Skip to content
Example code to deploy an Azure Bastion using Pulumi
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Azure Bastion for RDP and SSH using Pulumi

This is a free to use (no guarantees given) Pulumi module that can be used to deploy the Azure Bastion service into an existing subscription.

For more information about this service, read the official Microsoft documentation on Azure Bastion.


  • python 3.7
  • authenticated session to Azure subscription
  • pulumi cli

Please refer to the Microsoft documentation for any other prerequisites that might change over time.

Deploy this example

Clone this repo and then run the following:

cd pulumi-azure-bastion
virtualenv -p python3 venv
source venv/bin/activate
pip3 install -r requirements.txt
pulumi stack init pulumi-azure-bastion
pulumi config set azure:environment public
pulumi preview

If pulumi preview looks okay, then you can follow this up with pulumi update to deploy the stack.

Destroy the infrastructure

When done testing this example please consider tearing the infrastructure down to save cost. The nature of ARM template deployments is that we don't know what they have deployed, and as such we can't use pulumi to destroy the stack in this case, mainly because this specific stack or the combination of resources deployed, tries to delete the subnet before it deletes the resources in the subnet and fails.

You can use the Azure Portal to delete the created Resource Group or the CLI / PowerShell.

You can’t perform that action at this time.