How to enforce a limit for the egress traffic created by a virtual machine?

Sabrina 41 Reputation points
2021-11-01T20:40:28.58+00:00

If a non-admin user is creating a VM from a designated resource group, how do I enforce a limit to the amount of egress traffic that VM can create?

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,082 questions
0 comments
Accepted answer
  1. vipullag-MSFT 23,946 Reputation points Microsoft Employee
    2021-11-02T07:13:51.213+00:00

    @Sabrina

    Based on your ask, you would like to block internet access if I exceed a limit.

    Assuming this access is blocked, it will impact VM accessing storage and also the connectivity to the VM itself (as all are public endpoints).

    As of today, there is NO option from Azure to enforce it.

    However, you can try something from your end if you can setup a logic to keep track of outbound data per user basis.

    I will share this as a feature request to the VM Product team. The team can evaluate and can add this request to backlog based on feasibility.

    Hope this helps.
    Please 'Accept as answer' if the provided information is helpful, so that it can help others in the community looking for help on similar topics.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andreas Baumgarten 95,411 Reputation points MVP
    2021-11-03T08:18:21.417+00:00

    Hi @Sabrina ,

    you can't limit the outbound data like @vipullag-MSFT explained.

    But you can monitor the outbound traffic using the Metrics of the VM.

    In the screenshot you can see the Network outbound of a VM over the last 30 days. Just for information: The VM is temporary deallocated.

    146080-image.png

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    0 comments