How can I Programatically edit the NetworkConfiguration node of the ServiceConfiguration file for my Azure Worker Roles?

Question

I have been reading about blocking Ip addresses from launching attacks against my published service, in this case a Worker Role. I have added a NetworkConfiguration to help achieve this goal and it appears to work just fine.

Now my question is this, how can I add nodes to this file from my running program?

I plan to keep logs and when an IP has sent a number of bad requests I would like my program to update the list of black listed IP addresses. It is not reasonable for me to manually edit this list overtime when I hopefully can blacklist live should my port come under a brute force attack or dns attack.

1. How can I load the config file in code to use XDocument to edit the values in that node?
2. Will these changes propagate out to the other instances running automatically?
3. Is there another way to accomplish this goal?

Answer 1

I believe you can. Changes to ServiceConfig (not Service Defintion) can be updated via Service Management API.

API definition is here: https://msdn.microsoft.com/en-us/library/azure/ee460809.aspx

If you're in .NET you may want to use one of the Nuget packages to assist with this: https://www.nuget.org/packages/Microsoft.WindowsAzure.Management.Compute/