I need to setup multiple security rules for Azure resources.
On AWS, I could just do multiple ingress:
resource "aws_security_group" "mygroup" {
name = "mygroup"
ingress {
description = "allow all on ssh port"
from_port = var.ssh
to_port = var.ssh
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "public port"
from_port = var.public
to_port = var.public
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "restricted"
from_port = var.restricted
to_port = var.restricted
protocol = "tcp"
cidr_blocks = ["<restricted-ip>/32"]
}
But I do not know how to do this on Azure.
As far as I can see azurerm_network_security_group
allows only one security_rule
(is this correct?).
Maybe I would be able to create multiple azurerm_network_interface_security_group_association
for the same network_interface_id
but different network_security_group_id
?