github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/azure/network/AVD-AZU-0048/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/azure/network/AVD-AZU-0048/Terraform.md (about)

     1  
     2  Block RDP port from internet
     3  
     4  ```hcl
     5   resource "azurerm_network_security_rule" "good_example" {
     6        name                        = "good_example_security_rule"
     7        direction                   = "Inbound"
     8        access                      = "Allow"
     9        protocol                    = "TCP"
    10        source_port_range           = "*"
    11        destination_port_ranges     = ["3389"]
    12        source_address_prefix       = "4.53.160.75"
    13        destination_address_prefix  = "*"
    14   }
    15   
    16   resource "azurerm_network_security_group" "example" {
    17     name                = "tf-appsecuritygroup"
    18     location            = azurerm_resource_group.example.location
    19     resource_group_name = azurerm_resource_group.example.name
    20     
    21     security_rule {
    22   	 source_port_range           = "any"
    23        destination_port_ranges     = ["3389"]
    24        source_address_prefix       = "4.53.160.75"
    25        destination_address_prefix  = "*"
    26     }
    27   }
    28   
    29  ```
    30  
    31  #### Remediation Links
    32   - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/network_security_group#security_rule
    33  
    34   - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule#source_port_ranges
    35