Microsoft has recently announced the public preview of Azure Bastions service, Azure bastions allow a secure RDP and SSH access to a VM configured with a private IP address. In this blog post, we will discuss the configuration and features of Azure bastion.
Considerations for Azure Bastion
Since Azure bastion is in preview, there are few limitations and considerations we need to be aware of
- Azure Bastion is only available through the preview portal
- it requires a dedicated Subnet named “AzureBastionSubnet” with CIDR /27
- Currently, Azure bastion can only connect the VMs deployed in the VNET where Azure bastions are configured. in preview, Azure bastions can’t access the resources deployed in peered VNETs
- Azure bastion is a PaaS service, You can’t connect and manage bastion host like typical windows/Linux jumbox, which means you can’t install any client or connectivity software on it.
- Access to any VM through Azure Bastion requires, access to Azure portal.
How to get started with Azure Bastion
Currently, Azure Bastion can only be enabled from the following URL – https://aka.ms/BastionHost
All Services > Bastions > Add
When you click on a VM available in the same VNET where Azure bastion is configured, you will see Bastion as an option after you click on connect
Supply user name and password of the VM to connect to the VM.
VM will be connected in the browser over HTTPS and can be fully managed from here.