

LucaPrete picture LucaPrete on 1 Sep 2019

@LucaPrete we don't have a defined release date yet, but as we get closer we tend to post it on the milestone.

I've assigned this to the milestone so when this is released @hashibot will comment here that it's available :)

tombuildsstuff picture tombuildsstuff on 1 Sep 2019

Thanks!

Il giorno dom 1 set 2019 alle 11:25 Tom Harvey notifications@github.com
ha scritto:

@LucaPrete https://github.com/LucaPrete we don't have a defined release
date yet, but as we get closer we tend to post it on the milestone.

I've assigned this to the milestone so when this is released @hashibot
https://github.com/hashibot will comment here that it's available :)

โ€”
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/terraform-providers/terraform-provider-azurerm/issues/3229?email_source=notifications&email_token=AARY7UBTNOFVJISUYGB7OOLQHODAPA5CNFSM4HE75V6KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5T6I4Q#issuecomment-526902386,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AARY7UCGUH2N5AIN4QOBDFDQHODAPANCNFSM4HE75V6A
.

LucaPrete picture LucaPrete on 1 Sep 2019

This has been released in version 1.34.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 1.34.0"
}
# ... other configuration ...
hashibot[bot] picture hashibot[bot] on 18 Sep 2019

hello
I couldn't find any reference to this feature in the docs or release notes
Was that implemented?

thank you
Omer

jungopro picture jungopro on 19 Sep 2019

I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error ๐Ÿค– ๐Ÿ™‰ , please reach out to my human friends ๐Ÿ‘‰ [email protected]. Thanks!

hashibot[bot] picture hashibot[bot] on 30 Sep 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

hashibot picture hashibot  ยท  43Comments
jonaspetersorensen picture jonaspetersorensen  ยท  32Comments
test-in-prod picture test-in-prod  ยท  28Comments
matthid picture matthid  ยท  42Comments
titilambert picture titilambert  ยท  35Comments