Deploying To IP Restricted Azure Function Apps Using GitHub Actions
Posted Updated GitHub / Actions7 minutes read (About 1082 words)

Deploying To IP Restricted Azure Function Apps Using GitHub Actions

In the previous post we blocked our function app to be available only to the APIM via ip restrictions.

This secures our function app and it isn’t available publicly, any one that tries to access our function app url will get “HTTP 403 Forbidden”.

This secures our function app; now what about deploying code changes to the function app via GitHub Actions? we should be able to CI/CD to our function app, but there is a problem here. The GitHub action will fail with the same “HTTP 403 Forbidden”, this is because GitHub actions run on runners (its a hosted virtual environment), each time we run the Action we get a new runner and it can have a different ip address. So how can we get around this? do we white list the entire GitHub ip range?

GitHub’s ip ranges can change any time, so will have to keep scanning for changes to these ranges and proactively update our ip restrictions, this is not very scalable or practical. So what are other ways of getting around this? we have a couple of ways to get around this.

Possible Solutions

There are two viable solutions here

Read more
Follow

Categories

Archives

follow.it

Please enter your email address to get updates when new articles are published

Recents

Tags

.NET1
AGIC1
AKS1
Application Gateway1
Azure8
Azure App Service2
Azure Blob Storage2
Azure CLI1
Azure Container Apps1
Azure Dev Test Labs1
Azure Logic Apps1
Azure Policy1
Blog1
CI/CD2
Containers1
Developer Environments1
Docker1
DotNet1
Function Apps3
GZip1
GitHub2
Hexo1
IP Restrictions2
Ingress1
Kubernetes1
Personal1
PowerShell1
Security2
Serverless2
Single Threaded Apps1
Tar1
×