I would love the ability to define an IP Whitelist firewall rule on my configuration services.
This would benefit customers that are running in hybrid multi-cloud + on-prem environments, where traffic to the configuration service needs to originate from outside Azure data-centers.
Azure Key Vault already supports this functionality, but protecting configuration services in the same manner creates defense in depth.
Many corporate environments have a strong desire to protect all configuration (not just vaulted secrets), because compromising and changing non-sensitive configuration can modify application behavior and create a denial of service.
I would love the ability to define an IP Whitelist firewall rule on my configuration services.
This would benefit customers that are running in hybrid multi-cloud + on-prem environments, where traffic to the configuration service needs to originate from outside Azure data-centers.
Azure Key Vault already supports this functionality, but protecting configuration services in the same manner creates defense in depth.
Many corporate environments have a strong desire to protect all configuration (not just vaulted secrets), because compromising and changing non-sensitive configuration can modify application behavior and create a denial of service.