Configure WAF client IP restriction for Azure Front Door

Last updated: 10/12/2019

This template configures WAF client IP restriction for Azure Front Door endpoint

This Azure Resource Manager template was created by a member of the community and not by Microsoft. Each Resource Manager template is licensed to you under a license agreement by its owner, not Microsoft. Microsoft is not responsible for Resource Manager templates provided and licensed by community members and does not screen for security, compatibility, or performance. Community Resource Manager templates are not supported under any Microsoft support program or service, and are made available AS IS without warranty of any kind.

Parameters

Parameter Name Description
wafPolicyName The name of the WAF policy
wafMode Describes if it is in detection mode or prevention mode at policy level.
IPfilteringAction Type of Action based on the match filter. Must be Allow, Block or Log.
IPMatch The operator to be matched.

Use the template

PowerShell

New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deployment
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/201-front-door-waf-clientip/azuredeploy.json
Install and configure Azure PowerShell

Command line

az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deployment
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/201-front-door-waf-clientip/azuredeploy.json
Install and Configure the Azure Cross-Platform Command-Line Interface