all Technical posts

IP Restrictions in Logic Apps

Recently, I discovered a new tab for Logic Apps resources in the Azure portal, named Workflow Settings. Workflow settings is a very generic name, but it's good to know that it includes additional access control configuration, through inbound IP restrictions. There are two types of restrictions possible: on the runtime and on the run history. Let's have a closer look!

Codit team
7 March 2018

IP1

Runtime restrictions

You can configure IP restrictions to your Logic Apps triggers:

  • Any IP: the default setting that does not provide any additional security
  • Only other Logic Apps: this should be the default setting for Logic Apps that are used as reusable components
  • Specific IP ranges: this should be configured for externally exposed Logic Apps, if possible

When trying to access the Logic App trigger from an unauthorized IP address, you get a 401 Unauthorized.

The client IP address ‘XXX.XXX.XXX.XXX’ is not in the allowed caller IP address ranges specified in the workflow access control configuration.

Run history restrictions

You can also restrict calls to the run history inputs and outputs. When there are no IP addresses provided, there’s no restriction. From the moment you provide IP ranges, it behaves as a whitelist of allowed addresses.

When trying to access the Logic App run details from an unauthorized IP address, you can still see the visual representation of the Logic App run. However you’re not able to consult the further details.

IP2

Conclusion

Another small, but handy security improvement to Logic Apps. It’s important to be aware of these capabilities and to apply them wisely.

Cheers!
Toon

Subscribe to our RSS feed

Related articles

Demystifying Role-Based Access with System Assigned Managed Identities in Azure

Traditionally, security between Azure components is assured through the use of SAS tokens. For some time, you have been able to use managed identities between Azure components. In this blog post, we'll go over how to leverage this.

Customer Care: A Deep Dive into CloudBrew 2023

CloudBrew 2023 ran from December 7th to 8th this year, and a team from Customer Care immersed ourselves in a variety of insightful sessions presented by engaging speakers covering diverse topics. In this blog post, we’ll take a deep dive into three talks that left a lasting impression on us.

Navigating the Future of IT Infrastructure and Security: Insights from CloudBrew 2023

As the main system administrator in our company, staying ahead in the ever-evolving landscape of IT infrastructure and security is not just a responsibility but a necessity. Recently, I had the opportunity to attend a series of enlightening sessions at CloudBrew, which focused on the latest advancements in IT infrastructure,…

Send blog to my inbox

Invalid email address

Submit

Thanks, we've sent the link to your inbox

Invalid email address

Submit

Your download should start shortly!

Stay in Touch - Subscribe to Our Newsletter

Keep up to date with industry trends, events and the latest customer stories

Invalid email address

Submit

Great you’re on the list!