When you are implementing your Microsoft Azure Design like a HUB-Spoke model you have to deal with security of your Azure environment (Virtual Datacenter). One of them are Network Security Groups to protect your Virtual networks and make communication between Azure subnets possible in a Secure Azure Virtual Datacenter.
You really have to plan your Azure Virtual networks and implement it by Architectural Design. Now I’m writing about Azure Network Security Groups which is important, but there are more items to deal with like :
- Naming Conventions in your Azure Virtual Datacenter
- Azure Subscriptions ( who is Owner, Contributor, or Reader? )
- Azure Regions ( Where is my Datacenter in the world? )
- Azure VNET and Sub-Nets ( IP-addresses )
- Security of your Virtual Networks ( Traffic filtering, Routing )
- Azure Connectivity ( VNET Peering between Azure Subscriptions, VPN Gateway )
- Permissions (RBAC)
- Azure Policy ( Working with Blue prints )
How to Manage Microsoft Azure Network Security Groups (NSG) ?
Read more on my blog about Infrastructure as Code (IaC) here with Azure DevOps and Visual Studio