azNetworkSecurityGroup
+++ title = "azNetworkSecurityGroup" description = "Azure Network Security Group" weight = 10 alwaysopen = false +++
Use the resource azNetworkSecurityGroup to deploy an Azure Network Security Group to the relevant subscription.
Attributes
| Attribute | Type | Mandatory | Values | Default | Notes |
|---|---|---|---|---|---|
| Name | String | Yes | |||
| ResourceGroupName | String | Yes | |||
| Location | String | Yes | |||
| Rule | Object | No | |||
| Diagnostic | Object | No | |||
| Tag | Object | No | |||
| Lock | Object | No |
Rule
| Attribute | Type | Mandatory | Values | Default | Notes |
|---|---|---|---|---|---|
| Name | String | Yes | |||
| Description | String | No | |||
| Access | String | Yes | |||
| Protocol | String | Yes | udp, tcp | ||
| Direction | String | Yes | inbound, outbound | ||
| Priority | Number | Yes | |||
| SourceAddressPrefix | String | Yes | |||
| SourcePortRange | String | Yes | |||
| DestinationAddressPrefix | String | Yes | |||
| DestinationPortRange | String | Yes |
Diagnostic
| Attribute | Type | Mandatory | Values | Default | Notes |
|---|---|---|---|---|---|
| Name | String | Yes | |||
| Log | Object | No | |||
| Target | Object | No |
Diagnostic Log
| Attribute | Type | Mandatory | Values | Default | Notes |
|---|---|---|---|---|---|
| Enabled | Boolean | No | Defaults to true if Category is not null | ||
| Category | Array | No | NetworkSecurityGroupEvent | ||
| NetworkSecurityGroupRuleCounter |
Input by YAML
Object model for YAML deployment:
azNetworkSecurityGroup:
# Mandatory
- Name: 'string'
ResourceGroupName: 'string'
Location: 'string'
# Optional
Rule:
- Name: 'string'
Description: 'string'
Access: 'string' # allow, deny
Protocol: 'string' # tcp, udp
Direction: 'string' # inbound, outbound
Priority: number # minimum 100
SourceAddressPrefix: 'string'
SourcePortRange: 'string'
DestinationAddressPrefix: 'string'
DestinationPortRange: 'string'
Diagnostic:
- Name: 'string'
Log:
Enabled: boolean # True (D if Category not null), False
Category: [array] # Defaults to all if enabled
Target:
Blob:
StorageAccount: 'string'
ResourceGroupName: 'string' # Defaults to RG of resource
Subscription: 'string' # Defaults to Sub of resource
StorageKeyType: 'string' # Primary, Secondary
RetentionInDays: 'string'
EventHub:
Name: 'string'
Namespace: 'string'
ResourceGroupName: 'string' # Defaults to RG of resource
Subscription: 'string' # Defaults to Sub of resource
SharedAccessPolicy: 'string' # RootManageSharedAccessKey (D)
LogAnalytics:
Workspace: 'string'
ResourceGroupName: 'string' # Defaults to RG of resource
Subscription: 'string' # Defaults to Sub of resource
Tag:
'keyvalue-pairs'
Lock:
- Name: 'string'
Level: 'string' # CanNotDelete, ReadOnly
Notes: 'string'
Input by JSON
Object model for JSON deployment:
{
"azNetworkSecurityGroup": [
{
"Name": "string",
"ResourceGroupName": "string",
"Location": "string",
"Rule": [
{
"Name": "string",
"Description": "string",
"Access": "string",
"Protocol": "string",
"Direction": "string",
"Priority": number,
"SourceAddressPrefix": "string",
"SourcePortRange": "string",
"DestinationAddressPrefix": "string",
"DestinationPortRange": "string"
}
],
"Diagnostic": [
{
"Name": "string",
"Log": {
"Enabled": "string",
"Category": [array]
},
"Target": {
"Blob": {
"StorageAccount": "string",
"ResourceGroupName": "string",
"Subscription": "string",
"StorageKeyType": "string",
"RetentionInDays": number
},
"EventHub": {
"Name": "string",
"Namespace": "string",
"ResourceGroupName": "string",
"Subscription": "string",
"SharedAccessPolicy": "string"
},
"LogAnalytics": {
"Workspace": "string",
"ResourceGroupName": "string",
"Subscription": "string"
}
}
}
],
"Tag": {
"key": "value"
},
"Lock": [
{
"Name": "string",
"Level": "string",
"Notes": "string"
}
]
}
]
}