masonpackard/networkSecurityGroups.json

## networkSecurityGroups.json
{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json# ",
  "contentVersion": "1.0.0.0",
  "parameters": {
  },
  "variables": {
  },
  "resources": [
    {
      "apiVersion": "2016-06-01",
      "type": "Microsoft.Network/networkSecurityGroups",
      "name": "networksecuritygroups",
      "location": "[resourceGroup().location]",
      "properties": {
        "securityRules": [
          {
            "name": "SSH",
            "properties": {
              "description": "SSH",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "22",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 100,
              "direction": "Inbound"
            }
          },
          {
            "name": "ErlangPortMapper",
            "properties": {
              "description": "Erlang Port Mapper ( epmd )",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "4369",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 101,
              "direction": "Inbound"
            }
          },
          {
            "name": "CouchbaseWebConsole",
            "properties": {
              "description": "Used by the Couchbase Web Console for REST/HTTP traffic.",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "8091",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 102,
              "direction": "Inbound"
            }
          },
          {
            "name": "ViewsQueriesXDCR",
            "properties": {
              "description": "Used to access views, run queries, XDCR and update design documents.",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "8092",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 103,
              "direction": "Inbound"
            }
          },
          {
            "name": "Query",
            "properties": {
              "description": "Used by query services for REST/HTTP traffic.",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "8093",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 104,
              "direction": "Inbound"
            }
          },
          {
            "name": "Search",
            "properties": {
              "description": "External HTTP port for the Search service",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "8094",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 105,
              "direction": "Inbound"
            }
          },
          {
            "name": "IndexAdmin",
            "properties": {
              "description": "Enternal index admin port (-adminPort).",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "9100",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 106,
              "direction": "Inbound"
            }
          },
          {
            "name": "IndexScan",
            "properties": {
              "description": "Internal index scan port (-scanPort).",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "9101",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 107,
              "direction": "Inbound"
            }
          },
          {
            "name": "IndexHTTP",
            "properties": {
              "description": "Internal index HTTP port (-httpPort).",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "9102",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 108,
              "direction": "Inbound"
            }
          },
          {
            "name": "IndexBuildInit",
            "properties": {
              "description": "Internal index build port (-streamInitPort).",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "9103",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 109,
              "direction": "Inbound"
            }
          },
          {
            "name": "IndexBuildCatchup",
            "properties": {
              "description": "Internal index build port (-streamCatchupPort ).",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "9104",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 110,
              "direction": "Inbound"
            }
          },
          {
            "name": "IndexMaintenance",
            "properties": {
              "description": "Internal index maintenance port (-streamMaintPort).",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "9105",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 111,
              "direction": "Inbound"
            }
          },
          {
            "name": "InternalREST",
            "properties": {
              "description": "Internal REST port.",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "9998",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 112,
              "direction": "Inbound"
            }
          },
          {
            "name": "InternalGSI",
            "properties": {
              "description": "Internal GSI port used by the internal administrators.",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "9999",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 113,
              "direction": "Inbound"
            }
          },
          {
            "name": "InternalBucket",
            "properties": {
              "description": "Internal Bucket Port.",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "11209",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 114,
              "direction": "Inbound"
            }
          },
          {
            "name": "SmartClient",
            "properties": {
              "description": "Used by smart client libraries or Moxi to directly connect to the data nodes.",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "11210",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 115,
              "direction": "Inbound"
            }
          },
          {
            "name": "Memcached",
            "properties": {
              "description": "Used by pre-existing Couchbase Server and memcached (non-smart) client libraries (such as Moxi).",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "11211",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 116,
              "direction": "Inbound"
            }
          },
          {
            "name": "SSLXDCR",
            "properties": {
              "description": "Used for SSL XDCR data encryption.",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "11214-11215",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 117,
              "direction": "Inbound"
            }
          },
          {
            "name": "CouchbaseWebConsoleSSL",
            "properties": {
              "description": "Used by the Couchbase Web Console for REST/HTTP traffic with SSL.",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "18091",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 118,
              "direction": "Inbound"
            }
          },
          {
            "name": "ViewsQueriesXDCRSSL",
            "properties": {
              "description": "Used to access views, run queries, XDCR and update design documents with SSL.",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "18092",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 119,
              "direction": "Inbound"
            }
          },
          {
            "name": "N1QL",
            "properties": {
              "description": "N1QL SSL port",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "18093",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 120,
              "direction": "Inbound"
            }
          },
          {
            "name": "NodeDataExchange",
            "properties": {
              "description": "Node data exchange.",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "21100-21299",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 121,
              "direction": "Inbound"
            }
          },
          {
            "name": "SyncGateway",
            "properties": {
              "description": "Sync Gateway",
              "protocol": "Tcp",
              "sourcePortRange": "*",
              "destinationPortRange": "4984",
              "sourceAddressPrefix": "VirtualNetwork",
              "destinationAddressPrefix": "*",
              "access": "Allow",
              "priority": 122,
              "direction": "Inbound"
            }
          }
        ]
      }
    }
  ]
}
	{
	"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json# ",
	"contentVersion": "1.0.0.0",
	"parameters": {
	},
	"variables": {
	},
	"resources": [
	{
	"apiVersion": "2016-06-01",
	"type": "Microsoft.Network/networkSecurityGroups",
	"name": "networksecuritygroups",
	"location": "[resourceGroup().location]",
	"properties": {
	"securityRules": [
	{
	"name": "SSH",
	"properties": {
	"description": "SSH",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "22",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 100,
	"direction": "Inbound"
	}
	},
	{
	"name": "ErlangPortMapper",
	"properties": {
	"description": "Erlang Port Mapper ( epmd )",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "4369",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 101,
	"direction": "Inbound"
	}
	},
	{
	"name": "CouchbaseWebConsole",
	"properties": {
	"description": "Used by the Couchbase Web Console for REST/HTTP traffic.",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "8091",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 102,
	"direction": "Inbound"
	}
	},
	{
	"name": "ViewsQueriesXDCR",
	"properties": {
	"description": "Used to access views, run queries, XDCR and update design documents.",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "8092",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 103,
	"direction": "Inbound"
	}
	},
	{
	"name": "Query",
	"properties": {
	"description": "Used by query services for REST/HTTP traffic.",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "8093",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 104,
	"direction": "Inbound"
	}
	},
	{
	"name": "Search",
	"properties": {
	"description": "External HTTP port for the Search service",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "8094",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 105,
	"direction": "Inbound"
	}
	},
	{
	"name": "IndexAdmin",
	"properties": {
	"description": "Enternal index admin port (-adminPort).",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "9100",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 106,
	"direction": "Inbound"
	}
	},
	{
	"name": "IndexScan",
	"properties": {
	"description": "Internal index scan port (-scanPort).",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "9101",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 107,
	"direction": "Inbound"
	}
	},
	{
	"name": "IndexHTTP",
	"properties": {
	"description": "Internal index HTTP port (-httpPort).",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "9102",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 108,
	"direction": "Inbound"
	}
	},
	{
	"name": "IndexBuildInit",
	"properties": {
	"description": "Internal index build port (-streamInitPort).",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "9103",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 109,
	"direction": "Inbound"
	}
	},
	{
	"name": "IndexBuildCatchup",
	"properties": {
	"description": "Internal index build port (-streamCatchupPort ).",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "9104",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 110,
	"direction": "Inbound"
	}
	},
	{
	"name": "IndexMaintenance",
	"properties": {
	"description": "Internal index maintenance port (-streamMaintPort).",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "9105",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 111,
	"direction": "Inbound"
	}
	},
	{
	"name": "InternalREST",
	"properties": {
	"description": "Internal REST port.",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "9998",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 112,
	"direction": "Inbound"
	}
	},
	{
	"name": "InternalGSI",
	"properties": {
	"description": "Internal GSI port used by the internal administrators.",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "9999",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 113,
	"direction": "Inbound"
	}
	},
	{
	"name": "InternalBucket",
	"properties": {
	"description": "Internal Bucket Port.",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "11209",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 114,
	"direction": "Inbound"
	}
	},
	{
	"name": "SmartClient",
	"properties": {
	"description": "Used by smart client libraries or Moxi to directly connect to the data nodes.",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "11210",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 115,
	"direction": "Inbound"
	}
	},
	{
	"name": "Memcached",
	"properties": {
	"description": "Used by pre-existing Couchbase Server and memcached (non-smart) client libraries (such as Moxi).",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "11211",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 116,
	"direction": "Inbound"
	}
	},
	{
	"name": "SSLXDCR",
	"properties": {
	"description": "Used for SSL XDCR data encryption.",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "11214-11215",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 117,
	"direction": "Inbound"
	}
	},
	{
	"name": "CouchbaseWebConsoleSSL",
	"properties": {
	"description": "Used by the Couchbase Web Console for REST/HTTP traffic with SSL.",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "18091",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 118,
	"direction": "Inbound"
	}
	},
	{
	"name": "ViewsQueriesXDCRSSL",
	"properties": {
	"description": "Used to access views, run queries, XDCR and update design documents with SSL.",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "18092",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 119,
	"direction": "Inbound"
	}
	},
	{
	"name": "N1QL",
	"properties": {
	"description": "N1QL SSL port",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "18093",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 120,
	"direction": "Inbound"
	}
	},
	{
	"name": "NodeDataExchange",
	"properties": {
	"description": "Node data exchange.",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "21100-21299",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 121,
	"direction": "Inbound"
	}
	},
	{
	"name": "SyncGateway",
	"properties": {
	"description": "Sync Gateway",
	"protocol": "Tcp",
	"sourcePortRange": "*",
	"destinationPortRange": "4984",
	"sourceAddressPrefix": "VirtualNetwork",
	"destinationAddressPrefix": "*",
	"access": "Allow",
	"priority": 122,
	"direction": "Inbound"
	}
	}
	]
	}
	}
	]
	}