Service Groups (tcp/udp) for Network Secrurity Group (NSG) for complex services.
Some time for services to work we need many tcp/udp ports. For example to limit access from DMZ to AD in another subnet we need to create a lot-lot-lot of rules.
Is it possible to create object with needed tcp/udp ports group and apply this service group to one NSG rule.
Thank you! This is a great suggestion – we are currently reviewing this for future updates to NSGs.
Jack Siergiej commented
This is definitely a need of mine and how basic firewall rules work. I should be able to create one TCP rule and specifiy one port group. Then if I add a port to the group, it is applied to every NSG where the group is used.
Currently, we need to either make multiple rules with each port or use a long list of comma separated ports. If I need a new port, I have to add the port to each rule on every NSG where needed.