In the context of Azure Network Security Groups, which types of resources are valid sources for configuring inbound security rules?