Implements common, specific rules and specified ports

Signed-off-by: karim mdmirajul <karim.mdmirajul@unikie.com>

terraform/azure-ghaf-infra.tf

@@ -45,13 +45,15 @@ resource "azurerm_subnet" "ghaf_infra_tf_subnet" {
   virtual_network_name = azurerm_virtual_network.ghaf_infra_tf_vnet.name
   address_prefixes     = ["10.0.2.0/24"]
 }
-# Network Security Group
-resource "azurerm_network_security_group" "ghaf_infra_tf_nsg" {
-  name                = "ghaf-infra-tf-nsg"
+
+# AllowSSH rule for the Common Security Group
+
+resource "azurerm_network_security_group" "common_nsg" {
+  name                = "common-nsg"
   location            = azurerm_resource_group.ghaf_infra_tf_dev.location
   resource_group_name = azurerm_resource_group.ghaf_infra_tf_dev.name
   security_rule {
-    name                       = "SSH"
+    name                       = "AllowSSHInbound"
     priority                   = 300
     direction                  = "Inbound"
     access                     = "Allow"
@@ -63,10 +65,34 @@ resource "azurerm_network_security_group" "ghaf_infra_tf_nsg" {
   }
 }
 
+
+
+
 ################################################################################
 
 # ghafhydra:
 
+# Security Group
+
+resource "azurerm_network_security_group" "ghafhydra_nsg" {
+  name                = "ghafhydra-nsg"
+  location            = azurerm_resource_group.ghaf_infra_tf_dev.location
+  resource_group_name = azurerm_resource_group.ghaf_infra_tf_dev.name
+
+  security_rule {
+    name                       = "CustomRuleForghafhydra"
+    priority                   = 310
+    direction                  = "Inbound"
+    access                     = "Allow"
+    protocol                   = "Tcp"
+    source_port_range          = "*"
+    destination_port_range     = "5000"
+    source_address_prefix      = "*"
+    destination_address_prefix = "*"
+  }
+}
+
+
 # Public IP
 resource "azurerm_public_ip" "ghafhydra_public_ip" {
   name                = "ghafhydra-public-ip"
@@ -80,6 +106,7 @@ resource "azurerm_network_interface" "ghafhydra_ni" {
   name                = "ghafhydra-nic"
   location            = azurerm_resource_group.ghaf_infra_tf_dev.location
   resource_group_name = azurerm_resource_group.ghaf_infra_tf_dev.name
+
   ip_configuration {
     name                          = "ghafhydra_nic_configuration"
     subnet_id                     = azurerm_subnet.ghaf_infra_tf_subnet.id
@@ -88,6 +115,26 @@ resource "azurerm_network_interface" "ghafhydra_ni" {
     public_ip_address_id          = azurerm_public_ip.ghafhydra_public_ip.id
   }
 }
+
+# specfic NSG
+resource "azurerm_network_interface_security_group_association" "association_ghafhydra_nsg" {
+  network_interface_id      = azurerm_network_interface.ghafhydra_ni.id
+  network_security_group_id = azurerm_network_security_group.ghafhydra_nsg.id
+
+}
+
+# common NSG 
+resource "azurerm_network_interface_security_group_association" "association_common_nsg" {
+  network_interface_id      = azurerm_network_interface.ghafhydra_ni.id
+  network_security_group_id = azurerm_network_security_group.common_nsg.id
+}
+
+
+
+
+
+
+
 # Ghafhydra VM
 resource "azurerm_linux_virtual_machine" "ghafhydra_vm" {
   name                = "ghafhydra"
@@ -149,6 +196,14 @@ resource "azurerm_network_interface" "azarm_ni" {
     public_ip_address_id          = azurerm_public_ip.azarm_public_ip.id
   }
 }
+
+
+# common NSG 
+resource "azurerm_network_interface_security_group_association" "association_common_nsg_azarm" {
+  network_interface_id      = azurerm_network_interface.azarm_ni.id
+  network_security_group_id = azurerm_network_security_group.common_nsg.id
+}
+
 # Azure arm builder (azarm)
 resource "azurerm_linux_virtual_machine" "azarm_vm" {
   name                = "azarm"
@@ -189,4 +244,4 @@ resource "azurerm_virtual_machine_extension" "deploy_ubuntu_builder" {
     }
     EOF
 }
-################################################################################
+################################################################################