Define and customize Blueprints to set what infrastructure configuration options are available to developers.
---
constants:
__name: "{{ name }}_{{ __guid }}"
variables:
name:
desc: "Name of the Network Security Group."
required: true
group: NSG Details
resource_group_name:
desc: "Name of the Resource Group."
required: true
group: NSG Details
links_to: resource.azurerm_resource_group.name
location:
desc: "Azure region where the Network Security Group will be created."
required: true
group: NSG Details
default: "eastus"
security_rules:
group: Security Rules
required: false
tags:
group: Tags
required: false
groups:
NSG Details:
order: 1
desc: "Basic settings for the Network Security Group."
Security Rules:
order: 2
desc: "Define inbound and outbound security rules."
Tags:
order: 3
desc: "Tags to assign to the Network Security Group."
---
resource "azurerm_network_security_group" "__name" {
name = {{ name }}
location = {{ location }}
resource_group_name = {{ resource_group_name }}
{{# security_rules }}
security_rule {
name = {{ security_rules.name | required: true }}
priority = {{ security_rules.priority | desc: "Priority between 100 and 4096." | required: true }}
direction = {{ security_rules.direction | desc: "Inbound or Outbound." | required: true | default: "Inbound" }}
access = {{ security_rules.access | desc: "Allow or Deny." | required: true | default: "Allow" }}
protocol = {{ security_rules.protocol | desc: "Tcp, Udp, Icmp, or *." | required: true | default: "*" }}
source_port_range = {{ security_rules.source_port_range | desc: "Source port range between 0-65535 or *." | required: false | default: "*" }}
destination_port_range = {{ security_rules.destination_port_range | desc: "Destination port range between 0-65535 or *." | required: false | default: "*" }}
source_address_prefix = {{ security_rules.source_address_prefix | desc: "CIDR or *." | required: false | default: "*" }}
destination_address_prefix = {{ security_rules.destination_address_prefix | desc: "CIDR or *." | required: false | default: "*" }}
description = {{ security_rules.description | required: false }}
}
{{/ security_rules }}
tags = {
Name = {{ name }}
{{# tags }}
{{ tags.key | required: false }} = {{ tags.value | required: false }}
{{/ tags }}
}
}
// Encourages defining specific security rules to control inbound and outbound traffic.
// Uses default settings that promote security while allowing customization.
// Tags are included for better resource management and identification.
//
A form is created automatically that accepts inputs that you defined in the Blueprint.
After filling out the Blueprint form, Terraform is generated and a PR is automatically submitted.