Environment: Hub - Spoke Environment in Azure
Jumphost: Will provision Windows based VM and not WVD (customer request)
a) Should Jumphost be hosted in Hub or can be hosted in the individual Spokes for access allowed to specific subscription (spokes)?
b) How can we control users not to install applications on Jumphosts besides the required applications?
c) What recommendation to allow JumpHost hardening?
d) any specific pre-baked Security policy related to Jumphost?