Hello @Nina G ,
NSGs/ASGs cannot help here, the best course of action is to leverage Azure Firewall. Reference: tutorial-firewall-deploy-portal-policy
Follow the instructions from the above document link and this is the section, where you define the rules.
Configure an application rule:
This is the application rule that allows outbound access to www.google.com.
- Open the Test-FW-RG, and select the fw-test-pol firewall policy.
- Select Application rules.
- Select Add a rule collection.
- For Name, type App-Coll01.
- For Priority, type 200.
- For Rule collection action, select Allow.
- Under Rules, for Name, type Allow-Google.
- For Source type, select IP address.
- For Source, type 10.0.2.0/24.
- For Protocol:port, type http, https.
- For Destination Type, select FQDN.
- For Destination, type www.google.com
- Select Add.
Please "Accept as Answer" and Upvote if any of the above helped so that, it can help others in the community looking for remediation for similar issues.