asked on How to control access of azure bastion service of the group of Azure windows VMs?
This is using MS Azure Cloud. We also using Azure Active Directory. We want to control the access of the azure bastion of the group of Windows VMs to the selective AD account users, what should be we do? Shall we create security groups in AAD, add in those allowed users in the groups?
Thanks,
AzureWindows OSCloud Computing
Last Comment
SooHow Cheng
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Under a virtual network, or NIC, or VM, go to Access Control.
Note that, similar to NTFS, if a permission does not exist, it is the same as "deny". If a permission does exist, it is the same as "allow".
Note that, similar to NTFS, if a permission does not exist, it is the same as "deny". If a permission does exist, it is the same as "allow".
ASKER
Hi Michael,
For these 4,
I managed to find vm, nic, and virtual network (with selective subnet). How about azure bastian resource? where to find it?
Now, the user can see this Vm.
For these 4,
- Reader role on the virtual machine.
- Reader role on the NIC with private IP of the virtual machine.
- Reader role on the Azure Bastion resource.
- Reader role on the virtual network (for peered virtual networks)
I managed to find vm, nic, and virtual network (with selective subnet). How about azure bastian resource? where to find it?
Now, the user can see this Vm.
BTW, how to see those permissions?