Complete the code to create an Azure Bastion host in the specified virtual network.
az network bastion create --name MyBastionHost --resource-group MyResourceGroup --vnet-name [1] --subnet AzureBastionSubnet --location eastusThe --vnet-name parameter requires the name of the virtual network where the Bastion host will be deployed. Here, MyVNet is the correct virtual network name.
Complete the code to create the required subnet for Azure Bastion named 'AzureBastionSubnet'.
az network vnet subnet create --resource-group MyResourceGroup --vnet-name MyVNet --name [1] --address-prefixes 10.0.1.0/26
Azure Bastion requires a subnet named AzureBastionSubnet to function properly.
Fix the error in the command to connect to a VM using Azure Bastion.
az network bastion ssh --name MyBastionHost --resource-group MyResourceGroup --target-resource-id [1] --auth-type ssh-key --username azureuserThe --target-resource-id parameter requires the full Azure resource ID of the virtual machine, which includes the subscription, resource group, provider, and VM name.
Fill both blanks to define a network security group rule allowing Bastion host inbound traffic on port 443.
az network nsg rule create --resource-group MyResourceGroup --nsg-name MyNSG --name AllowBastionInbound --priority 100 --direction [1] --access Allow --protocol Tcp --destination-port-ranges [2]
The rule must allow Inbound traffic on port 443 (HTTPS) for Azure Bastion to work.
Fill all three blanks to create an Azure Bastion host with a public IP and associate it with the correct subnet.
az network public-ip create --resource-group MyResourceGroup --name [1] --sku Standard --location eastus az network bastion create --resource-group MyResourceGroup --name MyBastionHost --public-ip-address [2] --vnet-name MyVNet --location eastus --subnet [3]
The public IP must be created first with a name (e.g., MyBastionPublicIP), then referenced in the Bastion creation command. The Bastion host must be associated with the AzureBastionSubnet.