Get started with Azure Bastion


As the public cloud matures, it’s becoming clear that we need a new tier of systems and application management tools. Clouds, whether public, private, or hybrid, depend on one thing: the abstraction of the application layer away from the underlying physical infrastructure. Applications don’t need to consider the underlying physical hardware anymore; all that’s necessary is either a managed PaaS environment or an application-specific virtual infrastructure.

That change has already happened, and those new management tools are starting to arrive. Alongside basic management, they deliver a new set of questions: Who are they for and how do we build them into our workflows? They’re important issues, which seem to suggest a new role in our devops teams. It’s one we don’t have a name for yet, a role that lies between the new infrastructure operators and the applications teams, one that’s responsible for managing the PaaS and the virtual infrastructure, more closely aligned with the applications than traditional system administrators.

Virtual infrastructures are a significant problem, as they require as much management and monitoring as an on-premises infrastructure. On-premises you’re able to go down into the data center and use an in-rack KVM switch to quickly hook a keyboard and screen to a server or use built-in lights-out management tools to quickly access your server’s configuration. You may even have a dedicated management network with servers configured to only allow terminal access to users inside your organization.

How do we securely manage Azure infrastructures?