Merge pull request #190214 from cherylmc/deploy

rewrite to add more features

Author: hmacgregor1

articles/bastion/TOC.yml

@@ -11,7 +11,7 @@
     href: quickstart-host-portal.md
 - name: Tutorials
   items:
-  - name: Deploy Bastion - Portal
+  - name: Deploy Bastion with manual settings
     href: tutorial-create-host-portal.md
 - name: Concepts
   items:

articles/bastion/bastion-create-host-powershell.md

@@ -1,39 +1,44 @@
 ---
-title: 'Create a Bastion host using Azure PowerShell | Microsoft Docs'
-description: Learn how to create an Azure Bastion host using PowerShell.
-services: bastion
+title: 'Deploy Bastion:PowerShell'
+description: Learn how to deploy Azure Bastion using PowerShell.
 author: cherylmc
 ms.service: bastion
 ms.topic: how-to
-ms.date: 09/22/2021
+ms.date: 03/01/2022
 ms.author: cherylmc
-# Customer intent: As someone with a networking background, I want to create an Azure Bastion host.
+# Customer intent: As someone with a networking background, I want to deploy Bastion and connect to a VM.
 ms.custom: ignite-fall-2021
 ---
 
-# Create an Azure Bastion host using Azure PowerShell
+# Deploy Bastion using Azure PowerShell
 
-This article shows you how to create an Azure Bastion host using PowerShell. Once you provision the Azure Bastion service in your virtual network, the seamless RDP/SSH experience is available to all of the VMs in the same virtual network. Azure Bastion deployment is per virtual network, not per subscription/account or virtual machine.
+This article shows you how to deploy Azure Bastion using PowerShell. Azure Bastion is a PaaS service that's maintained for you, not a bastion host that you install on your VM and maintain yourself. An Azure Bastion deployment is per virtual network, not per subscription/account or virtual machine. For more information about Azure Bastion, see [What is Azure Bastion?](bastion-overview.md) 
+
+Once you deploy Bastion to your virtual network, you can connect to your VMs via private IP address. This seamless RDP/SSH experience is available to all the VMs in the same virtual network. If your VM has a public IP address that you don't need for anything else, you can remove it.
+
+You can also deploy Bastion by using the following other  methods:
 
-Optionally, you can create an Azure Bastion host by using the following methods:
 * [Azure portal](./tutorial-create-host-portal.md)
 * [Azure CLI](create-host-cli.md)
-
-[!INCLUDE [About SKUs](../../includes/bastion-sku-note.md)]
+* [ Quickstart - deploy with default settings](quickstart-host-portal.md)
 
 ## Prerequisites
 
+### Azure subscription
+
 Verify that you have an Azure subscription. If you don't already have an Azure subscription, you can activate your [MSDN subscriber benefits](https://azure.microsoft.com/pricing/member-offers/msdn-benefits-details) or sign up for a [free account](https://azure.microsoft.com/pricing/free-trial).
 
+### Azure PowerShell
+
 [!INCLUDE [PowerShell](../../includes/vpn-gateway-cloud-shell-powershell-about.md)]
 
- > [!NOTE]
- > The use of Azure Bastion with Azure Private DNS Zones is not supported at this time. Before you begin, please make sure that the virtual network where you plan to deploy your Bastion resource is not linked to a private DNS zone.
- >
+> [!NOTE]
+> The use of Azure Bastion with Azure Private DNS Zones is not supported at this time. Before you begin, please make sure that the virtual network where you plan to deploy your Bastion resource is not linked to a private DNS zone.
+>
 
-## <a name="createhost"></a>Create a bastion host
+## <a name="createhost"></a>Deploy Bastion
 
-This section helps you create a new Azure Bastion resource using Azure PowerShell.
+This section helps you deploy Azure Bastion using Azure PowerShell.
 
 1. Create a virtual network and an Azure Bastion subnet. You must create the Azure Bastion subnet using the name value **AzureBastionSubnet**. This value lets Azure know which subnet to deploy the Bastion resources to. This is different than a VPN gateway subnet.
 
@@ -45,22 +50,35 @@ This section helps you create a new Azure Bastion resource using Azure PowerShel
    $vnet = New-AzVirtualNetwork -Name "myVnet" -ResourceGroupName "myBastionRG" -Location "westeurope" -AddressPrefix 10.0.0.0/16 -Subnet $subnet
    ```
 
-2. Create a public IP address for Azure Bastion. The public IP is the public IP address the Bastion resource on which RDP/SSH will be accessed (over port 443). The public IP address must be in the same region as the Bastion resource you are creating.
+1. Create a public IP address for Azure Bastion. The public IP is the public IP address the Bastion resource on which RDP/SSH will be accessed (over port 443). The public IP address must be in the same region as the Bastion resource you're creating.
+
+   The following example uses the **Standard SKU**. The Standard SKU lets you configure more Bastion features and connect to VMs using more connection types. For more information, see [Bastion SKUs](configuration-settings.md#skus).
 
    ```azurepowershell-interactive
    $publicip = New-AzPublicIpAddress -ResourceGroupName "myBastionRG" -name "myPublicIP" -location "westeurope" -AllocationMethod Static -Sku Standard
    ```
 
-3. Create a new Azure Bastion resource in the AzureBastionSubnet of your virtual network. It takes about 5 minutes for the Bastion resource to create and deploy.
+1. Create a new Azure Bastion resource in the AzureBastionSubnet of your virtual network. It takes about 10 minutes for the Bastion resource to create and deploy.
 
    ```azurepowershell-interactive
    $bastion = New-AzBastion -ResourceGroupName "myBastionRG" -Name "myBastion" -PublicIpAddress $publicip -VirtualNetwork $vnet
    ```
-## Disassociate the VM public IP address
 
-Azure Bastion does not use the public IP address to connect to the client VM. If you do not need the public IP address for your VM, you can disassociate the public IP address by using the steps in this article: [Dissociate a public IP address from an Azure VM](../virtual-network/ip-services/remove-public-ip-address-vm.md).
+## <a name="ip"></a>Disassociate VM public IP address
+
+Azure Bastion doesn't use the public IP address to connect to the client VM. If you don't need the public IP address for your VM, you can disassociate the public IP address. See [Dissociate a public IP address from an Azure VM](../virtual-network/ip-services/remove-public-ip-address-vm.md).
+
+## <a name="connect"></a>Connect to a VM
+
+You can use any of the following articles to connect to a VM that's located in the virtual network to which you deployed Bastion. You can also use the [Connection steps](#steps) in the section below. Some connection types require the [Standard SKU](configuration-settings.md#skus).
+
+[!INCLUDE [Links to Connect to VM articles](../../includes/bastion-vm-table.md)]
+
+### <a name="steps"></a>Connection steps
+
+[!INCLUDE [Links to Connect to VM articles](../../includes/bastion-vm-connect.md)]
 
 ## Next steps
 
-* Read the [Bastion FAQ](bastion-faq.md) for additional information.
 * To use Network Security Groups with the Azure Bastion subnet, see [Work with NSGs](bastion-nsg.md).
+* To understand VNet peering, see [VNet peering and Azure Bastion](vnet-peering.md).

includes/bastion-subnet-size.md

@@ -1,17 +1,16 @@
 ---
 author: cherylmc
 ms.author: cherylmc
-ms.date: 07/02/2021
+ms.date: 03/01/2021
 ms.service: bastion
 ms.topic: include
 
 ---
- >[!IMPORTANT]
- >For Azure Bastion resources deployed on or after November 2, 2021, the minimum AzureBastionSubnet size is /26 or larger (/25, /24, etc.). All Azure Bastion resources deployed in subnets of size /27 prior to this date are unaffected by this change and will continue to work, but we highly recommend increasing the size of any existing AzureBastionSubnet to /26 in case you choose to take advantage of [host scaling](../articles/bastion/configure-host-scaling.md) in the future.
+ > [!IMPORTANT]
+ > For Azure Bastion resources deployed on or after November 2, 2021, the minimum AzureBastionSubnet size is /26 or larger (/25, /24, etc.). All Azure Bastion resources deployed in subnets of size /27 prior to this date are unaffected by this change and will continue to work, but we highly recommend increasing the size of any existing AzureBastionSubnet to /26 in case you choose to take advantage of [host scaling](../articles/bastion/configure-host-scaling.md) in the future.
 
-
-* The smallest subnet AzureBastionSubnet size you can create is /26. We recommend that you create a /26 or larger size to accommodate host scaling. 
-   * For more information about scaling, see [Configuration settings - Host scaling](../articles/bastion/configuration-settings.md#instance).
-   * For more information about settings, see [Configuration settings - AzureBastionSubnet](../articles/bastion/configuration-settings.md#instance).
+* The smallest subnet AzureBastionSubnet size you can create is /26. We recommend that you create a /26 or larger size to accommodate host scaling.
+  * For more information about scaling, see [Configuration settings - Host scaling](../articles/bastion/configuration-settings.md#instance).
+  * For more information about settings, see [Configuration settings - AzureBastionSubnet](../articles/bastion/configuration-settings.md#instance).
 * Create the **AzureBastionSubnet** without any route tables or delegations. 
 * If you use Network Security Groups on the **AzureBastionSubnet**, refer to the [Work with NSGs](../articles/bastion/bastion-nsg.md) article.

includes/bastion-vm-table.md

@@ -0,0 +1,16 @@
+---
+author: cherylmc
+ms.author: cherylmc
+ms.date: 03/01/2021
+ms.service: bastion
+ms.topic: include
+
+---
+| Connect |  Documentation|
+| --- |   --- |
+| Windows - RDP |   [Article](../articles/bastion/bastion-connect-vm-rdp-windows.md) |
+| Windows - SSH|   [Article](../articles/bastion/bastion-connect-vm-ssh-windows.md) |
+| Linux - SSH| [Article](../articles/bastion/bastion-connect-vm-ssh-linux.md) |
+| Linux - RDP| [Article](../articles/bastion/bastion-connect-vm-rdp-linux.md) |
+| Scale Set |  [Article](../articles/bastion/bastion-connect-vm-scale-set.md) |
+| Native client |  [Article](../articles/bastion/connect-native-client-windows.md)|