IpSecurityRestriction Class
IP security restriction on an app.
ivar ip_address: IP address the security restriction is valid for. It can be in form of pure ipv4 address (required SubnetMask property) or CIDR notation such as ipv4/mask (leading bit match). For CIDR, SubnetMask property must not be specified.
vartype ip_address: str
ivar subnet_mask: Subnet mask for the range of IP addresses the restriction is valid for.
vartype subnet_mask: str
ivar vnet_subnet_resource_id: Virtual network resource id.
vartype vnet_subnet_resource_id: str
ivar vnet_traffic_tag: (internal) Vnet traffic tag.
vartype vnet_traffic_tag: int
ivar subnet_traffic_tag: (internal) Subnet traffic tag.
vartype subnet_traffic_tag: int
ivar action: Allow or Deny access for this IP range.
vartype action: str
ivar tag: Defines what this IP filter will be used for. This is to support IP filtering on proxies. Known values are: "Default", "XffProxy", and "ServiceTag".
vartype tag: str or ~azure.mgmt.web.models.IpFilterTag
ivar priority: Priority of IP restriction rule.
vartype priority: int
ivar name: IP restriction rule name.
vartype name: str
ivar description: IP restriction rule description.
vartype description: str
ivar headers: IP restriction rule headers.
X-Forwarded-Host (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Host#Examples).
The matching logic is ..
If the property is null or empty (default), all hosts(or lack of) are allowed.
A value is compared using ordinal-ignore-case (excluding port number).
Subdomain wildcards are permitted but don't match the root domain. For example, >>*<<.contoso.com matches the subdomain foo.contoso.com
but not the root domain contoso.com or multi-level foo.bar.contoso.com
- Unicode host names are allowed but are converted to Punycode for matching.
X-Forwarded-For (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For#Examples).
The matching logic is ..
If the property is null or empty (default), any forwarded-for chains (or lack of) are allowed.
If any address (excluding port number) in the chain (comma separated) matches the CIDR defined by the property.
X-Azure-FDID and X-FD-HealthProbe. The matching logic is exact match.
vartype headers: dict[str, list[str]]
keyword ip_address:
IP address the security restriction is valid for.
It can be in form of pure ipv4 address (required SubnetMask property) or
CIDR notation such as ipv4/mask (leading bit match). For CIDR,
SubnetMask property must not be specified.
paramtype ip_address:
str
keyword subnet_mask:
Subnet mask for the range of IP addresses the restriction is valid for.
paramtype subnet_mask:
str
keyword vnet_subnet_resource_id:
Virtual network resource id.
paramtype vnet_subnet_resource_id:
str
keyword vnet_traffic_tag:
(internal) Vnet traffic tag.
paramtype vnet_traffic_tag:
int
keyword subnet_traffic_tag:
(internal) Subnet traffic tag.
paramtype subnet_traffic_tag:
int
keyword action:
Allow or Deny access for this IP range.
paramtype action:
str
keyword tag:
Defines what this IP filter will be used for. This is to support IP filtering on
proxies. Known values are: "Default", "XffProxy", and "ServiceTag".
paramtype tag:
str or ~azure.mgmt.web.models.IpFilterTag
keyword priority:
Priority of IP restriction rule.
paramtype priority:
int
keyword name:
IP restriction rule name.
paramtype name:
str
keyword description:
IP restriction rule description.
paramtype description:
str
keyword headers:
IP restriction rule headers.
X-Forwarded-Host (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Host#Examples).
The matching logic is ..
If the property is null or empty (default), all hosts(or lack of) are allowed.
A value is compared using ordinal-ignore-case (excluding port number).
Subdomain wildcards are permitted but don't match the root domain. For example, >>*<<.contoso.com matches the subdomain foo.contoso.com
but not the root domain contoso.com or multi-level foo.bar.contoso.com
- Unicode host names are allowed but are converted to Punycode for matching.
X-Forwarded-For (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For#Examples).
The matching logic is ..
If the property is null or empty (default), any forwarded-for chains (or lack of) are allowed.
If any address (excluding port number) in the chain (comma separated) matches the CIDR defined by the property.
X-Azure-FDID and X-FD-HealthProbe. The matching logic is exact match.
paramtype headers: dict[str, list[str]]
Constructor
IpSecurityRestriction(*, ip_address: str | None = None, subnet_mask: str | None = None, vnet_subnet_resource_id: str | None = None, vnet_traffic_tag: int | None = None, subnet_traffic_tag: int | None = None, action: str | None = None, tag: str | _models.IpFilterTag | None = None, priority: int | None = None, name: str | None = None, description: str | None = None, headers: dict[str, list[str]] | None = None, **kwargs: Any)Keyword-Only Parameters
| Name | Description |
|---|---|
|
ip_address
|
Default value: None
|
|
subnet_mask
|
Default value: None
|
|
vnet_subnet_resource_id
|
Default value: None
|
|
vnet_traffic_tag
|
Default value: None
|
|
subnet_traffic_tag
|
Default value: None
|
|
action
|
Default value: None
|
|
tag
|
Default value: None
|
|
priority
|
Default value: None
|
|
name
|
Default value: None
|
|
description
|
Default value: None
|
|
headers
|
Default value: None
|
