SOLVED

Cloudflare to Sentinel

Brass Contributor

We use the MS Cloudflare connector (Function) and Cloudflare Logpush to Azure to onboard Cloudflare logs into Sentinel. Logs are being ingested into the storage account container without any issues. We restricted the storage account to Cloudflare IPs to make the storage account secure and meet compliance requirements. Immediately after the restriction was added, the function app stopped talking to the storage account and started throwing authentication errors. Whitelisting function IPs didn't make any difference. In our opinion, scaling the function app plan from consumer to premium and enabling Vnet integration will resolve the issue.  By default, the function is deployed via an arm template in a consumer plan. I would greatly appreciate any suggestions or thoughts you might have.

2 Replies
best response confirmed by Sergei2435 (Brass Contributor)
Solution

Hey @Sergei2435 

 

Without looking at how its setup......and some guessing here, See this blog for storage accounts to function app using a private link, this should meet all your requirements and resolve your connectivity issues between storage account and function app

 

Secure storage account linked to Function App with private endpoint - Microsoft Community Hub

@BillClarksonAntill
Thanks for your feedback. It was resolved by manually onboarding the Cloudflare connector, adding VNET integration, and using private links.
1 best response

Accepted Solutions
best response confirmed by Sergei2435 (Brass Contributor)
Solution

Hey @Sergei2435 

 

Without looking at how its setup......and some guessing here, See this blog for storage accounts to function app using a private link, this should meet all your requirements and resolve your connectivity issues between storage account and function app

 

Secure storage account linked to Function App with private endpoint - Microsoft Community Hub

View solution in original post