How to restrict inbound internet traffic to a Subnet1 and allow traffic to it from Subnet2 of the same vnet? And enable inbound internet traffic to Subnet2.
How to do it in Azure?
+-----------------------------------+
| +-------------+ VNET |
| | +------+ |
| | SUBNET2 | | |
+---access ---->----+ | | |
| | | access |
| +-------------+ | |
Internet | +------------++ |
| | | |
| | SUBNET1 | |
+--X no access X------------X | |
| | | |
| +-------------+ |
+-----------------------------------+
If there is no NSG attached to the VM NICs. You could add two inbound security rules in SUBNET1 nsg:
Priority Name Port Protocol Source Destination Action
101 allowSubnet2 any any Subnet1IPlists any allow
102 denyAny any any any any deny
Add one inbound security rules in SUBNET2 nsg:
Priority Name Port Protocol Source Destination Action
101 allowInternet any any Internet any allow