Resource Type: Azure > Network > Bastion Host

The Bastion Host resource type provides secure and seamless RDP/SSH connectivity to virtual machines directly from the Azure portal over TLS. Azure Bastion eliminates the need to expose virtual machines to the public internet while providing secure access.

Azure Bastion is deployed to a virtual network and can provide secure connectivity to all virtual machines in that virtual network. It supports various features including file copy, tunneling, IP connect, and session recording depending on the SKU.

Resource Context

Bastion Host is a part of the Network service.

Each Bastion Host lives under a Resource Group.

Controls

The primary controls for Azure > Network > Bastion Host are:

Quick Actions

In Your Workspace

Developers

Resource Type URI

tmod:@turbot/azure-network#/resource/types/bastionHost

Category URI

tmod:@turbot/turbot#/resource/categories/networking

GraphQL

query resource(id: "tmod:@turbot/azure-network#/resource/types/bastionHost") { … }

query resourceActivities(filter: "resourceId:'tmod:@turbot/azure-network#/resource/types/bastionHost'") { … }

mutation createResource(input: { … })

mutation updateResource(input: { … })

CLI

Get Resource

turbot graphql resource --id "tmod:@turbot/azure-network#/resource/types/bastionHost"

Steampipe Query

Get Resource

select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/azure-network#/resource/types/bastionHost';

Get Policy Settings (By Resource ID)

select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/azure-network#/resource/types/bastionHost"';

Get Resource Notification

select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/azure-network#/resource/types/bastionHost' and notification_type in ('resource_updated', 'resource_created');