Network security group follow a zero trust principles

[marrobi]

Description

As a Azure Administrator I want network security group rules deployed that prohibit all traffic in and out of each subnet within the TRE, other than that which is necessary for the TRE to function

So that we can say the TRE network design follows zero trust principals

Acceptance criteria

• NSGs & rules defined for each subnet in the TRE and workspaces
  • Exception: Firewall subnet
• NSGs only allow traffic needed for the TRE to function
• NSGs documented with explanations