We have a virtual network and use a P2S VPN to connect to it using a VPN Gateway.
We have basically two types of VM's:
Servers (running SQL, MySQL, and GIT)
Development (for software development and design work)
We have to types of users that connect to the vnet:
Managers can connect to the servers from their home computers
Developers can only connect to the servers from their VM's within the vnet
Anyone (both Managers and Developers) connected to the vnet through VPN can access the servers from home.
The only way I see to prevent server access from home is making a NSG rule that blocks the VPN client IP addresses from accessing the servers. But this would also block the Managers' access to the server.
Is there a way to make sure the Developers only access the servers from their VM's and not from their home computers, without also blocking the Managers' access?
Thanks in advance!