Add "Subscription" tag in the NSG rules
As a DevOps engineer
I want to easily block network access within a subscription with a single NSG rule (for specific resources using a that rule)
So that I don't have to manage multiple NSG rules.
We would like to ring-fence our subscriptions, so that one (e.g. Production) cannot "talk" to another one (e.g. Non-production).
We can currently achieve it with multiple NSG rules, where we allow/block IP ranges or vnets.
It would be much easier to manage this for our purpose if we could add a "subscription" tag in the NSG rules and effectively only allow traffic within that subscription for any resource using that NSG.
Thank you for your suggestion. We are reviewing it and will get back to you.