README
¶
knock2spot
What is this?
This project is a small website (written on Go), which can be used to seamesly whitelist your IP address on Azure resources. Currenty you can use it to:
- Reveal your IP address
- Whitelist your IP address on Azure Paas firewall (currently supports only Storage Account)
- Whitelist your IP address on Network Security Group for specified destination port
How to use it?
You don't to compile this project, instead you can use the Docker image or build it yourself using the Dockerfile.
Easiest way how you can use this project is to deploy it to Azure App Service or Azure Container App. After deployment you'll need to assign managed identity to the app and grant permissions to the managed identity to the resources you want to whitelist your IP address on.
After App is deployed you can use it by navigating to the root of the website. You'll see 3 forms:
- For NSG whitelisting. Requires NSG resource ID, destination port, rule priority and rule name.
- For PaaS whitelisting. Requires resource's ID.
- For IP address revealing.
How it works?
This project uses Azure SDK for Go to interact with Azure in a following way:
-
It tries in different way to get Azure token - from MSI endpoint, environment variables or logged Azure CLI session.
-
It parses requester IP address from request headers and tries to whitelist it on specified resources.
-
Using token and requester's IP address it tries to append IP address to specified NSG rule or PaaS firewall.
Documentation
¶
There is no documentation for this package.
Source Files