diff --git a/TestTestNet/bootnode/template.json b/TestTestNet/bootnode/template.json index b22be00..706c97f 100644 --- a/TestTestNet/bootnode/template.json +++ b/TestTestNet/bootnode/template.json @@ -78,7 +78,8 @@ "nodeFullName": "[trim(parameters('nodeFullName'))]", "nodeAdminEmail": "[trim(parameters('nodeAdminEmail'))]", "netstatsServer": "[trim(parameters('netstatsServer'))]", - "netstatsSecret": "[trim(parameters('netstatsSecret'))]" + "netstatsSecret": "[trim(parameters('netstatsSecret'))]", + "networkSecurityGroupName": "OraclesTest-NSG-1" }, "resources": [ { @@ -132,6 +133,7 @@ "location": "[resourceGroup().location]", "dependsOn": [ "[resourceId('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]", + "[resourceId('Microsoft.Network/networkSecurityGroups/', variables('networkSecurityGroupName'))]", "[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]" ], "properties": { @@ -148,7 +150,10 @@ } } } - ] + ], + "networkSecurityGroup": { + "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]" + } } }, { @@ -240,6 +245,82 @@ } } ] + }, + { + "name": "[variables('networkSecurityGroupName')]", + "type": "Microsoft.Network/networkSecurityGroups", + "apiVersion": "2016-09-01", + "location": "[resourceGroup().location]", + "comments": "Network Security Group (NSG) for your Primary NIC", + "properties": { + "securityRules": [ + { + "name": "allow-ssh", + "properties": { + "priority": 1000, + "direction": "Inbound", + "sourceAddressPrefix": "*", + "sourcePortRange": "*", + "protocol": "Tcp", + "access": "Allow", + "destinationAddressPrefix": "*", + "destinationPortRange": "22" + } + }, + { + "name": "allow-rpc", + "properties": { + "priority": 1000, + "direction": "Inbound", + "sourceAddressPrefix": "*", + "sourcePortRange": "*", + "protocol": "Tcp", + "access": "Allow", + "destinationAddressPrefix": "*", + "destinationPortRange": "8545" + } + }, + { + "name": "allow-discovery", + "properties": { + "priority": 1000, + "direction": "Inbound", + "sourceAddressPrefix": "*", + "sourcePortRange": "*", + "protocol": "*", + "access": "Allow", + "destinationAddressPrefix": "*", + "destinationPortRange": "30303" + } + }, + { + "name": "allow-https", + "properties": { + "priority": 1000, + "direction": "Inbound", + "sourceAddressPrefix": "*", + "sourcePortRange": "*", + "protocol": "*", + "access": "Allow", + "destinationAddressPrefix": "*", + "destinationPortRange": "443" + } + }, + { + "name": "disallow-other", + "properties": { + "priority": 2000, + "direction": "Inbound", + "sourceAddressPrefix": "*", + "sourcePortRange": "*", + "protocol": "*", + "access": "Deny", + "destinationAddressPrefix": "*", + "destinationPortRange": "*" + } + } + ] + } } ], "outputs": {