Azure Bastion for external contractors

Simon Cassar 1 Reputation point
2021-03-22T20:46:07.607+00:00

Hi, I was wondering if it is safe to use Azure Bastion to allow 3rd party external contractors access to specific servers in my vnet, or should it only be used for my own staff to connect in?

I would just want to allow specific accounts RDP access to certain vms. I could then control access to the azure portal for them with aad accounts and conditional access policies and permissions to the servers.

Apologies if this is an obvious question, as I know Bastion is a PaaS jump box service.

Thanks,

Simmo

Azure Bastion
Azure Bastion
An Azure service that provides private and fully managed Remote Desktop Protocol (RDP) and Secure Shell (SSH) access to virtual machines.
242 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. suvasara-MSFT 10,006 Reputation points
    2021-03-23T11:20:18.873+00:00

    @Simon Cassar , A bastion host provides secure and seamless Remote Desktop Protocol (RDP) connectivity to your VMs directly in the Azure portal over SSL. When you connect via a bastion host, your VMs don't need a public IP address. You should be able to provide access to your legitimate contractors as there are no identical public IPs involved here.

    ----------

    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.

  2. verma, vimal 0 Reputation points
    2024-02-14T17:36:56.2866667+00:00

    Is it possible to provide access on scoped servers to contractors using shared Bastion service? I mean to ask if there are 10 servers spread across multiple resource groups provide access to contractors only on 1 resource group to view servers and other servers residing in other resource group shouldn't be visible to contractors?