I'm trying to understand the Network Security Groups and Application Security Groups. What I'm trying to achieve is I have a basic set up as below.
In my vnet, I have 2 subnets which are front-end and back-end and I have 2 NSGs that each subnet is assigned to.
Let's say I decided to allow RDP requests on my "back-end" subnet only for requests coming from the "front-end" subnet and deny any other RDP requests coming from other subnets.
I know that if I create ASGs and assign the FrontEnd VM and BackEnd VM an application security group then I can create a rule on NSG which is to allow RDP request from one ASG to the other ASG to achieve this but if you have dozens of VMs in a subnet then you wouldn't want to waste time to assign an ASG to every VM.
Is there a way to define a rule on a subnet that allows specific requests coming from other subnets?
