Microsoft Azure supports location-based conditional access policies to ensure only requests made from Aqua Cloud are allowed to access your application.
This policy will restrict the application only to Aqua Cloud IP addresses. To enable this policy please follow these steps:
1. Enter the Azure Active Directory service
2. Select the Enterprise applications blade
3. Select the Conditional Access blade
4. Select Named locations
5. Select New location
6. Add "Aqua Cloud IP Address" to the Name
7. Ensure that "IP Ranges" is selected
8. Add 3.231.74.65/32 as the IP range
9. Select the Create button
10. Now enter the Policies Blade
11. Select New Policy
12. Select the Cloud apps or actions blade
13. ensure that Cloud apps is selected
14. Ensure that Select apps is selected
15. Click the Select blade
16. Search for the "aqua-cloud-remediator" application and select it
17. Click Select.
18. Select the Conditions Blade
19. Select the Locations Blade
20. Ensure that Yes is selected
21. Ensure that Selected Locations is selected
22. Click the Select blade
23. Select the "Aqua Cloud IP Address" that was created from before
24. Select the Session blade
25. Select Use Conditional Access App Control with Monitor Only
26. Ensure everything is configured correctly
27. Select Create