Time
1 hour
Difficulty
Beginner
CEU/CPE
1

Video Transcription

00:01
Now let's look at another security feature in natural functions,
00:05
restricting the access to actual functions using I P addresses.
00:10
That may be helpful if you, for example, want to restrict access only to internal users that are having private I p addresses
00:20
in orderto test this functionality. I turned off the authentication and also I will use VPN to simulate different I p addresses.
00:30
Let's go and do the configuration.
00:34
The first thing I will do so is to check my current. I'd be address.
00:39
You can do that by going toe go go and just riding.
00:44
What is my i B?
00:50
So my current I P address is 69 16 1 45 to 51.
00:57
Let's go and do the configuration for the azure function
01:00
we'll use.
01:03
I want a function that
01:04
keep in mind that the I P white listing is also done on the function up level and not on the NVIDIA individual functions. But that means is that all the functions that are created in this function up will have the same i p restrictions.
01:21
This is very similar to the authentication and authorization configuration that we've done in the previous video,
01:27
so within the function app Go to the networking
01:32
and choose the access restrictions. So we will configure access restrictions for our up
01:40
well, other room
01:42
which say's that
01:45
we will alot on Lee
01:51
our i p address toe have access to these function
01:55
We'll put some priority like 100
02:00
We'll have a description This is my
02:05
former i b others
02:07
It will be iptv four and we will copy this i p address
02:13
and put it in there.
02:16
So once we add this rule a new firewall rule will be created for this function and it will alot Onley access from this I p address
02:27
Let's go and test that using cuddle
02:32
In current, we can type coral miners we in the euro for our function and press enter
02:40
and you will see that we're receiving response
02:45
And this is 200 okay, response from our function.
02:50
Now let's try to change our I p address and
02:53
see whether will be granted taxes
03:00
I have connected through my VPN and now I am trying toe access the function from Manchester UK Let's see what my I P addresses.
03:12
If I refresh the query, you will see that my I P addresses 1 85 to 42 7 24
03:19
Let's switch back to the term me now and see whether we can access the function.
03:28
As you can see, we're getting
03:30
inviolable,
03:32
ed or back from the up.
03:36
This will be the default terror that you will get from the up,
03:40
and it will say that it is four or three I p. Forbidden.
03:46
What that means is that the up still replies, however, your function is not trigger.
03:53
You don't pay any money for such requests because this is functionality that Microsoft provides.
04:02
Now you know how you can use. I'd be whitely stink to restrict the access to your actual functions.
04:09
Once again, this can be very useful if you need to restrict access to your internal
04:14
network only.
04:15
Also keep in mind that the restrictions are on the function up level. That means all the functions in this function up will have the same I P restrictions

Up Next

Azure Functions

This Azure Functions course explains the core concepts of serverless services in Azure, how to develop functions that use different triggers and how to secure access of Azure Functions and manage configuration secrets.

Instructed By

Instructor Profile Image
Toddy Mladenov
Instructor