Powershell script for Azure WebApp Firewall

Question

I have a script that removes and then adds firewall restrictions on Azure WebApp before doing a deployment. Below you will find the script

az webapp config access-restriction remove -g $(qa-rg) -n $(qa-app) --rule-name myip --action Allow --ip-address 157.71.103.203/32 --priority 1011
az webapp config access-restriction remove -g $(qa-rg) -n $(qa-app) --rule-name myip --action Allow --ip-address 157.71.173.703/32 --priority 1012

az webapp config access-restriction add -g $(qa-rg) -n $(qa-app) --rule-name myip --action Allow --ip-address 157.71.103.203/32 --priority 1011
az webapp config access-restriction add -g $(qa-rg) -n $(qa-app) --rule-name myip --action Allow --ip-address 157.71.173.703/32 --priority 1012

The issue with the above command is that, suppose someone has manually removed the firewall or the firewall does not exist for that user, then the script fails with an error in this case.

Is there a way to first check all the firewalls enabled for different users, then traverse and remove each of them and then finally again add all the firewall rules for the removed users.

Can someone please help me create this script as I am just learning scripting

Thanks

Answer 1

Firstly, you are using Azure CLI command rather than Power Shell command.

Here is the command for removing access restriction rule using power shell:

Remove-AzWebAppAccessRestrictionRule -ResourceGroupName "Default-Web-WestUS" -WebAppName "ContosoSite" -Name IpRule

For checking the rule exist or not, you could use Get-AzWebAppAccessRestrictionConfig.

If you want check and remove automatically, try this:

$results = (Get-AzWebAppAccessRestrictionConfig -ResourceGroupName "ResourceGroup" -Name "yourweb").MainSiteAccessRestrictions
$results

foreach($result in $results)
{
    if($result){
    Remove-AzWebAppAccessRestrictionRule -ResourceGroupName "ResourceGroup" -WebAppName "yourweb" -Name $result.RuleName
    sleep 10
    }
}