Update 1 on 01/12/2021 :
Microsoft has changed the #AzureBastion minimum subnet size from /27 to /26. Installed #Azure Bastion are unaffected, but new deployments require the new subnet size. Please remember this. https://docs.microsoft.com/en-us/azure/bastion/bastion-faq#subnet
Azure Bastion is a fully managed PaaS service to secure access Azure VMs via SSH/RDP without the need for Internet connectivity on the selected VMs. Azure Bastion was released as part of the Microsoft Ignite 2019. As part of the ongoing Microsoft Inspire 2021, Microsoft has launched a new SKU for Azure Bastion called Standard.
Difference between Basic and Standard SKU
When you create an Azure Bastion instance Microsoft creates in the backend an optimized Azure VM that runs all the processes they are needed for Azure Bastion. This Azure VM is called a Instance and had some limitations. In general when you deploy the Azure Bastion Basic SKU Microsoft deploys two instances which supports 20-24 concurrent sessions which means each instance support 10-12 sessions.
The Standard SKU allows you to specify the number of instances called as host scalling.
Please note that when using an Azure Bastion Standard SKU, the AzureBastionSubnet size should be increased to a subnet size of approximately /26 or larger.
|Instances||2 Default||up to 50|
|Max. supported concurrent sessions||20-24||up to 500|
|Supported configuration||Azure Portal, Powershell, CLI||Only Azure Portal|
Deploy an Azure Bastion Standard SKU
Only the Azure Portal allows to deploy an Azure Bastion Standard SKU with the host scalling feature, because the feature is in public preview.
First deploy an Azure Bastion basic SKU, please take a look at my How to deploy article for best practices and guidelines. After the deployment process is finished go to the Azure Bastion blade in the Azure portal and select the newly deployed Bastion service. In the right there is a new tab called “Configuration”.
This tab allows you to upgrade the SKU from Basic to Standard SKU.
Please note that downgrading from Standard to Basic SKU is not possible at the moment and requires re-provisioning.
Azure Bastion will payed on hourly based + outbound transfer.
|Azure Bastion basic (includes 2 instances)||0,161€/per hour||117,53€/per month|
|Azure Bastion Standard SKU (includes 2 instances)||0,245€/per hour||178,85€/per month|
|Additional Standard hour||0,119€/per hour|
Please note that the price table is currently being revised and is subject to change as the service is currently still in public preview.
Please feel free to leave a comment if you have any questions or if you like the article.
2 thoughts on “Azure Bastion supports SCALABILITY for SSH/RDP Connections with the new Standard SKU”