Skip to content

Commit 019fc82

Browse files
author
gitName
committed
[APIM][UUF] Refactor NSG rule tables
1 parent 2ee5145 commit 019fc82

File tree

1 file changed

+19
-19
lines changed

1 file changed

+19
-19
lines changed

includes/api-management-recommended-nsg-rules.md

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -18,29 +18,29 @@ Configure custom network rules in the API Management subnet to filter traffic to
1818

1919
### [stv2](#tab/stv2)
2020

21-
| Source / Destination Port(s) | Direction | Transport protocol | Service tags <br> Source / Destination | Purpose | VNet type |
22-
|------------------------------|--------------------|--------------------|---------------------------------------|-------------------------------------------------------------|----------------------|
23-
| * / [80], 443 | Inbound | TCP | Internet / VirtualNetwork | Client communication to API Management | External only |
24-
| * / 3443 | Inbound | TCP | ApiManagement / VirtualNetwork | Management endpoint for Azure portal and PowerShell | External & Internal |
25-
| * / 6390 | Inbound | TCP | AzureLoadBalancer / VirtualNetwork | Azure Infrastructure Load Balancer | External & Internal |
26-
| * / 443 | Inbound | TCP | AzureTrafficManager / VirtualNetwork | Azure Traffic Manager routing for multi-region deployment | External only |
27-
| * / 443 | Outbound | TCP | VirtualNetwork / Storage | Dependency on Azure Storage for core service functionality | External & Internal |
28-
| * / 1433 | Outbound | TCP | VirtualNetwork / SQL | Access to Azure SQL endpoints for core service functionality | External & Internal |
29-
| * / 443 | Outbound | TCP | VirtualNetwork / AzureKeyVault | Access to Azure Key Vault for core service functionality | External & Internal |
30-
| * / 1886, 443 | Outbound | TCP | VirtualNetwork / AzureMonitor | Publish [Diagnostics Logs and Metrics](../articles/api-management/api-management-howto-use-azure-monitor.md), [Resource Health](/azure/service-health/resource-health-overview), and [Application Insights](../articles/api-management/api-management-howto-app-insights.md) | External & Internal |
21+
| Direction | Source | Source port ranges | Destination | Destination port ranges | Protocol | Action | Purpose | VNet type |
22+
|-------|--------------|----------|---------|------------|-----------|-----|--------|-----|
23+
| Inbound | Internet | * | VirtualNetwork | [80], 443 | TCP | Allow | Client communication to API Management | External only |
24+
| Inbound | ApiManagement | * | VirtualNetwork | 3443 | TCP | Allow | Management endpoint for Azure portal and PowerShell | External & Internal |
25+
| Inbound | AzureLoadBalancer | * | Virtual Network | 6390 | TCP | Allow | Azure Infrastructure Load Balancer | External & Internal |
26+
| Inbound | AzureTrafficManager | * | VirtualNetwork | 443 | TCP | Allow | Azure Traffic Manager routing for multi-region deployment | External only |
27+
| Outbound | VirtualNetwork | * | Storage | 443 | TCP | Allow | Dependency on Azure Storage for core service functionality | External & Internal |
28+
| Outbound | VirtualNetwork| * | SQL | 1433 | TCP | Allow | Access to Azure SQL endpoints for core service functionality | External & Internal |
29+
| Outbound | VirtualNetwork | * | AzureKeyVault | 443 | TCP | Allow | Access to Azure Key Vault for core service functionality | External & Internal |
30+
| Outbound | VirtualNetwork | * | Azure Monitor | 1886, 443 | TCP | Allow | Publish [Diagnostics Logs and Metrics](../articles/api-management/api-management-howto-use-azure-monitor.md), [Resource Health](/azure/service-health/resource-health-overview), and [Application Insights](../articles/api-management/api-management-howto-app-insights.md) | External & Internal |
3131

3232

3333
### [stv1](#tab/stv1)
3434

35-
| Source / Destination Port(s) | Direction | Transport protocol | Service tags <br> Source / Destination | Purpose | VNet type |
36-
|------------------------------|--------------------|--------------------|---------------------------------------|-------------------------------------------------------------|----------------------|
37-
| * / [80], 443 | Inbound | TCP | Internet / VirtualNetwork | Client communication to API Management | External only |
38-
| * / 3443 | Inbound | TCP | ApiManagement / VirtualNetwork | Management endpoint for Azure portal and PowerShell | External & Internal |
39-
| * / * | Inbound | TCP | AzureLoadBalancer / VirtualNetwork | Azure Infrastructure Load Balancer (required for Premium service tier) | External & Internal |
40-
| * / 443 | Inbound | TCP | AzureTrafficManager / VirtualNetwork | Azure Traffic Manager routing for multi-region deployment | External only |
41-
| * / 443 | Outbound | TCP | VirtualNetwork / Storage | Dependency on Azure Storage | External & Internal |
42-
| * / 1433 | Outbound | TCP | VirtualNetwork / SQL | Access to Azure SQL endpoints | External & Internal |
43-
| * / 1886, 443 | Outbound | TCP | VirtualNetwork / AzureMonitor | Publish [Diagnostics Logs and Metrics](../articles/api-management/api-management-howto-use-azure-monitor.md), [Resource Health](/azure/service-health/resource-health-overview), and [Application Insights](../articles/api-management/api-management-howto-app-insights.md) | External & Internal |
35+
| Direction | Source | Source port ranges | Destination | Destination port ranges | Protocol | Action | Purpose | VNet type |
36+
|-------|--------------|----------|---------|------------|-----------|-----|--------|-----|
37+
| Inbound | Internet | * | VirtualNetwork | [80], 443 | TCP | Allow | Client communication to API Management | External only |
38+
| Inbound | ApiManagement | * | VirtualNetwork | 3443 | TCP | Allow | Management endpoint for Azure portal and PowerShell | External & Internal |
39+
| Inbound | AzureLoadBalancer | * | VirtualNetwork | * | TCP | Allow | Azure Infrastructure Load Balancer (required for Premium service tier) | External & Internal |
40+
| Inbound | AzureTrafficManager | * | VirtualNetwork | 443 | TCP | Allow | Azure Traffic Manager routing for multi-region deployment | External only |
41+
| Outbound | VirtualNetwork | * | Storage | 443 | TCP | Allow | Dependency on Azure Storage for core service functionality | External & Internal |
42+
| Outbound | VirtualNetwork| * | SQL | 1433 | TCP | Allow | Access to Azure SQL endpoints for core service functionality | External & Internal |
43+
| Outbound | VirtualNetwork | * | Azure Monitor | 1886, 443 | TCP | Allow | Publish [Diagnostics Logs and Metrics](../articles/api-management/api-management-howto-use-azure-monitor.md), [Resource Health](/azure/service-health/resource-health-overview), and [Application Insights](../articles/api-management/api-management-howto-app-insights.md) | External & Internal |
4444

4545

4646
---

0 commit comments

Comments
 (0)