| Module version | Terraform version | AzureRM version |
|---|---|---|
| >= 2.x.x | >= 1.3.x | >= 2.0.0 |
| >= 1.x.x | >= 0.13.x | >= 2.0.0 |
The following parameters are supported:
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name | The name of the network security group. | string |
n/a | yes |
| resource_group_name | The name of the resource group in which to create the network security group. | string |
n/a | yes |
| location | The location/region where the network security group is created. | string |
n/a | yes |
| tags | A mapping of tags to assign to the resource. | map(string) |
{} |
no |
| inbound_rules | List of objects that represent the configuration of each inbound rule. | list(object({})) |
[] |
no |
| outbound_rules | List of objects that represent the configuration of each outbound rule. | list(object({})) |
[] |
no |
The inbound_rules and outbound_rules supports the following:
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name | The name of the network security rule. | string |
n/a | yes |
| priority | The value can be between 100 and 65500. The priority number must be unique for each rule in the collection. |
number |
n/a | yes |
| access | Specifies whether network traffic is allowed or denied. Possible values are Allow and Deny. |
string |
n/a | yes |
| protocol | Network protocol this rule applies to. Possible values include Tcp, Udp, Icmp, or * (which matches all). |
string |
n/a | yes |
| source_address_prefix | CIDR or source IP range or * to match any IP. Tags such as VirtualNetwork, AzureLoadBalancer and Internet can also be used. This is required if source_address_prefixes is not specified. |
string |
null |
no |
| source_address_prefixes | List of source address prefixes. Tags may not be used. This is required if source_address_prefix is not specified. |
list(string) |
null |
no |
| source_application_security_group_ids | A List of source Application Security Group IDs. | list(string) |
null |
no |
| source_port_range | Source Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if source_port_ranges is not specified. |
string |
null |
no |
| source_port_ranges | List of source ports or port ranges. This is required if source_port_range is not specified. |
list(string) |
null |
no |
| destination_address_prefix | CIDR or destination IP range or * to match any IP. Tags such as VirtualNetwork, AzureLoadBalancer and Internet can also be used. This is required if destination_address_prefixes is not specified. |
string |
null |
no |
| destination_address_prefixes | List of destination address prefixes. Tags may not be used. This is required if destination_address_prefix is not specified. |
list(string) |
null |
no |
| destination_application_security_group_ids | A List of destination Application Security Group IDs. | list(string) |
null |
no |
| destination_port_range | Destination Port or Range. Integer or range between 0 and 65535 or * to match any. This is required if destination_port_ranges is not specified. |
string |
null |
no |
| destination_port_ranges | List of destination ports or port ranges. This is required if destination_port_range is not specified. |
list(string) |
null |
no |
| description | A description for this rule. Restricted to 140 characters. | string |
null |
no |
The following outputs are exported:
| Name | Description | Sensitive |
|---|---|---|
| id | The network security group configuration ID. | no |
| name | The name of the network security group. | no |
| resource_group_name | The name of the resource group in which to create the network security group. | no |
| location | The location/region where the network security group is created. | no |
| tags | The tags assigned to the resource. | no |
| inbound_rules | Blocks containing configuration of each inbound security rule. | no |
| outbound_rules | Blocks containing configuration of each outbound security rule. | no |