create predefined NSG for Azure Datacenters IP Range
Let's say I have a VM that I want to restrict access from the outside. I want this VM to be accessible from my onprem IPs and from Azure IPs (since a part of my infrastructure is on azure). Since at the moment of discussion ARM VMs do not support static IP address, it will be very useful to create a NSG for allowing traffic only from azure IP ranges. Right now you cannot create such NSG because a NSG only allows a maximum of 100 rules. So, it will be a great idea to have predefined NSG to limit traffic from particular datacenters.

Thanks for the feedback, service tag is called AzureCloud and it’s already available in all regions
https://docs.microsoft.com/en-us/azure/virtual-network/security-overview#service-tags
1 comment
-
SimonS commented
Perhaps an NSG per Region...auto updates for all the Azure Subnets in that Region.