One of the great features of Azure Bastion is the possibility to share a link to connect to a VM in Azure, through Azure Bastion. The documentation is here:

Create a shareable link for Azure Bastion | Microsoft Learn

To start, you need to create a new Azure Bastion resource, in Standard SKU, not Basic. If you already have a Basic sku, you can upgrade to Standard.

Be sure, in configuration, to check the Shareable Link box:

Shareable Link

When it is done, go to Shareable links menu and click on Add:

Do to Shareable links menu and click on Add

Choose the Subscription, Resource Group. After that select the VM to what you want to create a link. If you select 10 VMs, you will have 10 links:

Choose the Subscription, Resource Group

It takes a few seconds to create the link:

It takes a few seconds to create the link

This is the link that you need to share with people that needs to access this VM:

I will access it through my browser. Now, choose the protocol, and the port. Provide the username/password to connect to the VM:

Choose the protocol, and the port

Azure Bastion

If everything is correct, you are now connected to the VM:

You are now connected to the VM

You can see active sessions, from the Azure Bastion resource:


The link is available until you remove it:


Until the session is closed, the link stays available.

If you have NSG, of course, the link will not work if your source IP is not allowed in the NSG 😊 it will not bypass it.

If you would like to give access to create only shareable links in Azure Bastion, you can create a custom RBAC role, with these accesses:


As you can see, this new feature is very helpful to do not give access to the Azure Portal to people who manage VM, but only a link to access it.

Back to blog