You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/bastion/bastion-nsg.md
+8-7Lines changed: 8 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,8 @@ ms.service: azure-bastion
6
6
ms.topic: concept-article
7
7
ms.date: 02/24/2026
8
8
ms.author: abell
9
-
# Customer intent: "As a member of the SecOps team, I want to understand and configure network security groups for Azure Bastion, so that I can manage secure ingress and egress traffic to virtual machines while maintaining compliance and security practices. I want to understand the impact of not having the correct NSG rules in place from a security perspective."
9
+
# Customer intent: "As a member of the SecOps team, I want to understand and configure network security groups for Azure Bastion, so that I can manage secure ingress and egress traffic to virtual machines
10
+
while maintaining compliance and security practices. I want to understand the impact of not having the correct NSG rules in place from a security perspective."
10
11
---
11
12
# Configure NSG rules for Azure Bastion
12
13
@@ -191,9 +192,9 @@ foreach ($rule in $rules) {
191
192
192
193
## Next steps
193
194
194
-
*[Secure your Azure Bastion deployment](secure-bastion.md)- Apply security hardening recommendations to reduce your Bastion attack surface.
195
-
*[Azure Bastion architecture and design](design-architecture.md) - Understand network topology, trust boundaries, and how Bastion fits within your hub-spoke or flat VNet model.
196
-
*[Private-only Azure Bastion deployment](private-only-deployment.md)- Remove the public-facing IP entirely for stricter network security posture.
197
-
*[Monitor Azure Bastion](monitor-bastion.md)- Enable diagnostic logging and set up alerts to maintain audit visibility for compliance.
198
-
*[Azure Bastion with VNet peering](vnet-peering.md)- Understand NSG rule implications when Bastion and target VMs are in different peered virtual networks.
199
-
*[Azure Bastion FAQ](bastion-faq.md)
195
+
*Learn how to [secure your Azure Bastion deployment](secure-bastion.md)using actionable guidance aligned to the Microsoft Cloud Security Benchmark.
196
+
*Learn about the different [deployment architectures available with Azure Bastion](design-architecture.md), depending on the selected SKU and option configurations.
197
+
*Learn how to [deploy Bastion as private-only](private-only-deployment.md)to ensure secure access to virtual machines without allowing outbound access outside of the virtual network.
198
+
*Learn how to [monitor Azure Bastion](monitor-bastion.md)by using Azure Monitor to collect and analyze performance data and logs.
199
+
*Learn how [virtual network peering and Azure Bastion](vnet-peering.md)can be used together to connect to VMs deployed in a peered virtual network without deploying an additional bastion host.
200
+
*Learn about [frequently asked questions for Azure Bastion](bastion-faq.md).
0 commit comments