Exam AZ-104 topic 5 question 122 discussion

Tested in sandbox - IPv4 - Static - Standard - Global: Error during the selection in the interface - A Global Tier PublicIPAddress cannot be attached to Bastions. - IPv4 - Static - Standard - Regional: OK - IPv4 - Static - Basic - Regional Error during the selection in the interface - Static public IP addresses cannot be associated. - IPv4 - Dynamic - Basic - Regional Error during the selection in the interface - The SKU type for the public IP address does not match the SKU type of the load balancer (?? I don't know why this message). - IPv6 - Static - Standard - Regional: Error during deployment (The selected IPv6 public IP address is not supported for Azure Bastion. To fix this, please recreate your Azure Bastion with an IPv4 public IP address. (Code: PublicIpAddressVersionNotSupported))

The answer is correct: B Azure Bastion supports standard SKU public IP addresses: https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/configure-public-ip-bastion

Bastion does not support Global IP

A is correct

chatgpt: The correct option is: A. IP1 only Explanation: Azure Bastion requires a Standard SKU public IP address, and the public IP address must be static and regional. Looking at the provided table: IP1: Standard SKU, regional, static (meets all the requirements for Azure Bastion Basic SKU). IP2: Standard SKU, global, static (global tier is not supported for Bastion, only regional tier is allowed).

in my opinion: You have five Azure virtual machines that run Windows Server 2016. The virtual machines are configured as web servers. You have an Azure load balancer named LB1 that provides load balancing services for the virtual machines. You need to ensure that visitors are serviced by the same web server for each request. What should you configure? A. Floating IP (direct server return) to Enabled B. Session persistence to Client IP C. Protocol to UDP D. Idle Time-out (minutes) to 20

On the exam on 17.07.2024, Selected Answer: A; thanks to eliasalg

https://learn.microsoft.com/en-us/azure/bastion/configuration-settings#public-ip

The Public IP address SKU must be Standard. The Public IP address assignment/allocation method must be Static. The Public IP address name is the resource name by which you want to refer to this public IP address. You can choose to use a public IP address that you already created, as long as it meets the criteria required by Azure Bastion and isn't already in use. https://learn.microsoft.com/en-us/azure/bastion/configuration-settings#:~:text=When%20you%20configure%20Azure%20Bastion%20using%20the%20Basic%20SKU%2C%20two,This%20is%20called%20host%20scaling.

Azure Bastion Basic SKU does NOT support Global Tier IPs. Standard: "Supported via cross-region load balancers." https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/public-ip-addresses#sku

I tested in my lab and you cannot use dynamic IP addresses, basic SKU, or the Global. If you try to associate a Bastion with a Global Public IP you will get "Cannot be associated with this Bastion. Correct answer: A

Answer should be IP1 bastion be it standard or basic SKU only supports regional tier meaning if you have Vnets in 3 regions then you need to deploy 3 bastions one for every region, however if you have those Vnets peered then you can have one bastion service deployed and it can reach VMs in other regions. Bastion must have static IP either private or public; to use public IP you must have Standard SKU, private ip is mainly used for developers. https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/configure-public-ip-bastion

Answer should be A : Global tier is not supported in Basic Ip Public

The Public IP address SKU must be Standard. The Public IP address assignment/allocation method must be Static. The Public IP address name is the resource name by which you want to refer to this public IP address. You can choose to use a public IP address that you already created, as long as it meets the criteria required by Azure Bastion and isn't already in use. https://learn.microsoft.com/en-us/azure/bastion/configuration-settings

Prerequisites An Azure account with an active subscription. One standard SKU public IP address in your subscription. The IP address can't be associated with any resources. https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/configure-public-ip-bastion

Azure Bastion deployments require a Public IP address, except Developer SKU deployments. The Public IP must have the following configuration: The Public IP address SKU must be Standard. The Public IP address assignment/allocation method must be Static. The Public IP address name is the resource name by which you want to refer to this public IP address. You can choose to use a public IP address that you already created, as long as it meets the criteria required by Azure Bastion and isn't already in use.

A is correct. explicitly stated https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/public-ip-addresses#sku