Azure Functions doesn't have the capability for configuring centralized access control rules, but there's a way you can do this without APIM:
- Place your Azure Functions, Azure Data Factory, and Stream Analytics Jobs within a Virtual Network, and use Service Endpoints for these services. This restricts access to these services to only the resources within the same VNet.
- Configure the Application Gateway with the Web Application Firewall (WAF), and set up custom rules in the WAF to allow traffic only from those specific services. Configure the backend pool of the Application Gateway to include your Azure Functions.
- Use Azure Private DNS Zones to create custom DNS names for your Azure Functions within the VNet.
Hope this helps,
- If the reply was helpful please upvote and/or accept as answer as this helps others in the community with similar questions. Thanks!