How do I create a NSG and associate it with my Subnets in hub VNet?

[ctrlaltcloud]

I want to know a way how can I create NSG's in my connectivity.settings.tf file under _configure_connectivityresources local block. I tried few ways but it's not resulting in any output related to NSG's in terraform plan command.

I have referred https://github.com/Azure/terraform-azurerm-caf-enterprise-scale/blob/main/modules/connectivity/locals.tf, however couldn't find much information on the topic. I don't want to disable the policy of creating the subnet without NSG and need NSG in my environment.

Code snippet for creating the NSG:

@matt-FFFFFF @krowlandson Kindly guide on how to create NSG's in landing zone.

[Springstone]

Transferring to the ALZ TF repo (https://aka.ms/alz/tf/repo) for @matt-FFFFFF to review.

[matt-FFFFFF]

Hi!

Please see the documentation for the configure_connectivity_resources.

There is no capability to create NSGs with this module.

https://github.com/Azure/terraform-azurerm-caf-enterprise-scale?tab=readme-ov-file#input_configure_connectivity_resources

[ctrlaltcloud]

Hi @matt-FFFFFF,

Thanks for confirming it. Then what is the best way to create NSG's and associate with Subnets that are being created as part of Landing zone through terraform?

[matt-FFFFFF]

Create the NSGs outside the module in the normal way. Use the module outputs to obtain the resource group ids.

[microsoft-github-policy-service[bot]]

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 7 days. It will be closed if no further activity occurs within 7 days of this comment.