Azure Keyvault and bastion integration

DarrenRD · ‎Aug 20 2022

Hello,

I connect to my jump server via bastion, and uses KV to retrieve local administrator password of the jumpseever , then from my jumpserver launch RDP session onto my servers . However after setting up private endpoint , bastion is not able to retrieve the jumpserver password .

i confirmed my servers can access KV over the private link and resolves to internal KV private link address .

Does Azure bastion support private link? or perhaps managed identity issue and creating one bastion to allow allow access to KV would resolve the issue? if so not sure how to create

Error message from bastion >>>"unable to list key" and perhaps identity permissions to KV is the issue?

Any ideas?

thanks

ibnmbodji · ‎Aug 20 2022

Hello there is no private link resource for Azure Bastion
You can check the full list here : https://docs.microsoft.com/en-us/azure/private-link/private-endpoint-overview.

However, as Igor suggest you can try to link (virtual network link) the key vault private DNS zone to your bastion virtual network.

IgorOrmus · ‎Nov 18 2022

@DarrenRD have you linked the bastion vnet with the KV private dns zone, this was the issue in my case and linking it resolved the problem

Dinesh_kumar_Palani · ‎Jun 26 2023

@IgorOrmus Hi, I have the same issue even after linking Key vault DNS Zone to vnet where Azure Bastion is hosted. Do we have any other solution?

Kidd_Ip · ‎Jun 26 2023

@DarrenRD

Seems the Private DNS that you need to look into

T3CK4 · ‎Sep 09 2023

Same issue for me.

Azure Keyvault and bastion integration

Azure Keyvault and bastion integration

Re: Azure Keyvault and bastion integration

Re: Azure Keyvault and bastion integration

Re: Azure Keyvault and bastion integration

Re: Azure Keyvault and bastion integration

Re: Azure Keyvault and bastion integration

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Azure Keyvault and bastion integration