Playbook For Speed & Scale
Microsoft Azure has recently launched Azure Bastion; a managed PaaS service to securely connect to Azure Virtual Machines (VMs) directly through the Azure Portal without any client needed.
Generally, we connect to the remote machines by either RDP or SSH. Before Bastion, if we need to connect to a VM in Azure we either need to expose a public RDP/SSH port of the server(s) or we need to provision a separate jump box server with said ports exposed and then connect to the private machines via the jump box server.
Exposing RDP/SSH ports over the Internet is not desirable and considered as a security threat, and with Azure Bastion, we can connect to Azure VM(s) securely over SSL, directly in Azure Portal and without exposing any ports. This also enables clientless connectivity meaning no client tool like mstsc is needed. It just requires a supported browser to access the VM.
The service is not available in all regions, and the Azure folks are working on adding it to all regions eventually. As of now, the file transfer service is not available but we hope this feature will get added in the future, however, text copy-paste is supported. Keep visiting the service documentation for more details and feature updates.
