Feature request-PrivateLink NSG

[serco-karleveleigh]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Adopting privatelink end policies for AVD means we need a base rule for storage accounts used for AVD to allow SMB445 inbound

Current AVD privatelink subnets do not have this rule or capability. This should be added to base AVD LZ code

New or Affected Resource(s

tfvars

Potential Configuration file

nsg_sga3p_scavd_privatelink = {
    name = "nsg-sga3p-scavd-privatelink"
    nsg = [
      {
        name                       = "Allow-In-SMB"
        description                = "Allow in SMB traffic from AVD"
        priority                   = "150"
        direction                  = "Inbound"
        access                     = "Allow"
        protocol                   = "Tcp"
        source_port_range          = "*"
        destination_port_range     = "445"
        source_address_prefix      = "xxx.xxx.xxx.xxx/xx"
        destination_address_prefix = "xxx.xxx.xxx.xxx/xx"
      },

References

No response