NSG Master Rule list
NSG Master Rule list
It should be possible to define the list of rules as a master list independent of NSG.
Once defined, one should be able to use the rules with any NSG from the defined list.
In most cases, we need to define the same rule again and again for different NSG.
It becomes very difficult to maintain rules.
There should also be an option to logically group the rules in the master rule list so that they are easy to search and apply.
Maybe while creating NSG, all rules in the group of master rule list should be accessible.
Also if such a master rule list can be used across subscriptions then it is very useful.
Subodh Patil
shared this idea
Hi Subodh,
This is an interesting idea! NSG rule organization is something we’re currently discussing as part of potential custom service tag groups. There will be more information on this to come.
-Allegra [MSFT]
3 comments
-
Subodh Patil
commented
If this is not something getting prioritized, can we at least have a way to define a group of IP addresses as a tag or resource. So that in each rule I don't have to specify my IP address. We whitelist RDP access with an inbound rule on port 3389, and a couple of IP. If we change IP then we have to update all our rule. If IP addresses can be defined as a tag then I can just specify the tag inside the NSG, next update I just update my IP in the tag and not actually NSG,
-
Sonnyboyo
commented
Did you get any further with this idea of a master NSG applied to all subnets ?
-
Subodh Patil
commented
Thanks for the update, will wait for this to be in private preview.