Query: All network ports should be restricted on network security groups associated to your virtual machine

Description

Azure Security Center has identified some of your network security groups' inbound rules to be too permissive. Inbound rules should not allow access from 'Any' or 'Internet' ranges. This can potentially enable attackers to target your resources.

Query

Tables used in this query:

• azure_compute_virtual_machine
• azure_network_security_group
• azure_subscription

Controls using this query:

• All network ports should be restricted on network security groups associated to your virtual machine

SQL