NetworkSecurityGroup

---

Resource Icon

Resource Overview

Network Security Group is a security resource that controls inbound and outbound network traffic to Azure resources within a Virtual Network using rule-based filtering.
Using priority-based security rules, traffic can be allowed or denied based on protocol, port, and IP address ranges, and applied at the Subnet or Network Interface level.
This enables precise control over network access boundaries and enhances the overall security posture of applications.

Associated Resources

Parent Resources

• ResourceGroup

Connected Resources

• NetworkInterface
• Subnet

---

Resource Configuration

• linked_subnet_names : Names of the Subnets to associate with the Network Security Group
• linked_network_interface_names : Names of the Network Interfaces to associate with the Network Security Group

Security Rules (security_rules)

• security_rules.priority : Rule priority - 100 ~ 4096
• security_rules.direction : Traffic direction to which the rule applies - Inbound, Outbound
• security_rules.access : Whether network traffic is allowed - Allow, Deny
• security_rules.protocol : Network protocol to which the rule applies - Tcp, Udp, Icmp, Esp, Ah, *
• security_rules.source_port_ranges : Source port or port range - integer or 0 ~ 65535
• security_rules.destination_port_ranges : Destination port or port range - integer or 0 ~ 65535
• security_rules.source_address_prefixes : CIDR or source IP range
• security_rules.destination_address_prefixes : CIDR or destination IP range
• security_rules.description : Description of the security rule

Tags

• tag : Tags used to categorize resources - maximum 512 characters, key:value

---

References

• Network Security Groups Overview(Microsoft)
• NSG Security Rules(Microsoft)