Update Azure Bastion reliability guide

Author: johndowns

articles/reliability/reliability-bastion.md

@@ -9,83 +9,103 @@ ms.service: azure-bastion
 ms.date: 06/24/2024
 ---
 
-
 # Reliability in Azure Bastion
 
-This article describes reliability support in Azure Bastion and covers both intra-regional resiliency with [availability zones](#availability-zone-support) and information on [cross-region recovery and business continuity](#cross-region-disaster-recovery-and-business-continuity). 
+This article describes reliability support in Azure Bastion and covers both intra-regional resiliency with [availability zones](#availability-zone-support) and information on [multi-region deployments](#cross-region-disaster-recovery-and-business-continuity). For a more detailed overview of reliability principles in Azure, see [Azure reliability](/azure/architecture/framework/resiliency/overview). <!-- TODO revise link to WAF? -->
+
+Azure Bastion provides private, secure remote access to virtual machines hosted in your Azure virtual networks without exposing public IP addresses. You deploy Azure Bastion into a virtual network and can use it to access virtual machines within the virtual network or in peered virtual networks.
+
+<!-- TODO I don't know if these recs are reasonable or not -->
+> [!NOTE]
+> For production deployments, you should:
+> - Use standard or premium Azure Bastion resources.
+> - [Enable zone redundancy](#availability-zone-support).
 
-For a more detailed overview of reliability in Azure, see [Azure reliability](/azure/architecture/framework/resiliency/overview).
+## Transient faults
+
+Transient faults are short, intermittent failures in components. They occur frequently in a distributed environment like the cloud, and they're a normal part of operations. They correct themselves after a short period of time. It's important that your applications handle transient faults, usually by retrying affected requests.
+
+The Azure Bastion service enables you to use the secure sockets host (SSH) and remote desktop connection (RDP) protocols. If transient faults affect your virtual machine or Azure Bastion host, clients using these protocols typically retry automatically.
 
 ## Availability zone support
 
-[!INCLUDE [Availability zone description](includes/reliability-availability-zone-description-include.md)]
+Azure Bastion can be configured to be *zone-redundant*, which means your resources are spread across multiple [availability zones](../reliability/availability-zones-overview.md) to help you achieve resiliency and reliability for your production workloads.
+
+You can specify which availability zone or zones an Azure Bastion resource should be deployed in. If you deploy into three availability zones but only configure two instances for your Bastion resource, the instances will be split across two availability zones, and if an availability zone is unavailable, the instance in the faulty zone will be replaced with another instance in a healthy zone.
+
+> [!NOTE]
+> Azure Bastion support for zone redundancy is currently in preview.
+
+### Requirements
+
+<!-- TODO check this -->
+You can configure zone redundancy on Azure Bastion resources with the Basic, Standard, and Premium SKUs. The Developer SKU doesn't support zone redundancy.
+
+### Regions supported
+
+Azure Bastion support for availability zones is currently in preview. During preview, zone-redundant Azure Bastion reosurces can be deployed into the following regions:
 
+| Americas | Europe | Middle East | Africa | Asia Pacific |
+|---|---|---|---|---|
+| Canada Central | North Europe | Qatar Central | South Africa North | Australia East |
+| Central US | Sweden Central | | |
+| East US | UK South
+| East US 2 | West Europe | | |
+| West US 2  | | | |
 
-Bastion support for availability zones with a [zone-redundant](./availability-zones-overview.md#zonal-and-zone-redundant-services) configuration is currently in preview. 
+<!-- TODO what does this mean? -->
+If you've previously deployed an Azure Bastion resource in one of the following regions, it might already be zone-redundant:
 
-Previously deployed Bastion resources may be zone-redundant and are limited to the following regions:
 - Korea Central 
 - Southeast Asia
 
-### Prerequisites
+### Cost
 
-For a zone-redundant deployment, your Bastion resource must be in one of the following regions:
+There's no additional cost to use zone redundancy for Azure Bastion.
 
-- East US
-- Australia East
-- East US 2
-- Central US
-- Qatar Central
-- South Africa North
-- West Europe
-- West US 2
-- North Europe
-- Sweden Central
-- UK South
-- Canada Central
+### Configure availability zone support
 
-### SLA improvements
+**New resources:** When you deploy a new Bastion resource in a [region that supports availabiilty zones](#regions-supported), you select the specific zones you want to deploy to. Select multiple zones for zone redundancy. You can't change the availability zone setting after your Bastion resource is deployed.
 
-There's no change to pricing for availability zone support.
+**Migration:** Migration from non-availability zone support to availability zone support isn't possible. Instead, you need to create a Bastion resource in the new region and delete the old one.
 
-### Create a resource with availability zones enabled
+### Traffic routing between zones
 
-To choose a region for a zone-redundant configuration:
+<!-- TODO waiting on PG -->
 
-1. Go to the [Azure portal](https://portal.azure.com).
-1. [Create your Bastion resource](/azure/bastion/tutorial-create-host-portal).
+### Zone-down experience
 
-    - For **Region**, select one of the regions listed in the [Prerequisites section](#prerequisites).
-    - For **Availability zone**, select the zones.
+**Detection and response:** Azure Bastion detects a failure in an availability zone and responding. You don't need to do anything to initiate a availability zone failover.
 
-    :::image type="content" source="./media/reliability-bastion/create-bastion-zonal.png" alt-text="Screenshot showing the Availability zone setting while creating a Bastion resource.":::
+<!-- TODO any logs? -->
 
->[!NOTE]
->You can't change the availability zone setting after your Bastion resource is deployed. 
+**Active requests:** When an availability zone is unavailable, any RDP or SSH connections in progress that use an Azure Bastion instance in the faulty availability zone are terminated and need to be retried.
 
+If the VM you're connecting to isn't in the affected availability zone, the VM continues to be accessible. See [Reliability in Virtual Machines: Zone down experience](./reliability-virtual-machines.md#zone-down-experience) for more information on the VM zone down experience.
 
-### Zone down experience
+**Traffic rerouting:** New connections use Azure Bastion instances in the surviving availability zones. Overall, Azure Bastion continues to remain operational.
 
-When a zone goes down, the VM and Bastion should still be accessible. See [Reliability in Virtual Machines: Zone down experience](./reliability-virtual-machines.md#zone-down-experience) for more information on the VM zone down experience.
+### Failback
 
-### Migrate to availability zone support
+When the availability zone recovers, Azure Bastion automatically restores instances in the availability zone, removes any temporary instances created in the other availability zones, and reroutes traffic between your instances as normal.
 
-Migration from non-availability zone support to availability zone support isn't possible. Instead, you need to [create a Bastion resource](/azure/bastion/tutorial-create-host-portal) in the new region and delete the old one.
+### Testing for zone failures
 
-### Cross-region disaster recovery and business continuity
+The Azure Bastion platform manages traffic routing, failover, and failback for zone-redundant Azure Bastion resources. You don't need to initiate anything. Because this feature is fully managed, you don't need to validate availability zone failure processes.
 
-[!INCLUDE [introduction to disaster recovery](includes/reliability-disaster-recovery-description-include.md)]
+## Multi-region support
 
-Azure Bastion is deployed within virtual networks or peered virtual networks, and is associated with an Azure region. You're responsible for deploying Azure Bastion to a Disaster Recovery (DR) site virtual network. 
+Azure Bastion is deployed within virtual networks or peered virtual networks, and is associated with an Azure region. Azure Bastion is a single-region service. If the region becomes unavailable, your Bastion resource is also unavailable.
 
+Azure Bastion supports reaching VMs in globally peered virtual networks, but if the region that hosts your Azure Bastion resource is unavailable, you won't be able to use your Bastion resource. For higher resiliency, if you deploy your overall solution into multiple regions with separate virtual networks in each region, you should deploy Azure Bastion into each region.
 
-If there's an Azure region failure:
+If you have a disaster recovery (DR) site in another Azure region, ensure you deploy Azure Bastion into the virtual network in that region.
 
-1. Perform a failover operation for your VMs to the DR region. For more information on diaster recovery failover for VMs, see [Reliability in Azure Virtual Machines](./reliability-virtual-machines.md).
+## Service-level agreement (SLA)
 
-2. Use the Azure Bastion host that's deployed in the DR region to connect to the VMs that are now deployed there.
+The service-level agreement (SLA) for Azure Bastion describes the expected availability of the service, and the conditions that must be met to achieve that availability expectation. To understand those conditions, it's important that you review the [Service Level Agreements (SLA) for Online Services](https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services).
 
 ## Related content
 
 > [!div class="nextstepaction"]
-> [Reliability in Azure](/azure/availability-zones/overview)
+> [Reliability in Azure](./overview.md)