Application Security Groups

Azure Public Test Date Azure Public Test Result

Azure US Gov Last Test Date Azure US Gov Last Test Result

Best Practice Check Cred Scan Check

Deploy to Azure Deploy to Azure US Gov Visualize

This template shows how to work with Application Security Groups using templates. It assigns a VM to the Application Security Group and assigns this Application Security group to two security rules on Network Security Group, one that allows SSH and another one that allows HTTP using the Destination Application Security Group Id property of the security rule.

It deploys the following items:

  1. Application Security Group
  2. Network Security with two Security Rules, both using destinationApplicationSecurityGroups attribute
  3. Virtual Network with one Subnet assigned to this NSG.
  4. Network Interface assigned to Application Security Group, through its ID (notice that more than one can be assigned)
  5. Centos 6.9 Linux Web server with NGINX installed through Custom Script Extension for Linux

For more information about Application Security Groups, please refer to:

Network Security Groups under Network Security document

Filter network traffic with a network security group using PowerShell

Filter network traffic with a network security group using the Azure CLI

Tags: Microsoft.Network/applicationSecurityGroups, Microsoft.Network/networkSecurityGroups, Microsoft.Network/virtualNetworks, Microsoft.Network/publicIPAddresses, Microsoft.Network/networkInterfaces, Microsoft.Compute/virtualMachines, Microsoft.Compute/virtualMachines/extensions, CustomScript