az network bastion
Manage Azure Bastion host.
Commands
az network bastion create |
Create a Azure Bastion host machine. |
az network bastion delete |
Delete a Azure Bastion host machine. |
az network bastion list |
List all Azure Bastion host machines. |
az network bastion rdp |
RDP to target Virtual Machine using Tunneling from Azure Bastion. |
az network bastion show |
Show a Azure Bastion host machine. |
az network bastion ssh |
SSH to a virtual machine using Tunneling from Azure Bastion. |
az network bastion tunnel |
Open a tunnel through Azure Bastion to a target virtual machine. |
az network bastion update |
Update a Azure Bastion host machine. |
az network bastion wait |
Place the CLI in a waiting state until a condition of the Azure Bastion host machine is met. |
az network bastion create
Create a Azure Bastion host machine.
az network bastion create --name
--public-ip-address
--resource-group
--vnet-name
[--disable-copy-paste {false, true}]
[--enable-ip-connect {false, true}]
[--enable-tunneling {false, true}]
[--location]
[--no-wait]
[--scale-units]
[--sku {Basic, Standard}]
[--tags]
Examples
Create a Azure Bastion host machine. (autogenerated)
az network bastion create --location westus2 --name MyBastionHost --public-ip-address MyPublicIpAddress --resource-group MyResourceGroup --vnet-name MyVnet
Required Parameters
Name of the bastion host.
Name or ID of the Azure public IP. The SKU of the public IP must be Standard.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name of the virtual network. It must have a subnet called AzureBastionSubnet.
Optional Parameters
Disable copy and paste for all sessions on this Azure Bastion resource.
Enable IP-based Connections on this Azure Bastion resource.
Enable Native Client Support on this Azure Bastion resource.
Location. Values from: az account list-locations
. You can configure the default location using az configure --defaults location=<location>
.
Do not wait for the long-running operation to finish.
The scale units for the Bastion Host resource, which minimum is 2 and maximum is 50.
The SKU of this Bastion Host.
Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network bastion delete
Delete a Azure Bastion host machine.
az network bastion delete [--ids]
[--name]
[--resource-group]
[--subscription]
Examples
Delete a Azure Bastion host machine. (autogenerated)
az network bastion delete --name MyBastionHost --resource-group MyResourceGroup
Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the bastion host.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network bastion list
List all Azure Bastion host machines.
az network bastion list [--resource-group]
Optional Parameters
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network bastion rdp
RDP to target Virtual Machine using Tunneling from Azure Bastion.
az network bastion rdp --target-resource-id
[--configure]
[--disable-gateway {false, true}]
[--ids]
[--name]
[--resource-group]
[--resource-port]
[--subscription]
Examples
RDP to virtual machine using Azure Bastion.
az network bastion rdp --name MyBastionHost --resource-group MyResourceGroup --target-resource-id vmResourceId
Required Parameters
ResourceId of the target Virtual Machine.
Optional Parameters
Flag to configure RDP session.
Flag to disable access through RD gateway.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the bastion host.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Resource port of the target VM to which the bastion will connect.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network bastion show
Show a Azure Bastion host machine.
az network bastion show [--ids]
[--name]
[--resource-group]
[--subscription]
Examples
Show a Azure Bastion host machine.
az network bastion show --name MyBastionHost --resource-group MyResourceGroup
Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the bastion host.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network bastion ssh
SSH to a virtual machine using Tunneling from Azure Bastion.
az network bastion ssh --auth-type
--target-resource-id
[--ids]
[--name]
[--resource-group]
[--resource-port]
[--ssh-key]
[--subscription]
[--username]
Examples
SSH to virtual machine using Azure Bastion using password.
az network bastion ssh --name MyBastionHost --resource-group MyResourceGroup --target-resource-id vmResourceId --auth-type password --username xyz
SSH to virtual machine using Azure Bastion using ssh key file.
az network bastion ssh --name MyBastionHost --resource-group MyResourceGroup --target-resource-id vmResourceId --auth-type ssh-key --username xyz --ssh-key C:/filepath/sshkey.pem
SSH to virtual machine using Azure Bastion using AAD.
az network bastion ssh --name MyBastionHost --resource-group MyResourceGroup --target-resource-id vmResourceId --auth-type AAD
Required Parameters
Auth type to use for SSH connections.
ResourceId of the target Virtual Machine.
Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the bastion host.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Resource port of the target VM to which the bastion will connect.
SSH key file location for SSH connections.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
User name for SSH connections.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network bastion tunnel
Open a tunnel through Azure Bastion to a target virtual machine.
az network bastion tunnel --port
--resource-port
--target-resource-id
[--ids]
[--name]
[--resource-group]
[--subscription]
[--timeout]
Examples
Open a tunnel through Azure Bastion to a target virtual machine.
az network bastion tunnel --name MyBastionHost --resource-group MyResourceGroup --target-resource-id vmResourceId --resource-port 22 --port 50022
Required Parameters
Local port to use for the tunneling.
Resource port of the target VM to which the bastion will connect.
ResourceId of the target Virtual Machine.
Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the bastion host.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Timeout for connection to bastion host tunnel.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network bastion update
Update a Azure Bastion host machine.
az network bastion update [--add]
[--disable-copy-paste {false, true}]
[--enable-ip-connect {false, true}]
[--enable-tunneling {false, true}]
[--force-string]
[--ids]
[--name]
[--no-wait]
[--remove]
[--resource-group]
[--scale-units]
[--set]
[--sku {Basic, Standard}]
[--subscription]
Examples
Update a Azure Bastion host machine to enable native client support
az network bastion update --name MyBastionHost --resource-group MyResourceGroup --enable-tunneling
Optional Parameters
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
Disable copy and paste for all sessions on this Azure Bastion resource.
Enable IP-based Connections on this Azure Bastion resource.
Enable Native Client Support on this Azure Bastion resource.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of the bastion host.
Do not wait for the long-running operation to finish.
Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
The scale units for the Bastion Host resource, which minimum is 2 and maximum is 50.
Update an object by specifying a property path and value to set. Example: --set property1.property2=.
The SKU of this Bastion Host.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az network bastion wait
Place the CLI in a waiting state until a condition of the Azure Bastion host machine is met.
az network bastion wait [--created]
[--custom]
[--deleted]
[--exists]
[--ids]
[--interval]
[--name]
[--resource-group]
[--subscription]
[--timeout]
[--updated]
Examples
Place the CLI in a waiting state until the Azure Bastion host machine is created.
az network bastion wait --resource-group MyResourceGroup --name MyBastionHost --created
Optional Parameters
Wait until created with 'provisioningState' at 'Succeeded'.
Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].
Wait until deleted.
Wait until the resource exists.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Polling interval in seconds.
Name of the bastion host.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Maximum wait in seconds.
Wait until updated with provisioningState at 'Succeeded'.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
Feedback
Submit and view feedback for