I am creating an Azure container instance to host an index for testing purposes. Currently I can only get it to work with IpAddressType set as Public, but of course this makes the index available to the world.
Is it possible to secure an Azure container instance with IP restrictions, preferably using PowerShell?
When I configure the container image with IpAddressType set as Private, I am unable to access the index.
Below is the command I am using to create the container instance:
New-AzureRmContainerGroup -ResourceGroupName $resourceGroup `
-Name indexcontainer `
-Image $image `
-IpAddressType Public `
-Location $resourceGroupLocation `
-MemoryInGB 6 `
-Cpu 2 `
-Port 9200
You can use the Network Security Groups(NSG) to block some IPs. You can add different rules in one NSG and config this NSG to your cloud service's VNet. Firstly, you need to have a NSG with rules that can block the target IPs. You can use portal to create the NSG and add rules in it.
Learn to deploy, scale, orchestrate, and manage containers with Docker and Kubernetes through hands-on lessons and labs.
TODAY:
Not with Container Groups, if you open up a port on the container group, it is public to the world.
Container-Group is the little brother (mini version) of full-on AKS.
AKS, the big brother, gives you more control.
See : https://docs.microsoft.com/en-us/azure/aks/internal-lb
-IpAddressType Accepted values: Public
https://docs.microsoft.com/en-us/powershell/module/azurerm.containerinstance/new-azurermcontainergroup?view=azurermps-6.13.0
Note, the only value accepted in documentation is "Public"
However, they put the placeholder in for future arguments besides "Public"...so I think they see this as a gap in functionality........
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With