Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

This document covers the permissions necessary to enable a user to access an Azure VM via Azure Bastion.

All permissions are granted via the Azure Portal, The user access is being granted to must have an account in the Azure AD tenant for the subscription the VM is in. They can be a guest user.

Bastion

  1. Select the Bastions resource
  2. Select the Bastion the VM uses
  3. Select Access control (IAM)
  4. Add
  5. Add role assignment
    1. Role - Reader
    2. Assign access to - Azure AD user, group, or service principal
    3. Select - the user or group
    4. Save

Virtual Machine

  1. Select the Virtual machines resource
  2. Select the VM you want to grant access to
  3. Select Access control (IAM)
  4. Add
  5. Add role assignment
    1. Role - Virtual Machine User Login
    2. Assign access to - Azure AD user, group, or service principal
    3. Select - the user or group
    4. Save

Virtual Machine NIC

  1. Select the Virtual machines resource
  2. Select the VM you want to grant access to
  3. Select Networking
  4. Select the "Network interface:"
  5. Select Access control (IAM)
  6. Add
  7. Add role assignment
    1. Role - Reader
    2. Assign access to - Azure AD user, group, or service principal
    3. Select - the user or group
    4. Save


  • No labels

© 2023 Foray, LLC - All Rights Reserved