Microsoft.Network bastionHosts 2021-02-01

The bastionHosts resource type can be deployed to: Resource groups.

To learn about resource group deployments, see Bicep or ARM template.

Template format

To create a Microsoft.Network/bastionHosts resource, add the following Bicep or JSON to your template.

resource symbolicname 'Microsoft.Network/bastionHosts@2021-02-01' = {
  name: 'string'
  location: 'string'
  tags: {
    tagName1: 'tagValue1'
    tagName2: 'tagValue2'
  }
  sku: {
    name: 'string'
  }
  properties: {
    dnsName: 'string'
    ipConfigurations: [
      {
        id: 'string'
        name: 'string'
        properties: {
          privateIPAllocationMethod: 'string'
          publicIPAddress: {
            id: 'string'
          }
          subnet: {
            id: 'string'
          }
        }
      }
    ]
  }
}

Property values

bastionHosts

Name Description Value
type The resource type

For Bicep, set this value in the resource declaration.
'Microsoft.Network/bastionHosts'
apiVersion The resource api version

For Bicep, set this value in the resource declaration.
'2021-02-01'
name The resource name string (required)
location Resource location. string
tags Resource tags. Dictionary of tag names and values. See Tags in templates
sku The sku of this Bastion Host. Sku
properties Properties of the Bastion Host. BastionHostPropertiesFormat

BastionHostPropertiesFormat

Name Description Value
dnsName FQDN for the endpoint on which bastion host is accessible. string
ipConfigurations IP configuration of the Bastion Host resource. BastionHostIPConfiguration[]

BastionHostIPConfiguration

Name Description Value
id Resource ID. string
name Name of the resource that is unique within a resource group. This name can be used to access the resource. string
properties Properties of IP configuration of an Bastion Host. BastionHostIPConfigurationPropertiesFormat

BastionHostIPConfigurationPropertiesFormat

Name Description Value
privateIPAllocationMethod IP address allocation method. 'Dynamic'
'Static'
publicIPAddress Reference to another subresource. SubResource (required)
subnet Reference to another subresource. SubResource (required)

SubResource

Name Description Value
id Resource ID. string

Sku

Name Description Value
name The name of this Bastion Host. 'Basic'
'Standard'

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
SharePoint 2019 / 2016 / 2013 fully configured

Deploy to Azure
Create a SharePoint 2019 / 2016 / 2013 farm with a web application set with Windows and ADFS authentication, and some path based and host-named site collections. It also provisions User Profiles and Apps service applications and installs claims provider LDAPCP.
Example Parameterized Deployment With Linked Templates

Deploy to Azure
This sample template will deploy multiple tiers of resources into an Azure Resource Group. Each tier has configurable elements, to show how you can expose parameterization to the end user.
Create a Private AKS Cluster

Deploy to Azure
This sample shows how to create a private AKS cluster in a virtual network along with a jumpbox virtual machine.
Create a Private AKS Cluster with a Public DNS Zone

Deploy to Azure
This sample shows how to a deploy a private AKS cluster with a Public DNS Zone.
AKS cluster with the Application Gateway Ingress Controller

Deploy to Azure
This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault
Azure Bastion as a Service

Deploy to Azure
This template provisions Azure Bastion in a Virtual Network
Azure Bastion as a Service

Deploy to Azure
This template provisions Azure Bastion in a Virtual Network
Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology

Deploy to Azure
This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering.
Testing environment for Azure Firewall Premium

Deploy to Azure
This template creates an Azure Firewall Premium and Firewall Policy with premium features such as Intrusion Inspection Detection (IDPS), TLS inspection and Web Category filtering
Deploy a Bastion host in a hub Virtual Network

Deploy to Azure
This template creates two vNets with peerings, a Bastion host in the Hub vNet and a Linux VM in the spoke vNet
Create a cross-region load balancer

Deploy to Azure
This template creates a cross-region load balancer with a backend pool containing two regional load balancers. Cross-region load balancer is currently available in limited regions. The regional load balancers behind the cross-region load balancer can be in any region.
Standard Load Balancer with Backend Pool by IP Addresses

Deploy to Azure
This template is used to demonstrate how ARM Templates can be used to configure the Backend Pool of a Load Balancer by IP Address as outlined in the Backend Pool management document.
Create a standard load-balancer

Deploy to Azure
This template creates an Internet-facing load-balancer, load balancing rules, and three VMs for the backend pool with each VM in a redundant zone.