Overview
Azure Bastion provides a secure, fully managed service that enables you to connect to your VMs without exposing them to the public internet. It provides a secure RDP and SSH connection, eliminating the need for traditional VPNs.
Bastion simplifies the management of your VMs by providing a single, secure entry point. It's ideal for connecting to VMs in regions where you don't want to open public inbound ports.
Key Concepts
- Secure Connectivity: Bastion uses a private network connection to your VMs.
- No Public IP Addresses: Bastion doesn't require public IP addresses, reducing your attack surface.
- Managed Service: Microsoft manages the underlying infrastructure, providing high availability and scalability.
- Session-Based: Connections are session-based, meaning once you disconnect, the connection is terminated.
Regions & Availability
| Region | Availability Zones |
|---|---|
| East US | East, West |
| West US | West, Central |
| Southeast Asia | East, West |
| North Europe | North, South |
| Japan East | East, West |
Note: Availability zones can vary by region. Refer to the Azure Bastion Regions documentation for the most up-to-date information.
Availability
Azure Bastion is designed for high availability. It benefits from the underlying infrastructure redundancy of Azure. For details on service level agreements (SLAs), refer to the Azure Bastion SLA.