Bastion Hosts - Create Or Update

Reference

Service:: Virtual Networks

API Version:: 2024-05-01

Creates or updates the specified Bastion Host.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName}?api-version=2024-05-01

URI Parameters

Name	In	Required	Type	Description
bastionHostName	path	True	string	The name of the Bastion Host.
resourceGroupName	path	True	string	The name of the resource group.
subscriptionId	path	True	string	The subscription credentials which uniquely identify the Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.
api-version	query	True	string	Client API version.

Request Body

Name	Type	Description
id	string	Resource ID.
location	string	Resource location.
properties.disableCopyPaste	boolean	Enable/Disable Copy/Paste feature of the Bastion Host resource.
properties.dnsName	string	FQDN for the endpoint on which bastion host is accessible.
properties.enableFileCopy	boolean	Enable/Disable File Copy feature of the Bastion Host resource.
properties.enableIpConnect	boolean	Enable/Disable IP Connect feature of the Bastion Host resource.
properties.enableKerberos	boolean	Enable/Disable Kerberos feature of the Bastion Host resource.
properties.enablePrivateOnlyBastion	boolean	Enable/Disable Private Only feature of the Bastion Host resource.
properties.enableSessionRecording	boolean	Enable/Disable Session Recording feature of the Bastion Host resource.
properties.enableShareableLink	boolean	Enable/Disable Shareable Link of the Bastion Host resource.
properties.enableTunneling	boolean	Enable/Disable Tunneling feature of the Bastion Host resource.
properties.ipConfigurations	BastionHostIPConfiguration[]	IP configuration of the Bastion Host resource.
properties.networkAcls	NetworkAcls
properties.scaleUnits	integer	The scale units for the Bastion Host resource.
properties.virtualNetwork	SubResource	Reference to an existing virtual network required for Developer Bastion Host only.
sku	Sku	The sku of this Bastion Host.
tags	object	Resource tags.
zones	string[]	A list of availability zones denoting where the resource needs to come from.

Responses

Name	Type	Description
200 OK	BastionHost	Update successful. The operation returns the resulting Bastion Host resource.
201 Created	BastionHost	Create successful. The operation returns the resulting Bastion Host resource.
Other Status Codes	CloudError	Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	impersonate your user account

Examples

Create Bastion Host

Create Bastion Host With Private Only

Create Bastion Host With Zones

Create Developer Bastion Host

Create Bastion Host

PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant?api-version=2024-05-01

{
  "properties": {
    "ipConfigurations": [
      {
        "name": "bastionHostIpConfiguration",
        "properties": {
          "subnet": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"
          },
          "publicIPAddress": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName"
          }
        }
      }
    ]
  }
}

package armnetwork_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/ab04533261eff228f28e08900445d0edef3eb70c/specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/BastionHostPut.json
func ExampleBastionHostsClient_BeginCreateOrUpdate_createBastionHost() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	poller, err := clientFactory.NewBastionHostsClient().BeginCreateOrUpdate(ctx, "rg1", "bastionhosttenant", armnetwork.BastionHost{
		Properties: &armnetwork.BastionHostPropertiesFormat{
			IPConfigurations: []*armnetwork.BastionHostIPConfiguration{
				{
					Name: to.Ptr("bastionHostIpConfiguration"),
					Properties: &armnetwork.BastionHostIPConfigurationPropertiesFormat{
						PublicIPAddress: &armnetwork.SubResource{
							ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName"),
						},
						Subnet: &armnetwork.SubResource{
							ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"),
						},
					},
				}},
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	res, err := poller.PollUntilDone(ctx, nil)
	if err != nil {
		log.Fatalf("failed to pull the result: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.BastionHost = armnetwork.BastionHost{
	// 	Name: to.Ptr("bastionhost"),
	// 	Type: to.Ptr("Microsoft.Network/bastionHosts"),
	// 	ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant'"),
	// 	Location: to.Ptr("West US"),
	// 	Etag: to.Ptr("w/\\00000000-0000-0000-0000-000000000000\\"),
	// 	Properties: &armnetwork.BastionHostPropertiesFormat{
	// 		DisableCopyPaste: to.Ptr(false),
	// 		DNSName: to.Ptr("bst-9d89d361-100e-4c01-b92d-466548c476dc.bastion.azure.com"),
	// 		EnableIPConnect: to.Ptr(false),
	// 		EnableKerberos: to.Ptr(false),
	// 		EnablePrivateOnlyBastion: to.Ptr(false),
	// 		EnableSessionRecording: to.Ptr(false),
	// 		EnableShareableLink: to.Ptr(false),
	// 		EnableTunneling: to.Ptr(false),
	// 		IPConfigurations: []*armnetwork.BastionHostIPConfiguration{
	// 			{
	// 				ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant/bastionHostIpConfigurations/bastionHostIpConfiguration"),
	// 				Name: to.Ptr("bastionHostIpConfiguration"),
	// 				Type: to.Ptr("Microsoft.Network/bastionHosts/bastionHostIpConfigurations"),
	// 				Etag: to.Ptr("w/\\00000000-0000-0000-0000-000000000000\\"),
	// 				Properties: &armnetwork.BastionHostIPConfigurationPropertiesFormat{
	// 					PrivateIPAllocationMethod: to.Ptr(armnetwork.IPAllocationMethodDynamic),
	// 					ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
	// 					PublicIPAddress: &armnetwork.SubResource{
	// 						ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName"),
	// 					},
	// 					Subnet: &armnetwork.SubResource{
	// 						ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"),
	// 					},
	// 				},
	// 		}},
	// 		ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
	// 		ScaleUnits: to.Ptr[int32](2),
	// 	},
	// 	SKU: &armnetwork.SKU{
	// 		Name: to.Ptr(armnetwork.BastionHostSKUNameStandard),
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:: 200

{
  "name": "bastionhost",
  "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant'",
  "type": "Microsoft.Network/bastionHosts",
  "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
  "location": "West US",
  "sku": {
    "name": "Standard"
  },
  "properties": {
    "provisioningState": "Succeeded",
    "dnsName": "bst-9d89d361-100e-4c01-b92d-466548c476dc.bastion.azure.com",
    "scaleUnits": 2,
    "disableCopyPaste": false,
    "enableTunneling": false,
    "enableIpConnect": false,
    "enableShareableLink": false,
    "enableKerberos": false,
    "enableSessionRecording": false,
    "enablePrivateOnlyBastion": false,
    "ipConfigurations": [
      {
        "name": "bastionHostIpConfiguration",
        "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant/bastionHostIpConfigurations/bastionHostIpConfiguration",
        "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
        "type": "Microsoft.Network/bastionHosts/bastionHostIpConfigurations",
        "properties": {
          "provisioningState": "Succeeded",
          "privateIPAllocationMethod": "Dynamic",
          "subnet": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"
          },
          "publicIPAddress": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName"
          }
        }
      }
    ]
  }
}

Status code:: 201

{
  "name": "bastionhosttenant'",
  "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant",
  "type": "Microsoft.Network/bastionHosts",
  "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
  "location": "West US",
  "sku": {
    "name": "Standard"
  },
  "properties": {
    "provisioningState": "Succeeded",
    "dnsName": "bst-9d89d361-100e-4c01-b92d-466548c476dc.bastion.azure.com",
    "scaleUnits": 2,
    "disableCopyPaste": false,
    "enableTunneling": false,
    "enableIpConnect": false,
    "enableShareableLink": false,
    "enableKerberos": false,
    "enableSessionRecording": false,
    "enablePrivateOnlyBastion": false,
    "ipConfigurations": [
      {
        "name": "bastionHostIpConfiguration",
        "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant/bastionHostIpConfigurations/bastionHostIpConfiguration",
        "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
        "type": "Microsoft.Network/bastionHosts/bastionHostIpConfigurations",
        "properties": {
          "provisioningState": "Succeeded",
          "privateIPAllocationMethod": "Dynamic",
          "subnet": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"
          },
          "publicIPAddress": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName"
          }
        }
      }
    ]
  }
}

Create Bastion Host With Private Only

Sample request

HTTP
Go

PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant?api-version=2024-05-01

{
  "properties": {
    "enablePrivateOnlyBastion": true,
    "ipConfigurations": [
      {
        "name": "bastionHostIpConfiguration",
        "properties": {
          "subnet": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"
          }
        }
      }
    ]
  }
}

package armnetwork_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/ab04533261eff228f28e08900445d0edef3eb70c/specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/BastionHostPutWithPrivateOnly.json
func ExampleBastionHostsClient_BeginCreateOrUpdate_createBastionHostWithPrivateOnly() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	poller, err := clientFactory.NewBastionHostsClient().BeginCreateOrUpdate(ctx, "rg1", "bastionhosttenant", armnetwork.BastionHost{
		Properties: &armnetwork.BastionHostPropertiesFormat{
			EnablePrivateOnlyBastion: to.Ptr(true),
			IPConfigurations: []*armnetwork.BastionHostIPConfiguration{
				{
					Name: to.Ptr("bastionHostIpConfiguration"),
					Properties: &armnetwork.BastionHostIPConfigurationPropertiesFormat{
						Subnet: &armnetwork.SubResource{
							ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"),
						},
					},
				}},
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	res, err := poller.PollUntilDone(ctx, nil)
	if err != nil {
		log.Fatalf("failed to pull the result: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.BastionHost = armnetwork.BastionHost{
	// 	Name: to.Ptr("bastionhosttenant"),
	// 	Type: to.Ptr("Microsoft.Network/bastionHosts"),
	// 	ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant"),
	// 	Location: to.Ptr("West US"),
	// 	Etag: to.Ptr("w/\\00000000-0000-0000-0000-000000000000\\"),
	// 	Properties: &armnetwork.BastionHostPropertiesFormat{
	// 		DisableCopyPaste: to.Ptr(false),
	// 		DNSName: to.Ptr("bst-9d89d361-100e-4c01-b92d-466548c476dc.bastion.azure.com"),
	// 		EnableIPConnect: to.Ptr(false),
	// 		EnableKerberos: to.Ptr(false),
	// 		EnablePrivateOnlyBastion: to.Ptr(true),
	// 		EnableSessionRecording: to.Ptr(false),
	// 		EnableShareableLink: to.Ptr(false),
	// 		EnableTunneling: to.Ptr(false),
	// 		IPConfigurations: []*armnetwork.BastionHostIPConfiguration{
	// 			{
	// 				ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant/bastionHostIpConfigurations/bastionHostIpConfiguration"),
	// 				Name: to.Ptr("bastionHostIpConfiguration"),
	// 				Type: to.Ptr("Microsoft.Network/bastionHosts/bastionHostIpConfigurations"),
	// 				Etag: to.Ptr("w/\\00000000-0000-0000-0000-000000000000\\"),
	// 				Properties: &armnetwork.BastionHostIPConfigurationPropertiesFormat{
	// 					PrivateIPAllocationMethod: to.Ptr(armnetwork.IPAllocationMethodDynamic),
	// 					ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
	// 					Subnet: &armnetwork.SubResource{
	// 						ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"),
	// 					},
	// 				},
	// 		}},
	// 		ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
	// 		ScaleUnits: to.Ptr[int32](2),
	// 	},
	// 	SKU: &armnetwork.SKU{
	// 		Name: to.Ptr(armnetwork.BastionHostSKUNamePremium),
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:: 200

{
  "name": "bastionhosttenant",
  "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant",
  "type": "Microsoft.Network/bastionHosts",
  "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
  "location": "West US",
  "sku": {
    "name": "Premium"
  },
  "properties": {
    "provisioningState": "Succeeded",
    "dnsName": "bst-9d89d361-100e-4c01-b92d-466548c476dc.bastion.azure.com",
    "scaleUnits": 2,
    "disableCopyPaste": false,
    "enableTunneling": false,
    "enableIpConnect": false,
    "enableShareableLink": false,
    "enableKerberos": false,
    "enableSessionRecording": false,
    "enablePrivateOnlyBastion": true,
    "ipConfigurations": [
      {
        "name": "bastionHostIpConfiguration",
        "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant/bastionHostIpConfigurations/bastionHostIpConfiguration",
        "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
        "type": "Microsoft.Network/bastionHosts/bastionHostIpConfigurations",
        "properties": {
          "provisioningState": "Succeeded",
          "privateIPAllocationMethod": "Dynamic",
          "subnet": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"
          }
        }
      }
    ]
  }
}

Status code:: 201

{
  "name": "bastionhosttenant",
  "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant",
  "type": "Microsoft.Network/bastionHosts",
  "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
  "location": "West US",
  "sku": {
    "name": "Premium"
  },
  "properties": {
    "provisioningState": "Succeeded",
    "dnsName": "bst-9d89d361-100e-4c01-b92d-466548c476dc.bastion.azure.com",
    "scaleUnits": 2,
    "disableCopyPaste": false,
    "enableTunneling": false,
    "enableIpConnect": false,
    "enableShareableLink": false,
    "enableKerberos": false,
    "enableSessionRecording": false,
    "enablePrivateOnlyBastion": true,
    "ipConfigurations": [
      {
        "name": "bastionHostIpConfiguration",
        "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant/bastionHostIpConfigurations/bastionHostIpConfiguration",
        "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
        "type": "Microsoft.Network/bastionHosts/bastionHostIpConfigurations",
        "properties": {
          "provisioningState": "Succeeded",
          "privateIPAllocationMethod": "Dynamic",
          "subnet": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"
          }
        }
      }
    ]
  }
}

Create Bastion Host With Zones

Sample request

HTTP
Go

PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant?api-version=2024-05-01

{
  "properties": {
    "ipConfigurations": [
      {
        "name": "bastionHostIpConfiguration",
        "properties": {
          "subnet": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"
          },
          "publicIPAddress": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName"
          }
        }
      }
    ]
  }
}

package armnetwork_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/ab04533261eff228f28e08900445d0edef3eb70c/specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/BastionHostPutWithZones.json
func ExampleBastionHostsClient_BeginCreateOrUpdate_createBastionHostWithZones() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	poller, err := clientFactory.NewBastionHostsClient().BeginCreateOrUpdate(ctx, "rg1", "bastionhosttenant", armnetwork.BastionHost{
		Properties: &armnetwork.BastionHostPropertiesFormat{
			IPConfigurations: []*armnetwork.BastionHostIPConfiguration{
				{
					Name: to.Ptr("bastionHostIpConfiguration"),
					Properties: &armnetwork.BastionHostIPConfigurationPropertiesFormat{
						PublicIPAddress: &armnetwork.SubResource{
							ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName"),
						},
						Subnet: &armnetwork.SubResource{
							ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"),
						},
					},
				}},
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	res, err := poller.PollUntilDone(ctx, nil)
	if err != nil {
		log.Fatalf("failed to pull the result: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.BastionHost = armnetwork.BastionHost{
	// 	Name: to.Ptr("bastionhost"),
	// 	Type: to.Ptr("Microsoft.Network/bastionHosts"),
	// 	ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant'"),
	// 	Location: to.Ptr("West US"),
	// 	Etag: to.Ptr("w/\\00000000-0000-0000-0000-000000000000\\"),
	// 	Properties: &armnetwork.BastionHostPropertiesFormat{
	// 		DisableCopyPaste: to.Ptr(false),
	// 		DNSName: to.Ptr("bst-9d89d361-100e-4c01-b92d-466548c476dc.bastion.azure.com"),
	// 		EnableIPConnect: to.Ptr(false),
	// 		EnableKerberos: to.Ptr(false),
	// 		EnablePrivateOnlyBastion: to.Ptr(false),
	// 		EnableSessionRecording: to.Ptr(false),
	// 		EnableShareableLink: to.Ptr(false),
	// 		EnableTunneling: to.Ptr(false),
	// 		IPConfigurations: []*armnetwork.BastionHostIPConfiguration{
	// 			{
	// 				ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant/bastionHostIpConfigurations/bastionHostIpConfiguration"),
	// 				Name: to.Ptr("bastionHostIpConfiguration"),
	// 				Type: to.Ptr("Microsoft.Network/bastionHosts/bastionHostIpConfigurations"),
	// 				Etag: to.Ptr("w/\\00000000-0000-0000-0000-000000000000\\"),
	// 				Properties: &armnetwork.BastionHostIPConfigurationPropertiesFormat{
	// 					PrivateIPAllocationMethod: to.Ptr(armnetwork.IPAllocationMethodDynamic),
	// 					ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
	// 					PublicIPAddress: &armnetwork.SubResource{
	// 						ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName"),
	// 					},
	// 					Subnet: &armnetwork.SubResource{
	// 						ID: to.Ptr("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"),
	// 					},
	// 				},
	// 		}},
	// 		ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
	// 		ScaleUnits: to.Ptr[int32](2),
	// 	},
	// 	SKU: &armnetwork.SKU{
	// 		Name: to.Ptr(armnetwork.BastionHostSKUNameStandard),
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:: 200

{
  "name": "bastionhost",
  "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant'",
  "type": "Microsoft.Network/bastionHosts",
  "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
  "location": "West US",
  "sku": {
    "name": "Standard"
  },
  "properties": {
    "provisioningState": "Succeeded",
    "dnsName": "bst-9d89d361-100e-4c01-b92d-466548c476dc.bastion.azure.com",
    "scaleUnits": 2,
    "disableCopyPaste": false,
    "enableTunneling": false,
    "enableIpConnect": false,
    "enableShareableLink": false,
    "enableKerberos": false,
    "enableSessionRecording": false,
    "enablePrivateOnlyBastion": false,
    "ipConfigurations": [
      {
        "name": "bastionHostIpConfiguration",
        "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant/bastionHostIpConfigurations/bastionHostIpConfiguration",
        "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
        "type": "Microsoft.Network/bastionHosts/bastionHostIpConfigurations",
        "properties": {
          "provisioningState": "Succeeded",
          "privateIPAllocationMethod": "Dynamic",
          "subnet": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"
          },
          "publicIPAddress": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName"
          }
        }
      }
    ]
  }
}

Status code:: 201

{
  "name": "bastionhost'",
  "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant'",
  "type": "Microsoft.Network/bastionHosts",
  "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
  "location": "West US",
  "sku": {
    "name": "Standard"
  },
  "properties": {
    "provisioningState": "Succeeded",
    "dnsName": "bst-9d89d361-100e-4c01-b92d-466548c476dc.bastion.azure.com",
    "scaleUnits": 2,
    "disableCopyPaste": false,
    "enableTunneling": false,
    "enableIpConnect": false,
    "enableShareableLink": false,
    "enableKerberos": false,
    "enableSessionRecording": false,
    "enablePrivateOnlyBastion": false,
    "ipConfigurations": [
      {
        "name": "bastionHostIpConfiguration",
        "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/bastionHosts/bastionhosttenant/bastionHostIpConfigurations/bastionHostIpConfiguration",
        "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
        "type": "Microsoft.Network/bastionHosts/bastionHostIpConfigurations",
        "properties": {
          "provisioningState": "Succeeded",
          "privateIPAllocationMethod": "Dynamic",
          "subnet": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/BastionHostSubnet"
          },
          "publicIPAddress": {
            "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/pipName"
          }
        }
      }
    ]
  }
}

Create Developer Bastion Host

Sample request

HTTP
Go

PUT https://management.azure.com/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/bastionHosts/bastionhostdeveloper?api-version=2024-05-01

{
  "properties": {
    "virtualNetwork": {
      "id": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/virtualNetworks/vnet2"
    },
    "networkAcls": {
      "ipRules": [
        {
          "addressPrefix": "1.1.1.1/16"
        }
      ]
    },
    "ipConfigurations": []
  }
}

package armnetwork_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/ab04533261eff228f28e08900445d0edef3eb70c/specification/network/resource-manager/Microsoft.Network/stable/2024-05-01/examples/BastionHostDeveloperPut.json
func ExampleBastionHostsClient_BeginCreateOrUpdate_createDeveloperBastionHost() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	poller, err := clientFactory.NewBastionHostsClient().BeginCreateOrUpdate(ctx, "rg2", "bastionhostdeveloper", armnetwork.BastionHost{
		Properties: &armnetwork.BastionHostPropertiesFormat{
			IPConfigurations: []*armnetwork.BastionHostIPConfiguration{},
			NetworkACLs: &armnetwork.BastionHostPropertiesFormatNetworkACLs{
				IPRules: []*armnetwork.IPRule{
					{
						AddressPrefix: to.Ptr("1.1.1.1/16"),
					}},
			},
			VirtualNetwork: &armnetwork.SubResource{
				ID: to.Ptr("/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/virtualNetworks/vnet2"),
			},
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	res, err := poller.PollUntilDone(ctx, nil)
	if err != nil {
		log.Fatalf("failed to pull the result: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.BastionHost = armnetwork.BastionHost{
	// 	Name: to.Ptr("bastionhostdeveloper"),
	// 	Type: to.Ptr("Microsoft.Network/bastionHosts"),
	// 	ID: to.Ptr("/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/bastionHosts/bastionhostdeveloper'"),
	// 	Location: to.Ptr("West US"),
	// 	Etag: to.Ptr("w/\\00000000-0000-0000-0000-000000000000\\"),
	// 	Properties: &armnetwork.BastionHostPropertiesFormat{
	// 		DNSName: to.Ptr("omnibrain.uswest.bastionglobal.azure.com"),
	// 		IPConfigurations: []*armnetwork.BastionHostIPConfiguration{
	// 		},
	// 		NetworkACLs: &armnetwork.BastionHostPropertiesFormatNetworkACLs{
	// 			IPRules: []*armnetwork.IPRule{
	// 				{
	// 					AddressPrefix: to.Ptr("1.1.1.1/16"),
	// 			}},
	// 		},
	// 		ProvisioningState: to.Ptr(armnetwork.ProvisioningStateSucceeded),
	// 		VirtualNetwork: &armnetwork.SubResource{
	// 			ID: to.Ptr("/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/virtualNetworks/vnet2"),
	// 		},
	// 	},
	// 	SKU: &armnetwork.SKU{
	// 		Name: to.Ptr(armnetwork.BastionHostSKUNameDeveloper),
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:: 200

{
  "name": "bastionhostdeveloper",
  "id": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/bastionHosts/bastionhostdeveloper'",
  "type": "Microsoft.Network/bastionHosts",
  "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
  "location": "West US",
  "sku": {
    "name": "Developer"
  },
  "properties": {
    "provisioningState": "Succeeded",
    "dnsName": "omnibrain.uswest.bastionglobal.azure.com",
    "virtualNetwork": {
      "id": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/virtualNetworks/vnet2"
    },
    "networkAcls": {
      "ipRules": [
        {
          "addressPrefix": "1.1.1.1/16"
        }
      ]
    },
    "ipConfigurations": []
  }
}

Status code:: 201

{
  "name": "bastionhostdeveloper'",
  "id": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/bastionHosts/bastionhostdeveloper'",
  "type": "Microsoft.Network/bastionHosts",
  "etag": "w/\\00000000-0000-0000-0000-000000000000\\",
  "location": "West US",
  "sku": {
    "name": "Developer"
  },
  "properties": {
    "provisioningState": "Succeeded",
    "dnsName": "omnibrain.uswest.bastionglobal.azure.com",
    "virtualNetwork": {
      "id": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/virtualNetworks/vnet2"
    },
    "networkAcls": {
      "ipRules": [
        {
          "addressPrefix": "1.1.1.1/16"
        }
      ]
    },
    "ipConfigurations": []
  }
}

Definitions

Name	Description
BastionHost	Bastion Host resource.
BastionHostIPConfiguration	IP configuration of an Bastion Host.
BastionHostSkuName	The name of the sku of this Bastion Host.
CloudError	An error response from the service.
CloudErrorBody	An error response from the service.
IPAllocationMethod	IP address allocation method.
IPRule
NetworkAcls
ProvisioningState	The current provisioning state.
Sku	The sku of this Bastion Host.
SubResource	Reference to another subresource.

BastionHost

Bastion Host resource.

Name	Type	Default value	Description
etag	string		A unique read-only string that changes whenever the resource is updated.
id	string		Resource ID.
location	string		Resource location.
name	string		Resource name.
properties.disableCopyPaste	boolean	False	Enable/Disable Copy/Paste feature of the Bastion Host resource.
properties.dnsName	string		FQDN for the endpoint on which bastion host is accessible.
properties.enableFileCopy	boolean	False	Enable/Disable File Copy feature of the Bastion Host resource.
properties.enableIpConnect	boolean	False	Enable/Disable IP Connect feature of the Bastion Host resource.
properties.enableKerberos	boolean	False	Enable/Disable Kerberos feature of the Bastion Host resource.
properties.enablePrivateOnlyBastion	boolean	False	Enable/Disable Private Only feature of the Bastion Host resource.
properties.enableSessionRecording	boolean	False	Enable/Disable Session Recording feature of the Bastion Host resource.
properties.enableShareableLink	boolean	False	Enable/Disable Shareable Link of the Bastion Host resource.
properties.enableTunneling	boolean	False	Enable/Disable Tunneling feature of the Bastion Host resource.
properties.ipConfigurations	BastionHostIPConfiguration[]		IP configuration of the Bastion Host resource.
properties.networkAcls	NetworkAcls
properties.provisioningState	ProvisioningState		The provisioning state of the bastion host resource.
properties.scaleUnits	integer		The scale units for the Bastion Host resource.
properties.virtualNetwork	SubResource		Reference to an existing virtual network required for Developer Bastion Host only.
sku	Sku		The sku of this Bastion Host.
tags	object		Resource tags.
type	string		Resource type.
zones	string[]		A list of availability zones denoting where the resource needs to come from.

BastionHostIPConfiguration

IP configuration of an Bastion Host.

Name	Type	Description
etag	string	A unique read-only string that changes whenever the resource is updated.
id	string	Resource ID.
name	string	Name of the resource that is unique within a resource group. This name can be used to access the resource.
properties.privateIPAllocationMethod	IPAllocationMethod	Private IP allocation method.
properties.provisioningState	ProvisioningState	The provisioning state of the bastion host IP configuration resource.
properties.publicIPAddress	SubResource	Reference of the PublicIP resource. Null for private only bastion
properties.subnet	SubResource	Reference of the subnet resource.
type	string	Ip configuration type.

BastionHostSkuName

The name of the sku of this Bastion Host.

Name	Type	Description
Basic	string
Developer	string
Premium	string
Standard	string

CloudError

An error response from the service.

Name	Type	Description
error	CloudErrorBody	Cloud error body.

CloudErrorBody

An error response from the service.

Name	Type	Description
code	string	An identifier for the error. Codes are invariant and are intended to be consumed programmatically.
details	CloudErrorBody[]	A list of additional details about the error.
message	string	A message describing the error, intended to be suitable for display in a user interface.
target	string	The target of the particular error. For example, the name of the property in error.

IPAllocationMethod

IP address allocation method.

Name	Type	Description
Dynamic	string
Static	string

IPRule

Name	Type	Description
addressPrefix	string	Specifies the IP or IP range in CIDR format. Only IPV4 address is allowed.

NetworkAcls

Name	Type	Description
ipRules	IPRule[]	Sets the IP ACL rules for Developer Bastion Host.

ProvisioningState

The current provisioning state.

Name	Type	Description
Deleting	string
Failed	string
Succeeded	string
Updating	string

Sku

The sku of this Bastion Host.

Name	Type	Default value	Description
name	BastionHostSkuName	Standard	The name of the sku of this Bastion Host.

SubResource

Reference to another subresource.

Name	Type	Description
id	string	Resource ID.

Share via

Bastion Hosts - Create Or Update

URI Parameters

Request Body

Responses

Security

azure_auth

Scopes

Examples

Create Bastion Host

Sample request

Sample response

Create Bastion Host With Private Only

Sample request

Sample response

Create Bastion Host With Zones

Sample request

Sample response

Create Developer Bastion Host

Sample request

Sample response

Definitions

BastionHost

BastionHostIPConfiguration

BastionHostSkuName

CloudError

CloudErrorBody

IPAllocationMethod

IPRule

NetworkAcls

ProvisioningState

Sku

SubResource

Additional resources