In this section, we will continue from the last blog and discuss more about application security groups.
Application security groups are the enhancements of network security groups. It allows you to reduce the number of network security groups (NSGs) you require or the number of security rules that you require.
- The way it does that by grouping resources based on the same rules. So, instead of creating network security groups for the every subnet which you have and then separate rules for each resource; you can put all of your SQL Server dbs, all of your app servers, web servers into the same security group.
- Let’s create a one. Search for application security groups in all services.
- I have put this in East US, with az300 Resource Group.
- Upon creation, it will navigate here.
- In the ASG, which we created, there is absolutely nothing here. This is just the blank screen. And there is no setting to do anything.
- Next, we need to assign this ASG to a resource. ASGs are limited to the region, in which they are created.
- For that, I will go to virtual machine which I have created in that resource group and under networking tab, I can see ASG option.
- Currently, there is no ASG associated.
Now, this got updated.
- Next, we can go to NSG, and update inbound rule with below ASG option.
- With this now, ASG added to this port 80. So, now rules can be managed from one place.
With this I would like to wrap this session. Thanks for joining me.