Cloud Shell Quick Tip: Service Tag Network Security Group Rule

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.


 Need to ssh into an Azure Virtual Machine but don't have much more than a browser? Don't worry, Azure has already thought about that. With people working remotely or on the go, it's nice to know there are quick alternatives to getting into your resources without having to make major changes to your existing infrastructure and network. I have certainly been on the road and have received alert notifications requiring some intervention on a server without having access to my laptop.


This video shows you how to configure an NSG rule to allow SSH from the Azure Cloud shell within the portal. This is great if you need to access resources and don't have a VPN or Azure Bastion set up within the Virtual Network (VNET). I show you just three minutes how to modify your NSG to permit the AzureCloud service tag and ssh into my VM.



You can find more information on this subject by going to the Virtual network service tags documentation on Microsoft Docs.

Here are some additional docs you can access related to the subjects quickly covered in the video:

  • Network security groups - You can use an Azure network security group to filter network traffic to and from Azure resources in an Azure virtual network.

  • Microsoft Learn NSG Module: Secure and isolate access to Azure resources by using network security groups and service endpoints.

  • Virtual network service tags - A service tag represents a group of IP address prefixes from a given Azure service. Microsoft manages the address prefixes encompassed by the service tag and automatically updates the service tag as addresses change, minimizing the complexity of frequent updates to network security rules.

REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.