Since we now have Azure Bastion in preview it’s time to take a closer look.
Azure Bastion will allow us to have private RDP and SSH access to our Virtual Machines from a HTML5 Web Browser over SSL.
We can do this without using public IP address on the VM.
Today we often connect to our virtual machines, either by exposing the virtual machines to the public Internet or by deploying a jump-host/server.
For this test we will use the following test setup.
First go to https://aka.ms/BastionHost, select All services and search for Bastion, then we can add Bastions to our favorites.
Select Bastions from our favorites.
Select Create Bastion.
Lets create a new resource group for this test.
Name the resource group.
Name the bastion instance, select Region and then create a new virtual network.
We need to create a subnet for our VM’s and a dedicated subnet with the name AzureBastionSubnet.
I will choose 10.10.100.0/24 for the Azure BastionSubnet and 10.10.10.0/24 for the VM subnet (LabSubnet)
We the select the AzureBastionSubnet as subnet and create a new public IP address, finally we click Review + create.
Select Create.
Deployment will then start, and we will have to wait until deployment is complete.
Deployment is now complete.
In order for this test to work we also need to deploy a virtual machine. Go to Virtual Machines and Create Virtual machine.
We select our Subscription and the Resource group we already created, then we give the VM a name, select region, image type and size.
We will use our newly created Virtual network and VM subnet, and no public IP.
And the create the virtual machine.
Deployment will then start, and again we will have to wait until deployment is complete.
Deployment is now complete, lets Go to resource.
The VM has no public IP as shown, lets Connect.
It will automatically open the Bastion tab, enter Username, Password and connect.
You will need to allow popup from Azure.
and we are connected to the VM.
For browsers that support the advanced Clipboard API access, you will be able to use copy and paste but only text, the browser might prompt you to allow access.
For other browsers, you can use the Bastion clipboard tool.
Now test in your own environment.