In our azure lab I was always using public ip to connect and then disabling it, there should be a better secure way of doing the Remote connection like WVD does without exposing RDP protocol to internet from public IP address.
Answer to this is Azure Bastion, although this comes at a cost and when I tested it was charging even if it is not in use (checked and found it is designed like that only)
Overall, I like the service except this aspect of charging while not in use defies the principles of cloud. I hope this will be fixed in future.
Let’s start to set it up in lab and will dismantle it after that
Go to any VM in Azure hit connect, select Bastion
Click Use Bastion, it will ask you to create a Bastion Subnet
Last Step it will ask you to have a dedicated IP for it, that’s it.
I just created using default configuration (it will take some time before it gets ready to be used.
Now I can use the AZURE Bastion service without using traditional RDP. (It works from browser and its fast and secure)
If you do not like the service and want to get rid of it, we can do that using the below shell command
First connect to Azure and get Azure Bastion information à
Now you can remove it using Get-AzBastion | Remove-AzBastion or go granular using below link. (This is my lab so I just want to remove everything related to the Bastion so I am not charged)
Reference: Remove Azure Bastion
Thanks for reading….