From 18125fcce69b067a1056819ad99608b12ad6b361 Mon Sep 17 00:00:00 2001 From: Stan Spotts <128173414+stan-spotts@users.noreply.github.com> Date: Wed, 1 May 2024 12:45:12 -0400 Subject: [PATCH] Add rules to allow access to login.microsoftonline.com Without these rules the action/login will fail, so your workflows will not be able to do much. If you're working with containers, this also affects docker/login-action. --- ...et-configure-azure-resources-procedures.md | 39 +++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/data/reusables/actions/azure-vnet-configure-azure-resources-procedures.md b/data/reusables/actions/azure-vnet-configure-azure-resources-procedures.md index 00d35bb7b464..3c311d7e3763 100644 --- a/data/reusables/actions/azure-vnet-configure-azure-resources-procedures.md +++ b/data/reusables/actions/azure-vnet-configure-azure-resources-procedures.md @@ -26,6 +26,45 @@ You will use a script to automate configuring your Azure resources. location: location properties: { securityRules: [ + { + name: 'AllowAzureCloudOutbound' + properties: { + protocol: 'TCP' + sourcePortRange: '*' + destinationPortRange: '443' + destinationAddressPrefix: 'AzureCloud' + access: 'Allow' + priority: 100 + direction: 'Outbound' + destinationAddressPrefixes: [] + } + } + { + name: 'AllowAzureADOutbound' + properties: { + protocol: 'TCP' + sourcePortRange: '*' + destinationPortRange: '443' + destinationAddressPrefix: 'AzureActiveDirectory' + access: 'Allow' + priority: 110 + direction: 'Outbound' + destinationAddressPrefixes: [] + } + } + { + name: 'AllowAzureFrontDoorOutbound' + properties: { + protocol: 'TCP' + sourcePortRange: '*' + destinationPortRange: '443' + destinationAddressPrefix: 'AzureFrontDoor.Frontend' + access: 'Allow' + priority: 120 + direction: 'Outbound' + destinationAddressPrefixes: [] + } + } { name: 'AllowVnetOutBoundOverwrite' properties: {