Azure Bastion

 Description: Here I have explained What is Azure Bastion? How it works ?

What is Azure Bastion?

Azure Bastion is a service that Provides secure RDP access to your virtual machine directly through portal.

Azure Bastion is provisioned directly in your virtual network [VNet] and supports all VMs in your Virtual Network and supports all VMs in your Virtual Network [VNet] using SSL without exposure of through public IP address.

Architecture of Azure Bastion

In Architecture you can see User will connect VM only using port 443 [https://portal.azure.com] ssl. We don't need to expose RDP port 3389 over internet to access same. 

How to configure Bastion on VM?

• Open Azure Portal navigate to  create resources and search for "Bastion" 

• Once you click on create it ask for details like Name, Region, Virtual Network, Subnet etc.. Subnet must create with the AzureBastionSubnet  and Subnet must be at least space with /27 

• Once all details filled click on create. Once it created you can access bastion using SSL [Azure Portal url]