I have a URL that's set up with an Azure Application Gateway equipped with WAF v2. I want to limit access so that only certain App Services, like myapp1.azurewebsites.net and myapp2.azurewebsites.net, can reach this URL. I've looked around and even checked with ChatGPT but it seems like I can't set up URLs directly in a WAF custom rule to manage this access. Does anyone have suggestions on how to allow specific URLs through WAF?
11 Answers
So, you want to restrict access to just a few app services through the Azure Application Gateway? A simpler approach might be to enable VNet integration for those apps—they'll then stay together, boosting security and cutting costs! But if you still prefer WAF rules, that's an option too.
Y
r
C
a
Are you trying to ensure just these two specific web services can access the Application Gateway, or do you want to limit it to just those and not allow other sites? Clarifying that will help pinpoint the best approach!
c
C
r
a
Using VNet integration sounds smart and budget-friendly. If a WAF is necessary, consider creating an internal Application Gateway for added security, but avoid complicating things too much. It can be done more efficiently by using service endpoints!