Forum Discussion
Simple Remote Desktop Services deployment
Hi, I need to expose a windows server vm which is hoated in Azure, to 3 users for temporary use. I could simply setup RDP with public IP and get the users to connect, but I am afraid this is not secu...
Hello,
there is a dedicated service for that called Azure Bastion.
- User will connect to the portal with there Azure AD credential (MFA enabled as a good practice)
- They will click on the "Bastion" panel of the VM and use the VM credential and this connection will be done over HTTPS.
As another good practice you could also set is to configure NSG on the Bastion subnet and on your VM, for that you could refer to this article: https://docs.microsoft.com/en-us/azure/bastion/bastion-nsg
Just keep in mind that an Azure Bastion could cover the connection to the VM located in only one virtual network. If you have over vnet you will need to create one bastion per vnet.
Regards,
James