I'm trying to set via powershell deny option for Source Control Manager in Azure:
i'm executing this code snippet
$propertiesObject = @{
http20Enabled = $true;
ScmIpSecurityRestrictionsUseMain = $true;
scmIpSecurityRestrictions = @{"Action" = "Deny"};
}
Set-AzResource -PropertyObject $propertiesObject -ResourceGroupName $AppServiceRG -ResourceType Microsoft.Web/sites/config -ResourceName "$AppServiceName/web" -ApiVersion 2022-03-01 -Force
but it is not working i think becouse that option is an object:
How i can set Deny? Any help is really appreciated
CodePudding user response:
I tried in my environment and got below results:
In azure app service, you can set the unmatched rule action - "Deny" by executing below commands:
Azure CLI command:
az resource update --resource-group ResourceGroup --name AppName --resource-type "Microsoft.Web/sites" \
--set properties.siteConfig.scmIpSecurityRestrictionsDefaultAction=Deny
Powershell command:
$Resource = Get-AzResource -ResourceType Microsoft.Web/sites -ResourceGroupName ResourceGroup -ResourceName AppName
$Resource.Properties.siteConfig.scmIpSecurityRestrictionsDefaultAction = "Deny"
$Resource | Set-AzResource -Force
Console:
Portal:
The above command executed successfully and reflected in portal.
For more reference:
Azure App Service access restrictions - Azure App Service | Microsoft Learn