Force all outbound traffic from Azure Function trough Firewall

I assume that you have a HUB/Spoke design where there is a route table, that has a default route that points all traffic to the Firewall in the hub.

On the Function App you deploy in a spoke, you need to configure outbound network integration.

It is important to enable: “Outbound internet traffic”

The configuration on the Function App needs the setting: “vnetRouteAllEnabled” = 1

Azure function that returns HTTP status code and text string

using namespace System.Net

# Input bindings are passed in via param block.
param($Request, $TriggerMetadata)
$body = "<html><body>"

# Write to the Azure Functions log stream.
Write-Host "PowerShell HTTP trigger function processed a request."

# Interact with query parameters or the body of the request.
$InputString += $Request.Query.TextString
if ($InputString -eq $null) {$InputString = "Default string"}
$body += $InputString

$body += "<br><p>Version: 11</p>"
$body += "</body></html>"

$statusCode = $Request.Query.StatusCode
if ($statusCode -eq $null) {$statusCode = "OK"}

# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
    StatusCode = [HttpStatusCode]::$statusCode
    ContentType = "text/html"
    Body = $body