Azure API 管理在 API 端点级别限制多个呼叫者 IP 地址 API
Azure API Management Restrict multiple caller IP Address API in API endpoint level
我想在 Azure APIM 策略级别限制某些 IP。
但不确定如何使用 policy scope
达到 API 终点级别
我在 policy.xml 中有以下代码:
<policies>
<inbound>
<base />
<!-- statements to be applied to the request go here -->
<authentication-certificate thumbprint="@((string)context.Variables["ClientCertificateThumbprint"])" />
<rate-limit-by-key calls="100" renewal-period="60" counter-key="@(context.Request.Headers.GetValueOrDefault("Ocp-Apim-Subscription-Key"))" />
<cors>
<allowed-origins>
<origin>*</origin>
</allowed-origins>
<allowed-methods preflight-result-max-age="600">
<method>*</method>
</allowed-methods>
<allowed-headers>
<header>*</header>
</allowed-headers>
<expose-headers>
<header>*</header>
</expose-headers>
</cors>
<ip-filter action="allow">
<address>55.11.187.20</address>
<address-range from="186.168.95.0" to="186.168.95.20" />
</ip-filter>
</inbound>
<backend>
<base />
<!-- statements to be applied before the request is forwarded to
the backend service go here -->
</backend>
<outbound>
<base />
<!-- statements to be applied to the response go here -->
</outbound>
<on-error>
<base />
<!-- statements to be applied if there is an error condition go here -->
</on-error>
</policies
>
- 导航到 Azure 门户,您的 APIM 服务,APIs。
- 点击 API 您要对其应用 IP 过滤器
- 在 "Inbound processing" 部分单击 "Add policy" 和 select IP 过滤器。
使用高级策略中的控制流,您可以将范围更改为 API 端点级别(操作)以限制 IP 地址,如下所示
<choose>
<when condition="@(context.Operation.Id.Equals("StatusGet"))">
<ip-filter action="allow">
<address>55.11.187.20</address>
<address-range from="186.168.95.0" to="186.168.95.20" />
</ip-filter>
</when>
</choose>
</inbound>
参考:https://docs.microsoft.com/en-us/azure/api-management/api-management-advanced-policies
我想在 Azure APIM 策略级别限制某些 IP。
但不确定如何使用 policy scope
我在 policy.xml 中有以下代码:
<policies>
<inbound>
<base />
<!-- statements to be applied to the request go here -->
<authentication-certificate thumbprint="@((string)context.Variables["ClientCertificateThumbprint"])" />
<rate-limit-by-key calls="100" renewal-period="60" counter-key="@(context.Request.Headers.GetValueOrDefault("Ocp-Apim-Subscription-Key"))" />
<cors>
<allowed-origins>
<origin>*</origin>
</allowed-origins>
<allowed-methods preflight-result-max-age="600">
<method>*</method>
</allowed-methods>
<allowed-headers>
<header>*</header>
</allowed-headers>
<expose-headers>
<header>*</header>
</expose-headers>
</cors>
<ip-filter action="allow">
<address>55.11.187.20</address>
<address-range from="186.168.95.0" to="186.168.95.20" />
</ip-filter>
</inbound>
<backend>
<base />
<!-- statements to be applied before the request is forwarded to
the backend service go here -->
</backend>
<outbound>
<base />
<!-- statements to be applied to the response go here -->
</outbound>
<on-error>
<base />
<!-- statements to be applied if there is an error condition go here -->
</on-error>
</policies
>
- 导航到 Azure 门户,您的 APIM 服务,APIs。
- 点击 API 您要对其应用 IP 过滤器
- 在 "Inbound processing" 部分单击 "Add policy" 和 select IP 过滤器。
使用高级策略中的控制流,您可以将范围更改为 API 端点级别(操作)以限制 IP 地址,如下所示
<choose>
<when condition="@(context.Operation.Id.Equals("StatusGet"))">
<ip-filter action="allow">
<address>55.11.187.20</address>
<address-range from="186.168.95.0" to="186.168.95.20" />
</ip-filter>
</when>
</choose>
</inbound>
参考:https://docs.microsoft.com/en-us/azure/api-management/api-management-advanced-policies