Merge pull request #190311 from cherylmc/deploy

LJSpiller · web-flow · commit bec16fb7fead · 2022-03-02T16:11:52.000-05:00
updates for new features
diff --git a/articles/bastion/bastion-create-host-powershell.md b/articles/bastion/bastion-create-host-powershell.md
@@ -1,5 +1,6 @@
 ---
 title: 'Deploy Bastion:PowerShell'
+titleSuffix: Azure Bastion
 description: Learn how to deploy Azure Bastion using PowerShell.
 author: cherylmc
 ms.service: bastion
@@ -20,7 +21,7 @@ You can also deploy Bastion by using the following other  methods:
 
 * [Azure portal](./tutorial-create-host-portal.md)
 * [Azure CLI](create-host-cli.md)
-* [ Quickstart - deploy with default settings](quickstart-host-portal.md)
+* [Quickstart - deploy with default settings](quickstart-host-portal.md)
 
 ## Prerequisites
 
@@ -64,10 +65,6 @@ This section helps you deploy Azure Bastion using Azure PowerShell.
    $bastion = New-AzBastion -ResourceGroupName "myBastionRG" -Name "myBastion" -PublicIpAddress $publicip -VirtualNetwork $vnet
    ```
 
-## <a name="ip"></a>Disassociate VM public IP address
-
-Azure Bastion doesn't use the public IP address to connect to the client VM. If you don't need the public IP address for your VM, you can disassociate the public IP address. See [Dissociate a public IP address from an Azure VM](../virtual-network/ip-services/remove-public-ip-address-vm.md).
-
 ## <a name="connect"></a>Connect to a VM
 
 You can use any of the following articles to connect to a VM that's located in the virtual network to which you deployed Bastion. You can also use the [Connection steps](#steps) in the section below. Some connection types require the [Standard SKU](configuration-settings.md#skus).
@@ -76,7 +73,11 @@ You can use any of the following articles to connect to a VM that's located in t
 
 ### <a name="steps"></a>Connection steps
 
-[!INCLUDE [Links to Connect to VM articles](../../includes/bastion-vm-connect.md)]
+[!INCLUDE [Connection steps](../../includes/bastion-vm-connect.md)]
+
+## <a name="ip"></a>Remove VM public IP address
+
+Azure Bastion doesn't use the public IP address to connect to the client VM. If you don't need the public IP address for your VM, you can disassociate the public IP address. See [Dissociate a public IP address from an Azure VM](../virtual-network/ip-services/remove-public-ip-address-vm.md).
 
 ## Next steps
 
diff --git a/articles/bastion/create-host-cli.md b/articles/bastion/create-host-cli.md
@@ -1,40 +1,46 @@
 ---
-title: 'Create a Bastion host using Azure CLI | Azure Bastion'
-description: Learn how to create and delete a bastion host using Azure CLI.
-services: bastion
+title: 'Deploy Bastion:CLI'
+titleSuffix: Azure Bastion
+description: Learn how to deploy Azure Bastion using CLI
 author: cherylmc
 ms.service: bastion
 ms.topic: how-to
-ms.date: 09/22/2021
+ms.date: 03/02/2022
 ms.author: cherylmc
-# Customer intent: As someone with a networking background, I want to create an Azure Bastion host.
+# Customer intent: As someone with a networking background, I want to deploy Bastion and connect to a VM.
 ms.custom: ignite-fall-2021, devx-track-azurecli 
 ms.devlang: azurecli
 ---
 
-# Create an Azure Bastion host using Azure CLI
+# Deploy Bastion using Azure CLI
 
-This article shows you how to create an Azure Bastion host using Azure CLI. Once you provision the Azure Bastion service in your virtual network, the seamless RDP/SSH experience is available to all of the VMs in the same virtual network. Azure Bastion deployment is per virtual network, not per subscription/account or virtual machine.
+This article shows you how to deploy Azure Bastion using CLI. Azure Bastion is a PaaS service that's maintained for you, not a bastion host that you install on your VM and maintain yourself. An Azure Bastion deployment is per virtual network, not per subscription/account or virtual machine. For more information about Azure Bastion, see [What is Azure Bastion?](bastion-overview.md) 
+
+Once you deploy Bastion to your virtual network, you can connect to your VMs via private IP address. This seamless RDP/SSH experience is available to all the VMs in the same virtual network. If your VM has a public IP address that you don't need for anything else, you can remove it.
+
+You can also deploy Bastion by using the following other  methods:
 
-Optionally, you can create an Azure Bastion host by using the following methods:
 * [Azure portal](./tutorial-create-host-portal.md)
 * [Azure PowerShell](bastion-create-host-powershell.md)
-
-[!INCLUDE [About skus](../../includes/bastion-sku-note.md)]
+* [Quickstart - deploy with default settings](quickstart-host-portal.md)
 
 ## Prerequisites
 
+### Azure subscription
+
 Verify that you have an Azure subscription. If you don't already have an Azure subscription, you can activate your [MSDN subscriber benefits](https://azure.microsoft.com/pricing/member-offers/msdn-benefits-details) or sign up for a [free account](https://azure.microsoft.com/pricing/free-trial).
 
+### Azure CLI
+
 [!INCLUDE [Cloud Shell CLI](../../includes/vpn-gateway-cloud-shell-cli.md)]
 
- > [!NOTE]
- > The use of Azure Bastion with Azure Private DNS Zones is not supported at this time. Before you begin, please make sure that the virtual network where you plan to deploy your Bastion resource is not linked to a private DNS zone.
- >
+> [!NOTE]
+> The use of Azure Bastion with Azure Private DNS Zones is not supported at this time. Before you begin, please make sure that the virtual network where you plan to deploy your Bastion resource is not linked to a private DNS zone.
+>
 
-## <a name="createhost"></a>Create a bastion host
+## <a name="createhost"></a>Deploy Bastion
 
-This section helps you create a new Azure Bastion resource using Azure CLI.
+This section helps you deploy Azure Bastion using Azure CLI.
 
 > [!NOTE]
 > As shown in the examples, use the `--location` parameter with `--resource-group` for every command to ensure that the resources are deployed together.
@@ -47,22 +53,35 @@ This section helps you create a new Azure Bastion resource using Azure CLI.
    az network vnet create --resource-group MyResourceGroup --name MyVnet --address-prefix 10.0.0.0/16 --subnet-name AzureBastionSubnet --subnet-prefix 10.0.0.0/24 --location northeurope
    ```
 
-2. Create a public IP address for Azure Bastion. The public IP is the public IP address the Bastion resource on which RDP/SSH will be accessed (over port 443). The public IP address must be in the same region as the Bastion resource you are creating.
+1. Create a public IP address for Azure Bastion. The public IP is the public IP address the Bastion resource on which RDP/SSH will be accessed (over port 443). The public IP address must be in the same region as the Bastion resource you're creating.
+
+   The following example uses the **Standard SKU**. The Standard SKU lets you configure more Bastion features and connect to VMs using more connection types. For more information, see [Bastion SKUs](configuration-settings.md#skus).
 
    ```azurecli-interactive
    az network public-ip create --resource-group MyResourceGroup --name MyIp --sku Standard --location northeurope
    ```
 
-3. Create a new Azure Bastion resource in the AzureBastionSubnet of your virtual network. It takes about 5 minutes for the Bastion resource to create and deploy.
+1. Create a new Azure Bastion resource in the AzureBastionSubnet of your virtual network. It takes about 10 minutes for the Bastion resource to create and deploy.
 
    ```azurecli-interactive
    az network bastion create --name MyBastion --public-ip-address MyIp --resource-group MyResourceGroup --vnet-name MyVnet --location northeurope
    ```
-## Disassociate the VM public IP address
 
-Azure Bastion does not use the public IP address to connect to the client VM. If you do not need the public IP address for your VM, you can disassociate the public IP address by using the steps in this article: [Dissociate a public IP address from an Azure VM](../virtual-network/ip-services/remove-public-ip-address-vm.md).
+## <a name="connect"></a>Connect to a VM
+
+You can use any of the following articles to connect to a VM that's located in the virtual network to which you deployed Bastion. You can also use the [Connection steps](#steps) in the section below. Some connection types require the [Standard SKU](configuration-settings.md#skus).
+
+[!INCLUDE [Links to Connect to VM articles](../../includes/bastion-vm-table.md)]
+
+### <a name="steps"></a>Connection steps
+
+[!INCLUDE [Connection steps](../../includes/bastion-vm-connect.md)]
+
+## <a name="ip"></a>Remove VM public IP address
+
+Azure Bastion doesn't use the public IP address to connect to the client VM. If you don't need the public IP address for your VM, you can disassociate the public IP address. See [Dissociate a public IP address from an Azure VM](../virtual-network/ip-services/remove-public-ip-address-vm.md).
 
 ## Next steps
 
-* Read the [Bastion FAQ](bastion-faq.md) for additional information.
 * To use Network Security Groups with the Azure Bastion subnet, see [Work with NSGs](bastion-nsg.md).
+* To understand VNet peering, see [VNet peering and Azure Bastion](vnet-peering.md).
diff --git a/articles/bastion/tutorial-create-host-portal.md b/articles/bastion/tutorial-create-host-portal.md
@@ -10,7 +10,7 @@ ms.author: cherylmc
 ms.custom: ignite-fall-2021
 ---
 
-# Tutorial: Deploy Bastion using manual settings: Azure portal
+# Tutorial: Deploy Bastion using the Azure portal
 
 This tutorial helps you deploy Azure Bastion from the Azure portal using manual settings. When you use manual settings, you can specify configuration values such as instance counts and the SKU at the time of deployment. After Bastion is deployed, you can connect (SSH/RDP) to virtual machines in the virtual network via Bastion using the private IP address of the VM. When you connect to a VM, it doesn't need a public IP address, client software, agent, or a special configuration.
 
