Configure WAF client IP restriction for Azure Front Door

Last updated: 12/10/2019

This template configures WAF client IP restriction for Azure Front Door endpoint

This Azure Resource Manager (ARM) template was created by a member of the community and not by Microsoft. Each ARM template is licensed to you under a licence agreement by its owner, not Microsoft. Microsoft is not responsible for ARM templates provided and licensed by community members and does not screen for security, compatibility or performance. Community ARM templates are not supported under any Microsoft support programme or service, and are made available AS IS without warranty of any kind.

Parameters

Parameter Name Description
wafPolicyName The name of the WAF policy
wafMode Describes if it is in detection mode or prevention mode at policy level.
IPfilteringAction Type of Action based on the match filter. Must be Allow, Block or Log.
IPMatch The operator to be matched.

Use the template

PowerShell

New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deployment
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/201-front-door-waf-clientip/azuredeploy.json
Installing and configuring Azure PowerShell

Command line

az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deployment
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/201-front-door-waf-clientip/azuredeploy.json
Installing and configuring the Azure cross-platform command-line interface