ARM
Definition
ARM (Azure Resource Manager) is the deployment and management service for Azure. It provides a consistent management layer that enables you to create, update, and delete resources in your Azure account. ARM allows you to manage your infrastructure through declarative templates rather than scripts, ensuring that resources are deployed in a consistent state.
Secure Settings Example
{
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2021-02-01",
"location": "[resourceGroup().location]",
"properties": {
"addressSpace": {
"addressPrefixes": ["10.0.0.0/16"]
},
"subnets": [
{
"name": "default",
"properties": {
"addressPrefix": "10.0.0.0/24",
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', 'myNSG')]"
}
}
}
]
}
}
This example shows a secure configuration for a virtual network with a subnet that is associated with a Network Security Group (NSG) to control inbound and outbound traffic.
Insecure Settings Example
{
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2021-02-01",
"location": "[resourceGroup().location]",
"properties": {
"addressSpace": {
"addressPrefixes": ["10.0.0.0/16"]
},
"subnets": [
{
"name": "default",
"properties": {
"addressPrefix": "10.0.0.0/24"
// Missing networkSecurityGroup association
}
}
]
}
}
This example demonstrates an insecure configuration where the subnet is not associated with a Network Security Group (NSG), leaving it vulnerable to unrestricted network traffic.