Enable IP whitelisting

Current version: 10.1

For Managed Cloud Containers, there are two Azure Web Application Firewall (WAF) policies that are associated with the CD/CM frontend host. This topic describes how to enable whitelisting for IP addresses and range.

To enable IP whitelisting:

  1. Go to the Infrastructure repository and create a new branch.

  2. Update /frontdoor/main.tf with the following:

    • In the azurerm_frontdoor_firewall_policy, navigate to the custom_rule block and replace the match-values ["192.0.2.0/24"] with your values [your whitelisting IP address in CIDR format].

      For more information about how to manage an Azure Front Door Web Application Firewall Policy instance, go to AzureRM documentation on Terraform.

    • In the azurerm_frontdoor_firewall_policy, navigate to the custom_rule block and set enabled to true.

    For example, to apply the 192.0.2.0/24 whitelisting IP address for CD:

    For example, to apply whitelisting IP address 1.2.3.4. for CM:

  3. Create a pull request to merge with the main branch and complete it.

  4. Run the frontdoor pipeline and ensure that the pipeline executes successfully.

Do you have some feedback for us?

If you have suggestions for improving this article,