add Outbound rules in NSG for Container

Dongbumlee · Dongbumlee · commit 616b3f3c7000 · 2025-06-10T14:18:48.000-07:00
diff --git a/infra/main.bicep b/infra/main.bicep
@@ -134,7 +134,6 @@ module avmNetworkSecurityGroup_Containers 'br/public:avm/res/network/network-sec
           sourcePortRange: '*'
           destinationPortRanges: ['443', '80']
           destinationAddressPrefixes: ['10.0.2.0/24']
-          destinationAddressPrefix: '*'
         }
       }
       {
@@ -148,7 +147,6 @@ module avmNetworkSecurityGroup_Containers 'br/public:avm/res/network/network-sec
           sourcePortRange: '*'
           destinationPortRanges: ['30000-32767']
           destinationAddressPrefixes: ['10.0.2.0/24']
-          destinationAddressPrefix: '*'
         }
       }
       {
@@ -159,12 +157,25 @@ module avmNetworkSecurityGroup_Containers 'br/public:avm/res/network/network-sec
           priority: 103
           protocol: '*'
           sourcePortRange: '*'
-          destinationPortRange: '*'
           sourceAddressPrefixes: ['10.0.2.0/24']
+          destinationPortRange: '*'
           destinationAddressPrefix: '*'
         }
       }
       //Outbound Rules
+      {
+        name: 'AllowOutboundToAzureServices'
+        properties: {
+          access: 'Allow'
+          direction: 'Outbound'
+          priority: 100
+          protocol: '*'
+          sourceAddressPrefixes: ['10.0.2.0/24']
+          sourcePortRange: '*'
+          destinationPortRange: '*'
+          destinationAddressPrefix: '*'
+        }
+      }
     ]
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -134,7 +134,6 @@ module avmNetworkSecurityGroup_Containers 'br/public:avm/res/network/network-sec`
`134`	`134`	`sourcePortRange: '*'`
`135`	`135`	`destinationPortRanges: ['443', '80']`
`136`	`136`	`destinationAddressPrefixes: ['10.0.2.0/24']`
`137`		`- destinationAddressPrefix: '*'`
`138`	`137`	`}`
`139`	`138`	`}`
`140`	`139`	`{`
`@@ -148,7 +147,6 @@ module avmNetworkSecurityGroup_Containers 'br/public:avm/res/network/network-sec`
`148`	`147`	`sourcePortRange: '*'`
`149`	`148`	`destinationPortRanges: ['30000-32767']`
`150`	`149`	`destinationAddressPrefixes: ['10.0.2.0/24']`
`151`		`- destinationAddressPrefix: '*'`
`152`	`150`	`}`
`153`	`151`	`}`
`154`	`152`	`{`
`@@ -159,12 +157,25 @@ module avmNetworkSecurityGroup_Containers 'br/public:avm/res/network/network-sec`
`159`	`157`	`priority: 103`
`160`	`158`	`protocol: '*'`
`161`	`159`	`sourcePortRange: '*'`
`162`		`- destinationPortRange: '*'`
`163`	`160`	`sourceAddressPrefixes: ['10.0.2.0/24']`
	`161`	`+ destinationPortRange: '*'`
`164`	`162`	`destinationAddressPrefix: '*'`
`165`	`163`	`}`
`166`	`164`	`}`
`167`	`165`	`//Outbound Rules`
	`166`	`+ {`
	`167`	`+ name: 'AllowOutboundToAzureServices'`
	`168`	`+ properties: {`
	`169`	`+ access: 'Allow'`
	`170`	`+ direction: 'Outbound'`
	`171`	`+ priority: 100`
	`172`	`+ protocol: '*'`
	`173`	`+ sourceAddressPrefixes: ['10.0.2.0/24']`
	`174`	`+ sourcePortRange: '*'`
	`175`	`+ destinationPortRange: '*'`
	`176`	`+ destinationAddressPrefix: '*'`
	`177`	`+ }`
	`178`	`+ }`
`168`	`179`	`]`
`169`	`180`	`}`
`170`	`181`	`}`