Serverless Functions - DDoS protection RRS feed

  • Question

  • Dear fellows,

    What are the best practices for implementing Distributed Denial of Service protection for Azure Serverless Functions.

    Our functions are HTTP triggered and are running under a Consumption pricing tier.

    The documentation about Azure DDoS Standard mentions that "this protection does not apply to App Service Environments". Does it apply to Serverless Functions not running under an App Service?

    Thanks in advance!


    Wednesday, June 19, 2019 10:24 AM


  • You can place your function app as part of application gateway backend pool. So that you there will flexibility of keeping application gateway in a VNET for using DDoS feature capabilities in mitigating external flooded traffic. Here is the architecture for better understanding of the flow.


    If you think your question has been answered click "Mark as Answer" if just helped click "Vote as helpful". This can be beneficial to other community members reading this forum thread.

    Best regards

    Friday, June 21, 2019 10:02 AM