Outbound IP of the function app in Basic pricing tier

Amber Huang 0 Reputation points
2024-07-01T06:25:13.5966667+00:00

Hi Team,

We have a Function App on the Basic pricing tier, and we are trying to whitelist its outbound IP address in our Azure SQL Server. However, when I check the incoming logs of the SQL Server, the client IP from the Function App appears as 0.0.0.0. We do not want to whitelist 0.0.0.0. How can we whitelist the correct outbound IP address so that the Function App can connect to the SQL Server?

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,631 questions
{count} votes

2 answers

Sort by: Most helpful
  1. akinbade abiola 8,450 Reputation points
    2024-07-01T07:41:09.0733333+00:00

    Hello Amber Huang,

    Thanks for your question

    Function Apps running on the Consumption plan won't have a static outbound IP address. It uses a limited set of outbound IP addresses based on the Azure region

    Outbound IP restrictions are available in a Flex Consumption plan, Elastic Premium plan, App Service plan, or App Service Environment.

    You may need to move your Function App to a Premium or Dedicated plan. With this you can configure a VNet for your function app and use a NAT Gateway to assign a static public IP address for outbound traffic.

    See: Azure Functions networking options

    You can mark it 'Accept Answer' and 'Upvote' if this helped you

    Regards,

    Abiola

    0 comments No comments

  2. SwathiDhanwada-MSFT 18,551 Reputation points
    2024-07-01T07:52:35.82+00:00

    @Amber Huang As mentioned by akinbade, when you are using a Function App on the Basic pricing tier, the outbound IP address is not static and can change frequently. Therefore, it is not recommended to whitelist the outbound IP address of the Function App in your Azure SQL Server.

    Instead, you can use the Azure SQL Database firewall to allow access to your database from Azure services. This will allow your Function App to connect to the SQL Server without whitelisting the outbound IP address.

    To enable access to your Azure SQL Server from Azure services, you can follow these steps:

    1. Go to the Azure portal and navigate to your Azure SQL Server.
    2. Click on the "Firewalls and virtual networks" tab.
    3. Under the "Allow access to Azure services" section, toggle the switch to "Yes".
    4. Click on the "Save" button to save the changes.

    With this configuration, your Function App will be able to connect to the Azure SQL Server without any issues. Please note that enabling access to Azure services will allow any Azure service to connect to your Azure SQL Server, so make sure to secure your database with strong authentication and authorization mechanisms.

    0 comments No comments