Add script for managing firewall rules

manage-appservice-firewall-rules.py

@@ -0,0 +1,41 @@
+import requests
+import os
+
+def main():
+    rg = input("Please enter the resource group name: ")
+    app = input("Please enter the app service name: ")
+
+    res = requests.get('https://www.cloudflare.com/ips-v4')
+    cloudflare_ips_v4 = res.text.split('\n')
+    res = requests.get('https://www.cloudflare.com/ips-v6')
+    cloudflare_ips_v6 = res.text.split('\n')
+
+    combined = cloudflare_ips_v4 + cloudflare_ips_v6
+    
+    start = 0
+    stop = len(combined)
+    step = 8
+
+    cmds = []
+    for ips in range(start, stop, step):
+        ip_block = ','.join(combined[ips:ips+step])
+        cmd = "az webapp config access-restriction add -g %s -n %s --ip-address %s --priority 100" % (rg, app, ip_block)
+        cmds.append(cmd)
+    prompt = input("Run these commands?: (y/n) \n %s \n" % ('\n'.join(cmds)))
+    print(prompt)
+    if prompt.capitalize() == "Y":
+        os.system('\n'.join(cmds))
+        p = input("Set default to deny?")
+        if p.capitalize() == 'Y':
+            print("Setting default action to Deny")
+            os.system("az webapp config access-restriction set -g %s -n %s --default-action Deny" % (rg, app))
+
+
+        # print("Setting SCM site with the same restrictions")
+        # os.system("az webapp config access-restriction set -g %s -n %s --use-same-restrictions-for-scm-site true" % (rg, app))
+    else:
+        print("Exiting without making changes")
+        exit(0)
+
+if __name__ == "__main__":
+    main()