security - Use of Web Application Firewall in front of a Azure Function App

Question

I have a light-weight function running in an Azure Function App. The function connects to an API endpoint over the internet as illustrated in the following diagram. It will always be outbound connections only.

My question is do I need to use a web application firewall in front of the Azure Function?

question from:https://stackoverflow.com/questions/65848806/use-of-web-application-firewall-in-front-of-a-azure-function-app

Answer 1

Simple answer: No. A Web Application Firewall is in most cases used to filter inbound HTTP traffic. Unless you are afraid of something hijacking your Function and making malicious outbound calls, you don't need that here. And as your Function doesn't have inbound HTTP calls, I really do not see a need for that.

Your external API provider might have a WAF in place, but that is nothing you need to care about.