Navigation :

azNetworkSecurityGroup

Use the resource azNetworkSecurityGroup to deploy an Azure Network Security Group to the relevant subscription.

Attributes

Attribute Type Mandatory Values Default Notes
Name String Yes
ResourceGroupName String Yes
Location String Yes
Rule Object No
Diagnostic Object No
Tag Object No
Lock Object No

Rule

Attribute Type Mandatory Values Default Notes
Name String Yes
Description String No
Access String Yes
Protocol String Yes udp, tcp
Direction String Yes inbound, outbound
Priority Number Yes
SourceAddressPrefix String Yes
SourcePortRange String Yes
DestinationAddressPrefix String Yes
DestinationPortRange String Yes

Diagnostic

Attribute Type Mandatory Values Default Notes
Name String Yes
Log Object No
Target Object No

Diagnostic Log

Attribute Type Mandatory Values Default Notes
Enabled Boolean No Defaults to true if Category is not null
Category Array No NetworkSecurityGroupEvent
NetworkSecurityGroupRuleCounter

Input by YAML

Object model for YAML deployment:

azNetworkSecurityGroup:
    # Mandatory
  - Name: 'string'
    ResourceGroupName: 'string'
    Location: 'string'
    # Optional
    Rule:
      - Name: 'string'
        Description: 'string' 
        Access: 'string'                            # allow, deny
        Protocol: 'string'                          # tcp, udp
        Direction: 'string'                         # inbound, outbound
        Priority: number                            # minimum 100
        SourceAddressPrefix: 'string'
        SourcePortRange: 'string'
        DestinationAddressPrefix: 'string'
        DestinationPortRange: 'string'
    Diagnostic:
      - Name: 'string'
        Log:
          Enabled: boolean                          # True (D if Category not null), False
          Category: [array]                         # Defaults to all if enabled
        Target:
          Blob:
            StorageAccount: 'string' 
            ResourceGroupName: 'string'             # Defaults to RG of resource
            Subscription: 'string'                  # Defaults to Sub of resource
            StorageKeyType: 'string'                # Primary, Secondary
            RetentionInDays: 'string'
          EventHub:
            Name: 'string'
            Namespace: 'string'
            ResourceGroupName: 'string'             # Defaults to RG of resource
            Subscription: 'string'                  # Defaults to Sub of resource
            SharedAccessPolicy: 'string'            # RootManageSharedAccessKey (D)
          LogAnalytics:
            Workspace: 'string'
            ResourceGroupName: 'string'             # Defaults to RG of resource
            Subscription: 'string'                  # Defaults to Sub of resource
    Tag:
      'keyvalue-pairs'
    Lock:
      - Name: 'string'
        Level: 'string'                             # CanNotDelete, ReadOnly
        Notes: 'string'

Input by JSON

Object model for JSON deployment:

{
  "azNetworkSecurityGroup": [
    {
      "Name": "string",
      "ResourceGroupName": "string",
      "Location": "string",
      "Rule": [
        {
          "Name": "string",
          "Description": "string",
          "Access": "string",
          "Protocol": "string",
          "Direction": "string",
          "Priority": number,
          "SourceAddressPrefix": "string",
          "SourcePortRange": "string",
          "DestinationAddressPrefix": "string",
          "DestinationPortRange": "string"
        }
      ],
      "Diagnostic": [
        {
          "Name": "string",
          "Log": {
            "Enabled": "string",
            "Category": [array]
          },
          "Target": {
            "Blob": {
              "StorageAccount": "string",
              "ResourceGroupName": "string",
              "Subscription": "string",
              "StorageKeyType": "string",
              "RetentionInDays": number
            },
            "EventHub": {
              "Name": "string",
              "Namespace": "string",
              "ResourceGroupName": "string",
              "Subscription": "string",
              "SharedAccessPolicy": "string"
            },
            "LogAnalytics": {
              "Workspace": "string",
              "ResourceGroupName": "string",
              "Subscription": "string"
            }
          }
        }
      ],
      "Tag": {
        "key": "value"
      },
      "Lock": [
        {
          "Name": "string",
          "Level": "string",
          "Notes": "string" 
        }
      ]
    }
  ]
}