standard
turbot/azure_compliance

Pipeline: Correct NSGs allowing inbound to UDP port

Revoke NSG rule entries to restrict access to UDP port from 0.0.0.0/0.

Run the pipeline

To run this pipeline from your terminal:

flowpipe pipeline run azure_compliance.pipeline.correct_network_security_groups_allowing_inbound_to_udp_port \
--arg 'items=<list(object({
title = string
rule_name = string
sg_name = string
destination_port = string
source_address = string
resource_group = string
subscription_id = string
conn = string
}))>'

Use this pipeline

To call this pipeline from your pipeline, use a step:

step "pipeline" "step_name" {
pipeline = azure_compliance.pipeline.correct_network_security_groups_allowing_inbound_to_udp_port
args = {
items = <list(object({
title = string
rule_name = string
sg_name = string
destination_port = string
source_address = string
resource_group = string
subscription_id = string
conn = string
}))>
}
}

Params

NameTypeRequiredDescriptionDefault
items
list(object({
      title            = string
      rule_name        = string
      sg_name          = string
      destination_port = string
      source_address   = string
      resource_group   = string
      subscription_id  = string
      conn             = string
    }))
YesA collection of detected resources to run corrective actions against.-
notifier
notifier
YesThe name of the notifier to use for sending notification messages.notifier.default
notification_level
string
verbose, info, error
YesThe verbosity level of notification messages to send. Valid options are 'verbose', 'info', 'error'.info
approvers
list(notifier)
YesList of notifiers to be used for obtaining action/approval decisions.notifier.default
default_action
string
notify, skip, revoke_nsg_rule
YesThe default action to use when there are no approvers.notify
enabled_actions
list(string)
skip, revoke_nsg_rule
YesThe list of enabled actions to provide to approvers for selection.
[
"skip",
"revoke_nsg_rule"
]

Outputs

This pipeline has no outputs.

Tags

category = Compliance
folder = Internal
plugin = azure
service = Azure/Network