t

percebus · Nov 17, 2024 · 945ba0f · 945ba0f
1 parent e88e32e
commit 945ba0f
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 7 deletions.
diff --git a/docs/tutorial/02/hub/vm.md b/docs/tutorial/02/hub/vm.md
@@ -13,10 +13,13 @@ This enables more than 1 person connecting at the same time; assuming your VM su
 ## Resources
 
 - [R]esource [G]roup: `{my-prefix}-spoke-{region}-{id}-rg` (already exists)
+  - [V]irtual [N]etwork: `{my-prefix}-hub-{region}-{id}-vnet` (already exists)
+    - [S]ubnet: `default` (already exists)
+      - [N]etwork [S]ecurity [G]roup: `{my-prefix}-hub-{region}-{id}-nsg` (already exists)
   - [V]irtual [M]achine: `{my-prefix}-spoke-{region}-{id}-vm-jump`
     - [H]ard [D]isk [D]rive: `{my-prefix}-spoke-{region}-{id}-vm-jump-hdd`
     - [N]etwork [I]nterfa[c]e: `{my-prefix}-spoke-{region}-{id}-vm-jump-nic`
-    - [N]etwork [S]ecurity [G]roup: `{my-prefix}-spoke-{region}-{id}-vm-jump-nsg` (Optional, can use the Hub's NSG)
+    - [A]pplication [S]ecurity [G]roup: `{my-prefix}-spoke-{region}-{id}-vm-jump-asg`
 
 Where:
 
@@ -80,6 +83,24 @@ Take a good look at the TERMS
 
 ![Review + Create](../../../../assets/img/azure/solution/vnets/hub/vm/create/review.png)
 
+### Application Security Group
+
+We could have assigned a **static IP** that we know, and then use that in the `nsg` to control traffic. But managing that can very quickly become a nightmare.
+
+So creating an `asg` is a good idea, so we can keep a human readable name for the `nsg` rules.
+
+#### Market Place
+
+Search for "Application Security Group" in the Azure Portal's Market Place.
+
+![ASG](../../../../assets/img/azure/market/asg/logo.png)
+
+#### Create
+
+- **Name**: `{my-prefix}-hub-{region}-{id}-vm-jump-asg`
+
+Then link the NIC to the ASG.
+
 ## Status Check
 
 Note that some names will be auto-generated with randomized characters.

diff --git a/docs/tutorial/04/spoke/webapp.md b/docs/tutorial/04/spoke/webapp.md
@@ -83,7 +83,7 @@ Since we want the webapp (i.e. a `python` app written in `django`) to be able to
       - Service: `{my-prefix}-spoke-{region}-{id}-webapp-{os}`
       - [P]rivate [E]nd[p]oint: `{my-prefix}-spoke-{region}-{id}-webapp-pep`
         - [N]etwork [I]nterfa[c]e: `{my-prefix}-spoke-{region}-{id}-webapp-pep-nic`
-        - [A]pplication [S]ecurity [G]roups: `{my-prefix}-spoke-{region}-{id}-webapp-asg`
+        - [A]pplication [S]ecurity [G]roups: `{my-prefix}-spoke-{region}-{id}-webapp-pep-asg`
       - Virtual Network Integration: To `{my-prefix}-spoke-{region}-{id}-vnet-snet-webapp`
 
 Where:
@@ -229,11 +229,7 @@ The **Virtual Network Integrations** helps us with outgoing traffic. But we want
 - [x] Dynamically allocate IP address: Selected
 - [ ] Static IP address
 
-###### [A]pplication [S]ecurity [G]roups
-
-We could assign a static IP that we know, and then use that in the `nsg` to control traffic. But managing that can very quickly become a nightmare.
-
-So creating an `asg` is a good idea, so we can keep a human readable name for the `nsg` rules.
+###### Application Security Groups
 
 ##### DNS