IpSecurityRestriction Class
IP security restriction on an app.
Constructor
IpSecurityRestriction(*args: Any, **kwargs: Any)Variables
| Name | Description |
|---|---|
|
ip_address
|
IP address the security restriction is valid for. It can be in form of pure ipv4 address (required SubnetMask property) or CIDR notation such as ipv4/mask (leading bit match). For CIDR, SubnetMask property must not be specified. |
|
subnet_mask
|
Subnet mask for the range of IP addresses the restriction is valid for. |
|
vnet_subnet_resource_id
|
Virtual network resource id. |
|
vnet_traffic_tag
|
(internal) Vnet traffic tag. |
|
subnet_traffic_tag
|
(internal) Subnet traffic tag. |
|
action
|
Allow or Deny access for this IP range. |
|
tag
|
str or
IpFilterTag
Defines what this IP filter will be used for. This is to support IP filtering on proxies. Known values are: "Default", "XffProxy", and "ServiceTag". |
|
priority
|
Priority of IP restriction rule. |
|
name
|
IP restriction rule name. |
|
description
|
IP restriction rule description. |
|
headers
|
IP restriction rule headers. X-Forwarded-Host (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Host#Examples). The matching logic is ..
but not the root domain contoso.com or multi-level foo.bar.contoso.com
X-Forwarded-For (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For#Examples). The matching logic is ..
X-Azure-FDID and X-FD-HealthProbe. The matching logic is exact match. |
Attributes
action
Allow or Deny access for this IP range.
action: str | Nonedescription
IP restriction rule description.
description: str | Noneheaders
IP restriction rule headers. X-Forwarded-Host (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Host#Examples). The matching logic is ..
If the property is null or empty (default), all hosts(or lack of) are allowed.
A value is compared using ordinal-ignore-case (excluding port number).
Subdomain wildcards are permitted but don't match the root domain. For example, >>*<<.contoso.com matches the subdomain foo.contoso.com
but not the root domain contoso.com or multi-level foo.bar.contoso.com
- Unicode host names are allowed but are converted to Punycode for matching.
X-Forwarded-For (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For#Examples). The matching logic is ..
If the property is null or empty (default), any forwarded-for chains (or lack of) are allowed.
If any address (excluding port number) in the chain (comma separated) matches the CIDR defined by the property.
X-Azure-FDID and X-FD-HealthProbe. The matching logic is exact match.
headers: dict[str, list[str]] | Noneip_address
IP address the security restriction is valid for. It can be in form of pure ipv4 address (required SubnetMask property) or CIDR notation such as ipv4/mask (leading bit match). For CIDR, SubnetMask property must not be specified.
ip_address: str | Nonename
IP restriction rule name.
name: str | Nonepriority
Priority of IP restriction rule.
priority: int | Nonesubnet_mask
Subnet mask for the range of IP addresses the restriction is valid for.
subnet_mask: str | Nonesubnet_traffic_tag
(internal) Subnet traffic tag.
subnet_traffic_tag: int | Nonetag
Defines what this IP filter will be used for. This is to support IP filtering on proxies. Known values are: "Default", "XffProxy", and "ServiceTag".
tag: str | _models.IpFilterTag | Nonevnet_subnet_resource_id
Virtual network resource id.
vnet_subnet_resource_id: str | Nonevnet_traffic_tag
(internal) Vnet traffic tag.
vnet_traffic_tag: int | None