Restrict access to Azure GIT repositories from outside company network RRS feed

  • Question

  • Hi, we have requirement where we would like to restrict developers from accessing Azure GIT repositories from outside company network OR from their private laptop. Need more insight on conditional access if it will address code repositories access issue.

    Friday, July 12, 2019 2:09 PM

All replies

  • Hello CISCommon

    You should be able to block access using the conditions within the . If you are referring to azure GIT repositories on Azure Devops , then you should be able to use conditional access to block access to it . I do not have an external IP setup so , testing this is difficult for me but you can create named locations for the Corp network subnets. You can use Named location condition within Azure Active Directory > Security > conditional access blade. 

    You can click New location and create a new location as below with the desired IP ranges/IP address . Please check the article linked above for more information. 

    After defining all your valid office location Subnets in a named location or multiple named locations you can mark them as trusted as below.

    The defined named locations can be used as a condition to allow or block access within the conditional access policy.

    Once defined , you can use Conditional Access policy for Azure Devops as below. 

    Also you can check the specific details about setting within Azure Devops on how to restrict User access.

    Hope the information helps.

    Thank you. 

    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!!

    Friday, July 12, 2019 4:46 PM
  • I'm following up on this, please remember to mark one of the responses as answer if your question has been answered. If not please let us know if there are anymore questions. Thanks
    Friday, July 26, 2019 10:44 PM