Hello Friends, Happy to see you again. In this article, I will briefly talk about Azure Bastion Session Management. In the first part of the series, I will go over the basics of session monitoring and management for Azure Bastion. Let's get into it.

💬What is Bastion's Session Management?​

You might want to manage the sessions if you're using Azure Bastion. For example, you wish to terminate the session or view the session details and so forth. Session Management is a feature that allows you to manage active sessions or terminate the sessions. If you're already using Azure Bastion, you should be sending the logs to Log Analytics. If you're not, please do that as soon as possible. Log analytics can help to see the session details and Bastion Audit Logs. The Diagnostics Logs can be sent to Log Analytics and Storage Accounts so that you can view the session details.

🌱How to Manage Azure Bastion Sessions?​

It is evident that you can manage the sessions from the Azure Portal, but key point is that we would like to manage the sessions from PowerShell. In order to do that, we will interact with the Azure Bastion REST API. When you skim through the Azure Bastion REST API, you will see that there are two endpoints. One is for the getActiveSessions and the other one is for the disconnectActiveSessions.

🧑‍💻 Quick insight into the REST API endpoints​

🔗 getActiveSessions​

The GetActiveSessions endpoint is used to get the active sessions. It returns the list of active sessions. The endpoint is as follows:

Method: POST
"https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName}/getActiveSessions?api-version=2022-07-01"

When you send a request to the endpoint, you will probably get the following response:

{
  "value": [
    {
      "sessionId": "sessionId",
      "startTime": "2019-1-1T12:00:00.0000Z",
      "targetSubscriptionId": "subid",
      "resourceType": "VM",
      "targetHostName": "vm01",
      "targetResourceGroup": "rg1",
      "userName": "user",
      "targetIpAddress": "1.1.1.1",
      "protocol": "SSH",
      "targetResourceId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Compute/virtualMachines/vm01",
      "sessionDurationInMins": 0
    }
  ]
}

🔗 disconnectActiveSessions​

Method: POST
"POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/bastionHosts/{bastionHostName}/disconnectActiveSessions?api-version=2022-07-01"

Once you get the session details, you can terminate the session by sending a request to the disconnectActiveSessions endpoint. When you send a request to the endpoint, you must send the sessionIds as a request body. The request body must be in the following format:

sessionIds: [

    "session1",
    "session2",
    "session3"

]

Looks like Azure Bastion REST API is pretty straightforward for newcomers. The tricky part is that you will need to send the request again to get the session details. I look forward to finishing the PowerShell part in the following article. We are getting closer to the end of the article. Stay tuned for the next part.

Hello Friends,

As a member of MsHowto who leads the Microsoft Community in Turkey, we will deliver multiple sessions on Azure Global BootCamp 2022. You can check out my session below. Please visit the Eventbrite registration page:

https://www.eventbrite.com/e/global-azure-istanbul-2022-tickets-313124552967

I will talk about #Azure Arc-enabled kubernetes'. Don't forget to claim your ticket.

Many organizations seek to understand the cost impact when they want to use Azure Defender For Cloud (ADfC). I have been working on price estimates when I need to enable Azure Defender for Cloud services for specific resources in a tenant. However, I developed a PowerShell script that estimates the overall cost according to the ADfC resource coverage per subscription that does not include all estimation options.

Microsoft recently released a new Price Estimation Dashboard using the Azure Resource Graph and Resource metrics in order to provide a forecast for the candidate of ADfC Customers.

In this article, we will try to gather consumption details using custom queries from Microsoft.CostManagement API on Azure. There are different ways to get these details but I will show you the simplest way to get this.

Infrastructure as Code(IaC) is a crucial technique when you need to automate your environment end-to-end. If you're familiar with Terraform, you are probably familiar with the functionality of terraform plan. You might want to see the same capability before deploying Bicep or Azure Resource Manager templates. In order to have this functionality in your environment, you must have AZ CLI or Azure PowerShell. What-if is supported for the resource group, subscription, management group, and tenant-level deployments.

If you haven't already used kind for deploying local Kubernetes, I strongly suggest you explore it and use it for testing the Kubernetes cluster itself. In this article, I am not going to dive into kind tool because this article is not intented to focus on this. If you are willing to learn kind tool, please search on the blog and get practice on it.

We will be primarily focusing how we can connect kind kubernetes cluster to Azure Arc. As you know, this demonstration is not for production usage but it will give you insights when you have connected kubernetes cluster to Azure Arc.

In this article series, I will write about how we can migrate Azure Firewall Standard to Premium sku using PowerShell or Azure Resource Manageer Template. If you are using Azure Cloud, You are probably using Azure Firewall Standard in your Hub and Spoke topogolty to protect ingress and egress traffic for your services.

This article guides you with the required steps to manually migrate your Standard firewall and policy to Premium.

Before you start the migration, understand the migration tasks and plan ahead for the required maintenance window. Typical down time of 20-30 minutes is expected.

You might be managing a very complex or non-complex environment in your organization. At some point, your organization would probably have Azure Resources such as Public IP Address(s), Network Security Group(s), Traffic Manager, Virtual Network Peerings, VPN Gateway(s), etc.

I have seen this challenge in many Azure Environments. The leading question is, what is the attack surface of my organization, that can be exploited by an attacker. Identifying this type of endpoint can be complex sometimes. For all kind of these questions, we will claim the help of the Network Security Dashboard from Microsoft Azure.

The following article will explain how to register an existing physical or virtual machine running Windows to Azure Arc Control Plane using a fundamental PowerShell Script.

In order to start registering existing Windows Servers to Azure Arc, we need to install the Azure Connected Machine agent on each machine that you plan to connect using Azure Arc. Before starting this, we should ensure that we have the things below.

In our last article, I tried to explain how we can get a report for Secure Score details and assignments of Defender for Cloud Plans for each subscription. I will now expand these type of queries mainly for Virtual Networks.

If you are managing multiple Azure Hub environments, at some point, you will need to report the status of Virtual Network Peerings as well as Peering Flags for the connectivity side of it. As we said before, there are various ways to obtain it. If you have over a hundred subscriptions, I wouldn't prefer to use PowerShell for these types of reports for generating them. In my personal opinion, Azure Resource Graph is a solid and decent way to get results as an object in PowerShell, and then you can use data for generating HTML, CSV, Table Storage or updating SQL Table.