☁️ Azure Bastion and Network Security Group

The Azure Bastion is a service that allow you to connect to your virtual machines without a public IP.

The connection is through TLS, which means you are able to reach your machine ( SSH or RDP ) via a browser.

You can configure Azure Bastion service without a NSG in front of, but in order to increase you security and block many unwanted tries already in the boarder, configure a Network Security Group in Azure Bastion subnet.

In order to create and apply a specific NSG to Bastion subnet, you need to fallow few steps:

Create a Resource Group
Create a Network Security Group
Create a few necessary rules

I’ve created a simple bash script using Azure CLI, it can help you with that task, please check in Github:

https://github.com/carlospcastro/azure/blob/main/bastion/

After create the Bastion NSG, you just need to select it in “Network Security Group” section over Bastion subnet configuration.

To learn further, check those links below:

https://docs.microsoft.com/en-us/azure/bastion/bastion-overview

https://docs.microsoft.com/en-us/azure/bastion/bastion-nsg

https://docs.microsoft.com/en-us/azure/bastion/troubleshoot

Reimagining AI-Assisted Coding for Team Scale in Enterprises May 4, 2026

AI coding tools have advanced rapidly, but most are still designed around the individual developer. Their effectiveness depends heavily on a user’s ability to write understandable prompts, preserve architectural coherence across sessions, and identify areas that require additional work. This model works for some engineers, but it is far less dependable for a large organization’s […]

Ten Great DevOps Job Opportunities May 4, 2026

DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted as part of an effort to better serve our audience. Our goal in these challenging economic times is to make it just that much easier for DevOps professionals to advance their careers. Of course, the pool of […]

Cursor’s New SDK Turns AI Coding Agents Into Deployable Infrastructure May 4, 2026

Cursor's TypeScript SDK lets teams invoke AI coding agents programmatically from CI/CD pipelines, with sandboxed VMs, MCP support, and token-based pricing.

The Trust Problem With AI Agents in Production Pipelines May 1, 2026

AI agents boost DevOps pipelines, but confident failures create risk. Here’s how to design for calibrated trust and human oversight.

The Velocity Trap: Why Shipping Faster Is Making Systems Worse May 1, 2026

There is a particular flavour of engineering dysfunction that looks, from the outside, like peak performance. Deployments are frequent. Sprint velocity is high. The feature backlog is shrinking. Leadership is pleased. And underneath all of it, the system is quietly rotting. Technical debt compounds with every rushed deployment. Observability gaps widen because nobody has time […]

Anthropic Brings AI-Powered Security Scanning to Enterprise Teams With Claude Security May 1, 2026

Anthropic's Claude Security is now in public beta for Enterprise customers, offering AI-powered codebase scanning and patch generation for security teams.

Arm Adds Free Toolkit to Analyze AI Agent Performance April 30, 2026

Arm this week made available a free toolkit for analyzing agentic artificial intelligence (AI) workloads as they are being developed by DevOps and platform engineering teams. Earlier this year, Arm unveiled a 3nm processor based on its Neoverse V3 architecture that is specifically designed for AI workloads. The Arm Performix toolkit provides system-wide analysis across […]

Related Post