Microsoft.Network networkSecurityGroups/securityRules 2020-08-01

The networkSecurityGroups/securityRules resource type can be deployed to: Resource groups.

To learn about resource group deployments, see Bicep or ARM template.

Template format

To create a Microsoft.Network/networkSecurityGroups/securityRules resource, add the following Bicep or JSON to your template.

resource symbolicname 'Microsoft.Network/networkSecurityGroups/securityRules@2020-08-01' = {
  name: 'string'
  properties: {
    access: 'string'
    description: 'string'
    destinationAddressPrefix: 'string'
    destinationAddressPrefixes: [ 'string' ]
    destinationApplicationSecurityGroups: [
      {
        id: 'string'
        location: 'string'
        properties: {}
        tags: {
          tagName1: 'tagValue1'
          tagName2: 'tagValue2'
        }
      }
    ]
    destinationPortRange: 'string'
    destinationPortRanges: [ 'string' ]
    direction: 'string'
    priority: int
    protocol: 'string'
    sourceAddressPrefix: 'string'
    sourceAddressPrefixes: [ 'string' ]
    sourceApplicationSecurityGroups: [
      {
        id: 'string'
        location: 'string'
        properties: {}
        tags: {
          tagName1: 'tagValue1'
          tagName2: 'tagValue2'
        }
      }
    ]
    sourcePortRange: 'string'
    sourcePortRanges: [ 'string' ]
  }
}

Property values

networkSecurityGroups/securityRules

Name Description Value
type The resource type

For Bicep, set this value in the resource declaration.
'Microsoft.Network/networkSecurityGroups/securityRules'
apiVersion The resource api version

For Bicep, set this value in the resource declaration.
'2020-08-01'
name The resource name

See how to set names and types for child resources in Bicep or JSON ARM templates.
string (required)
properties Security rule resource. SecurityRulePropertiesFormat

SecurityRulePropertiesFormat

Name Description Value
access Whether network traffic is allowed or denied. 'Allow'
'Deny'
description A description for this rule. Restricted to 140 chars. string
destinationAddressPrefix The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. string
destinationAddressPrefixes The destination address prefixes. CIDR or destination IP ranges. string[]
destinationApplicationSecurityGroups The application security group specified as destination. ApplicationSecurityGroup[]
destinationPortRange The destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. string
destinationPortRanges The destination port ranges. string[]
direction The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. 'Inbound'
'Outbound'
priority The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. int
protocol Network protocol this rule applies to. '*'
'Ah'
'Esp'
'Icmp'
'Tcp'
'Udp'
sourceAddressPrefix The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. string
sourceAddressPrefixes The CIDR or source IP ranges. string[]
sourceApplicationSecurityGroups The application security group specified as source. ApplicationSecurityGroup[]
sourcePortRange The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. string
sourcePortRanges The source port ranges. string[]

ApplicationSecurityGroup

Name Description Value
id Resource ID. string
location Resource location. string
properties Application security group properties. ApplicationSecurityGroupPropertiesFormat
tags Resource tags. Dictionary of tag names and values. See Tags in templates

ApplicationSecurityGroupPropertiesFormat

This object doesn't contain any properties to set during deployment. All properties are ReadOnly.

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Azure Traffic Manager VM example

Deploy to Azure
This template shows how to create an Azure Traffic Manager profile load-balancing across multiple virtual machines.