Microsoft Network NetworkSecurityGroups

Best practices and references below are based on published guidance from the cloud service provider and may reference native capabilities the cloud service provider offers. If you are not using the native security capabilities, the same security requirement can be met using other security capabilities your organization utilizes
Asset Inventory
Design Guidance:
Tag resources, resource groups, and subscriptions for logical organization - Azure Resource Manager
docsmsft
Microsoft.Network/networkSecurityGroups
Name
​Azure Resource Manager​
​Terraform​
Tags
​Azure Resource Manager​
​Terraform​
Microsoft.Network/networkSecurityGroups/securityRules
Name
​Azure Resource Manager​
​Terraform​
​
Design for Minimum Necessary Information Flows
Design Guidance:
Azure network security groups overview
docsmsft
Microsoft.Network/networkSecurityGroups/securityRules
Protocol
​Azure Resource Manager​
​Terraform​
Source Address Prefix
​Azure Resource Manager​
​Terraform​
Source Address Prefixes
​Azure Resource Manager​
​Terraform​
Source Application Security Groups-Id
​Azure Resource Manager​
​Terraform​
Destination Address Prefix
​Azure Resource Manager​
​Terraform​
Destination Address Prefixes
​Azure Resource Manager​
​Terraform​
Destination Application Security Groups-Id
​Azure Resource Manager​
​Terraform​
Access
​Azure Resource Manager​
​Terraform​
Priority
​Azure Resource Manager​
​Terraform​
Direction
​Azure Resource Manager​
​Terraform​
​
Deny-all Communications and Only Allow-by-Exception
Design Guidance:
Network security group - how it works
docsmsft
Microsoft.Network/networkSecurityGroups/securityRules
Source Port Range
​Azure Resource Manager​
​Terraform​
Destination Port Range
​Azure Resource Manager​
​Terraform​
Source Port Ranges
​Azure Resource Manager​
​Terraform​
Destination Port Ranges
​Azure Resource Manager​
​Terraform​
​

Microsoft Network LoadBalancers

Microsoft Network PrivateDnsZones

Last modified 7mo ago

Name	Azure Resource Manager	Terraform
Tags	Azure Resource Manager	Terraform

Protocol	Azure Resource Manager	Terraform
Source Address Prefix	Azure Resource Manager	Terraform
Source Address Prefixes	Azure Resource Manager	Terraform
Source Application Security Groups-Id	Azure Resource Manager	Terraform
Destination Address Prefix	Azure Resource Manager	Terraform
Destination Address Prefixes	Azure Resource Manager	Terraform
Destination Application Security Groups-Id	Azure Resource Manager	Terraform
Access	Azure Resource Manager	Terraform
Priority	Azure Resource Manager	Terraform
Direction	Azure Resource Manager	Terraform

Source Port Range	Azure Resource Manager	Terraform
Destination Port Range	Azure Resource Manager	Terraform
Source Port Ranges	Azure Resource Manager	Terraform
Destination Port Ranges	Azure Resource Manager	Terraform