You're reading from Implementing Microsoft Azure Architect Technologies: AZ-303 Exam Prep and Beyond A guide to preparing for the AZ-303 Microsoft Azure Architect Technologies certification exam

Product type Paperback

Published in Dec 2020

Publisher Packt

ISBN-13 9781800568570

Length 548 pages

Edition 2nd Edition

Languages

SQL

Tools

Azure

Concepts

Cloud Computing

Authors (3):

Sjoukje Zaal

Brett Hargreaves

View More author details

Table of Contents (25) Chapters

Preface

1. Section 1: Implement and Monitor Azure Infrastructure

2. Chapter 1: Implementing Cloud Infrastructure Monitoring FREE CHAPTER

3. Chapter 2: Creating and Configuring Storage Accounts

4. Chapter 3: Implementing and Managing Virtual Machines

5. Chapter 4: Implementing and Managing Virtual Networking

6. Chapter 5: Creating Connectivity between Virtual Networks

7. Chapter 6: Managing Azure Active Directory (Azure AD)

8. Chapter 7: Implementing Multi-Factor Authentication (MFA)

9. Chapter 8: Implementing and Managing Hybrid Identities

10. Section 2: Implement Management and Security Solutions

11. Chapter 9: Managing Workloads in Azure

12. Chapter 10: Implementing Load Balancing and Networking Security

13. Chapter 11: Implementing Azure Governance Solutions

14. Section 3: Implement Solutions for Apps

15. Chapter 12: Creating Web Apps Using PaaS and Serverless

16. Chapter 13: Designing and Developing Apps for Containers

17. Chapter 14: Implementing Authentication

18. Section 4: Implement and Manage Data Platforms

19. Chapter 15: Developing Solutions that Use Cosmos DB Storage

20. Chapter 16: Developing Solutions that Use a Relational Database

21. Chapter 17: Mock Exam Questions

22. Chapter 18: Mock Exam Answers

23. Assessments

24. Other Books You May Enjoy

Leave a review - let other readers know what you think

Using Azure Bastion

When working with VMs, it is common to connect to them using RDP or SSH, which, in turn, requires port 3389(RDP) or 22(SSH) to be opened on your VM.

If the VM is connected to an internal network, in other words, you need to use a VPN or an ExpressRoute to connect to your VM, this isn't a problem. However, connecting via RDP to a public IP on your VM is considered insecure, especially if you have to provide this access for all the VMs in your subscription.

One potential solution is to use a jump box, or bastion host in your subscription – a dedicated VM that has RDP open that can then be used to access other VMs using the internal IP addresses. However, this still means at least one VM is open and is susceptible to port scans and attacks.

Another more secure alternative is to use the Azure Bastion service. Azure Bastion is a portal-based solution, meaning you can access your VMs via the Azure portal over HTTPS. This enables you to protect the...