Posted in How To

How do I create and Configure the Azure Bastion Service in the Azure Porta or Powershell?

   March 5, 2023

How do I create and Configure the Azure Bastion Service in the Azure Porta or Powershell?

Using Azure Portal

  1. Navigate to the Azure Portal and sign in to your account.
  2. Create a virtual network: If you don’t have a virtual network already, create one in Azure. Navigate to “Virtual networks” in the left-hand menu, and click on “Add”. Provide the necessary details and create the virtual network.
  3. Create a subnet: Once the virtual network is created, create a subnet where you want to deploy the Azure Bastion Service. Navigate to the virtual network and click on “Subnets” in the left-hand menu. Click on “+ Subnet” and provide the necessary details.
  4. Create a public IP address: You also need to create a public IP address to access the Azure Bastion Service. Navigate to “Public IP addresses” in the left-hand menu, and click on “Add”. Provide the necessary details and create the public IP address.
  5. Create Azure Bastion: Once the virtual network, subnet, and public IP address are created, navigate to the virtual machine you want to connect to using Azure Bastion. Click on “Connect” and select “Bastion” as the connection method. Provide the necessary details and create the Azure Bastion Service.
  6. Connect to the VM using Azure Bastion: Once Azure Bastion is created, click on “Connect” again and select “Bastion” as the connection method. This will open the Azure Bastion connection page in a new browser tab. Authenticate and connect to the VM using Azure Bastion.

Using PowerShell

Here are the PowerShell commands to create and configure Azure Bastion:

  1. Create a virtual network:bash
$rgName = "MyResourceGroup"
$vnetName = "MyVnet"
$subnetName = "MySubnet"
$location = "West US"

$vnet = New-AzVirtualNetwork -ResourceGroupName $rgName -Name $vnetName `
        -Location $location -AddressPrefix "10.0.0.0/16"

$subnet = Add-AzVirtualNetworkSubnetConfig -Name $subnetName `
          -AddressPrefix "10.0.0.0/24" -VirtualNetwork $vnet

$vnet | Set-AzVirtualNetwork

Create a public IP address:

$publicipName = "MyPublicIP"
$publicip = New-AzPublicIpAddress -Name $publicipName -ResourceGroupName $rgName `
            -Location $location -AllocationMethod Dynamic

Create Azure Bastion:

  1. $bastionName = "MyBastion" $vm = Get-AzVM -ResourceGroupName $rgName -Name "MyVM" $bastionSubnet = Get-AzVirtualNetworkSubnetConfig -Name $subnetName ` -VirtualNetwork $vnet $bastion = New-AzBastion -ResourceGroupName $rgName -Name $bastionName ` -Location $location -VirtualNetwork $vnet ` -PublicIpAddress $publicip -BastionSubnet $bastionSubnet ` -VM $vm

Once Azure Bastion is created, you can connect to the VM using the Azure Portal or PowerShell as described above.

Share: TwitterFacebookPinterestLinkedin
Author: tonyhughes