![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 4%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,987 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 63%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Hi @NT
We typically suggest that you setup a Network Security Group inside the shared Subnet of the Virtual Machines and set all of their base rules there. If you need additional and specialized rules for individual Virtual Machines, then you can append another Network Security Group onto the VM itself with that specialized rule. This NSG organization does not require specific setup or organization from the Resource Group, only the Subnet.
Unknowingly adding an NSG to the VM and the Subnet can cause conflict, as both of these Security Groups will collapse their rules to apply all to the Virtual Machine.
This doc on NSG setup has a nice diagram and some additional information that may help: https://learn.microsoft.com/en-us/azure/virtual-network/network-security-group-how-it-works
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 21%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERE%3C/text%3E%3C/svg%3E)
