Azure 防火墙服务标记Azure Firewall service tags

服务标记表示一组 IP 地址前缀,帮助最大程度地降低安全规则创建过程的复杂性。A service tag represents a group of IP address prefixes to help minimize complexity for security rule creation. 无法创建自己的服务标记,也无法指定要将哪些 IP 地址包含在标记中。You cannot create your own service tag, nor specify which IP addresses are included within a tag. Azure 会管理服务标记包含的地址前缀,并会在地址发生更改时自动更新服务标记。Azure manages the address prefixes encompassed by the service tag, and automatically updates the service tag as addresses change.

Azure 防火墙服务标记可用于网络规则目标字段。Azure Firewall service tags can be used in the network rules destination field. 它们可用于代替特定的 IP 地址。You can use them in place of specific IP addresses.

支持的服务标记Supported service tags

有关可在 Azure 防火墙网络规则中使用的服务标记的列表,请参阅虚拟网络服务标记See Virtual network service tags for a list of service tags that are available for use in Azure firewall network rules.

后续步骤Next steps

若要详细了解 Azure 防火墙规则,请参阅 Azure 防火墙规则处理逻辑To learn more about Azure Firewall rules, see Azure Firewall rule processing logic.