hands-on labConnecting to Azure VM using Bastion Host
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.
Lab steps
Logging in to the Microsoft Azure Portal
Creating an Azure Bastion Host using Azure Portal
Lab description

Azure Bastion is a PaaS offering that lets you connect to Azure Virtual Machines (VM) securely over the internet using Microsoft's backbone network. The bastion host is deployed inside a virtual network and also supports peering to allow usage across the infrastructure. While providing access to the VM resources, it also eliminates the need to assign public IP to the VMs individually.

While organizations are working hard to keep their infrastructure secure and proactively block suspicious traffic to the public endpoints, Bastion host reduces the overhead of managing the security aspect of the RDP/SSH access as it is designed to withstand port scanning and zero-day exploits. Since the bastion acts as a jump-server, only authorized traffic is allowed to pass through without opening any ports to the internet.

In this hands-on lab, you'll understand the basics of the Bastion offering and configure the Bastion host using Azure Portal to RDP into a Windows VM in Azure.

Learning Objectives

Upon completion of this beginner level lab, you will be able to:

  • Understand Azure Bastion's offering
  • Create Bastion resource using Azure Portal
  • Connect to Windows VM using Bastion

Intended Audience

  • Candidates for Azure Administrator Exam
  • Cloud Architects
  • Security Engineers
  • DevOps Engineers
  • Software Engineers


Familiarity with the following will be beneficial but is not required:

  • Azure Virtual Machine

The following content can be used to fulfill the prerequisite:


  • Aug 3, 2023 - Added instructions to address Bastion region/VNet fields not loading



Environment before
environment before preview
Environment after
environment after preview
About the author
Parveen Singh
Cloud Lab Developer
Learning Paths

Parveen is an Azure advocate with previous experience in the professional consulting services industries. He specializes in infrastructure and DevOps with a wide range of knowledge in security and access management. He is also an Azure Certified - DevOps Engineer Expert, Security Engineer, Developer Associate, Administrator Associate, CompTIA Certified - Network+, Security+, and AWS Cloud Practitioner.
Parveen enjoys writing about cloud technologies and sharing the knowledge with the community to help students upskill in the cloud.

Covered topics