Azure Bastion native RDP / SSH tooling

If you have deployed the Azure Bastion Standard Tier and you have an Azure AD account, then you can use the RDP /SSH native tool on your local pc to logon to the destination vm.

You need to begin by downloading and installing the Azure CLI msi installer file onto your local pc. (I found this step to be essential!) https://aka.ms/installazurecliwindows

Once the Azure CLI MSI is installed, the you can now open the Powershell7 (x64) (Admin) console and enter the following powershell commands:

#tentant ID which will prompt you to verify to login via browser https://microsoft.com/devicelogin with MFA code
az login --tenant <tenantID>

#tenant subscription
az account set --subscription <"subname">

#sets the extension without a prompt
az config set extension.use_dynamic_install=yes_without_prompt

#get Bastion details
$BastionName = 'allens-az-bastion'
$BastionRG = 'rg-allen'

#get destination vm resourceID from vm > properties > resourceID
$VMResourceID= '/subscriptions/8cfc2697-4b29-4cb5-b322-24da76939e43/resourceGroups/rg-allen/providers/Microsoft.Compute/virtualMachines/vm08'

#provision the RDP session:
az network bastion rdp --name $BastionName --resource-group $BastionRG --target-resource-id $VMResourceID

You will then be prompted with an RDP / mstc logon screen

I hope this helps simplify somebody’s configuration experience. 🙂

1 comment

Leave a comment

Your email address will not be published. Required fields are marked *