Azure - Can not allow inbound traffic, denied by Policy

Teguh Wilidarma (SE-ID) 21 Reputation points
2020-09-30T10:28:46.3+00:00

so I am learning Azure now, I created a Linux VM. When I tried to connect using SSH, the connection timed out. so I checked on Inbound Rules, and it appears that I need to allow port 22. I know this is not recommended. However, when i tried to create the rule, the validation failed because a policy is set up to block this. I checked on Policy, and there is a policy called "Deny NSG to allow Inbound Traffic" , and the scope is Tenant Root Group.

I dont know if this policy is created by default, and I cant seem to override or put exclusion.
So, how do I connect to my Linux VM, if all inbound traffic is not permitted?

Thanks,

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,203 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
799 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vinicius Deschamps 196 Reputation points
    2020-09-30T11:03:55.14+00:00

    @Teguh Wilidarma (SE-ID) ,

    Based on the information you are providing, it seems that the Azure Administrator of your Subscription has created a Policy that does not allow people to create inbound rules.

    Since you told us you are new to Azure, you should know that Azure Policy helps to enforce organizational standards and to assess compliance at-scale.

    That said, my suggestion is either ask the person to add the rule to your VM or to remove the policy, so you can add the NSG to your VM and then enable the policy back once you are done.

    Please let us know if you need further assistance.

    Thanks,
    Vinicius Deschamps
    https://viniciusdeschamps.com.br

    1 person found this answer helpful.
    0 comments