VNet Peering and Azure Bastion

1 min read

Well thanks to the following tweet from Thomas Maurer, has just made my Friday evening.

A lot of people have been waiting for this: VNet peering and Azure Bastion (Preview)https://t.co/iL1DaiWJAu #Microsoft #Azure #MicrosoftAzure #AzureBastion
— Thomas Maurer (@ThomasMaurer) November 13, 2020

Having started to look at the Azure Cloud Adoption Framework (CAF), one of the areas that has frustrated me is the limitation of Bastion not being able to work over VNet Peering. This has been on the roadmap for a while and is truly a game changer from an Azure Management perspective. It enables users to no longer have to deploy multiple Bastion instances in each peered VNet, this will save cost and also complexities.

the architecture shows a Hub-Spoke model, with Azure Bastion deployed in the centralised Hub virtual network with a centralised Network Security Gateway, and no need to have a Public IP attached the Virtual Machines.

As shown in the architecture above, this shows a Hub-Spoke model, with Azure Bastion deployed in the centralised Hub virtual network, with a centralised Network Security Gateway, and no need to have a Public IP attached the Virtual Machines.

More details on this can be found in the Microsoft Docs - https://docs.microsoft.com/en-us/azure/bastion/vnet-peering

Thanks to Thomas Maurer

Previous & Next

Microsoft Virtual Training Days Microsoft Ignite 2020 - Windows Virtual Desktop