Azure Bastion is a PaaS offering that lets you connect to Azure Virtual Machines (VM) securely over the internet using Microsoft's backbone network. The bastion host is deployed inside a virtual network and also supports peering to allow usage across the infrastructure. While providing access to the VM resources, it also eliminates the need to assign public IP to the VMs individually.

While organizations are working hard to keep their infrastructure secure and proactively block suspicious traffic to the public endpoints, Bastion host reduces the overhead of managing the security aspect of the RDP/SSH access as it is designed to withstand port scanning and zero-day exploits. Since the bastion acts as a jump-server, only authorized traffic is allowed to pass through without opening any ports to the internet.

In this hands-on lab, you'll understand the basics of the Bastion offering and configure the Bastion host using Azure Portal to RDP into a Windows VM in Azure.

Learning Objectives

Upon completion of this beginner level lab, you will be able to:

• Understand Azure Bastion's offering
• Create Bastion resource using Azure Portal
• Connect to Windows VM using Bastion

Intended Audience

• Candidates for Azure Administrator Exam
• Cloud Architects
• Security Engineers
• DevOps Engineers
• Software Engineers

Prerequisites

Familiarity with the following will be beneficial but is not required:

• Azure Virtual Machine

The following content can be used to fulfill the prerequisite:

• Start Your First Azure Virtual Machine

Updates

• Aug 3, 2023 - Added instructions to address Bastion region/VNet fields not loading