github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/azure/network/AVD-AZU-0047/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/azure/network/AVD-AZU-0047/Terraform.md (about)

     1  
     2  Set a more restrictive cidr range
     3  
     4  ```hcl
     5   resource "azurerm_network_security_rule" "good_example" {
     6   	direction = "Inbound"
     7   	destination_address_prefix = "10.0.0.0/16"
     8   	access = "Allow"
     9   }
    10  ```
    11  ```hcl
    12  resource "azurerm_network_security_rule" "allow_lb_prober" {
    13    direction                                  = "Inbound"
    14    access                                     = "Allow"
    15    protocol                                   = "Tcp" # Probes are always TCP
    16    source_port_range                          = "*"
    17    destination_port_ranges                    = "443"
    18    source_address_prefix                      = "168.63.129.16" // single public IP (Azure well known)
    19  }
    20  ```
    21  
    22  #### Remediation Links
    23   - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule
    24