Application Security Groups (ASGs) are a new feature from Azure that allows you to define network security as a group rather than as individual endpoints. This helps to simplify network security group (NSG) management, reduce the number of NSGs, and limit the rules that you need to create.
Companies often have multiple applications running on a single virtual machine. In such cases, you can use ASGs to define the inbound traffic flows based on the application. The ASG can be attached to the virtual machine, and the security group rules can be defined based on the ASG.
In this lab, you will learn the basics of Application Security Groups (ASGs) and how to use them to secure network traffic to a virtual machine.
Learning objectives
Upon completion of this beginner-level lab, you will be able to:
- Understand the concept of Application Security Groups
- Create an Application Security Group resource
- Attach an Application Security Group to a virtual machine
- Update the inbound port rule to restrict the traffic to the web server to only the application security group
Intended audience
- Candidates for Azure Administrator Associate (AZ-104) certification
- Cloud Architects
- Data Engineers
- DevOps Engineers
- Software Engineers
Prerequisites
Familiarity with the following will be beneficial but is not required:
- Azure Virtual Machines
- Network Security Groups
The following content can be used to fulfill the prerequisites:
Parveen is an Azure advocate with previous experience in the professional consulting services industries. He specializes in infrastructure and DevOps with a wide range of knowledge in security and access management. He is also an Azure Certified - DevOps Engineer Expert, Security Engineer, Developer Associate, Administrator Associate, CompTIA Certified - Network+, Security+, and AWS Cloud Practitioner.
Parveen enjoys writing about cloud technologies and sharing the knowledge with the community to help students upskill in the cloud.