cachai2
commented
1 year ago Another alternative that is supported today is you can restrict IP addresses for inbound traffic at an app level. Would this help with your scenario?
Open anrub opened 1 year ago
cachai2
commented
1 year ago Another alternative that is supported today is you can restrict IP addresses for inbound traffic at an app level. Would this help with your scenario?
Is your feature request related to a problem? Please describe.
A typical architecture pattern for most web applications is currently an application gateway for ingress, with active web application firewall, the gateway forwards traffic to the private web application (container apps).
Describe the solution you'd like.
If I could assign a web application firewall policy to the ingress of an app, it would be not necessary to add the complexity of application gateway to the architecture.
Together with managed certificates, it would be a fully-self containing solution to host secure web applications on azure.
Describe alternatives you've considered.
Currently, you have to add an application gateway, which is quite high in pricing. You have to create 2 instances, one for public apps and one for private apps.