azure icon indicating copy to clipboard operation
azure copied to clipboard

Published 20 hours ago verified publisher icon ansible-collections

Make access restrictions more flexible in web app access restrictions module

Open mark4409 opened this issue 1 year ago • 1 comments

SUMMARY

At the moment, the azure_rm_webappaccessrestriction only supports IP addresses (according to the latest documentation). There have been many times in the past where I have had to use service tags or vnets in these access restrictions so it would be great if this module would support those too

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

azure_rm_webappaccessrestriction

ADDITIONAL INFORMATION

This addition would prevent having to manually add configuration to the resource after deployment with ansible

- name: Configure web app access restrictions.
  azure.azcollection.azure_rm_webappaccessrestriction:
    name: "MyWebapp"
    resource_group: "MyResourceGroup"
    security_restrictions:
      - name: "Datacenter 1"
        action: "Allow"
        ip_address: "1.1.1.1/24"
        priority: 1
      - name: "Datacenter 2"
        action: "Allow"
        service_tag: "AzureCloud"
        priority: 2
      - name: "Datacenter 3"
        action: "Allow"
        subnet_id: "/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.Network/virtualNetworks/xxx/subnets/xxx"
        priority: 3
    scm_ip_security_restrictions_use_main: true

mark4409 avatar Jun 01 '23 12:06 mark4409