![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 28.999999999999996%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVB%3C/text%3E%3C/svg%3E)
Azure Bastion
An Azure service that provides private and fully managed Remote Desktop Protocol (RDP) and Secure Shell (SSH) access to virtual machines.
247 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Varishh Bahl Welcome to the Microsoft Q&A forum. Based on your questions above:
Also I noticed that there was a component called standard additional gateway which was incurring majority of the cost for bastion. Can someone please clarify how this gateway functions and will reducing the instance count reduce the billing.
Azure Bastion pricing is a combination of SKU selected, number of scale units configured, and data transfer rates. For the latest pricing information, see the Azure Bastion pricing page.
Yes, reducing the instance count will reduce cost of Azure Bastion resources. The standard additional gateway component refers to the charge acquired due to these additional instance count.
I checked the activity logs and couldnt get any info on who /when it was increased.
I did a test regarding this and I was able to see this update in my bastions activity logs. I increased the instance count from 2 to 6. Below is the Activity log screenshot
Possible reason you might not be able to view the log might be due to the retention period of the activity logs. Activity log events are retained in Azure for 90 days and then deleted. For more functionality, such as longer retention, create a diagnostic setting and route the entries to another location based on your needs. This is documented here. Please let me know if you need any additional information here. To prevent this issue in future, you can explore RBAC roles available in Azure which is an authorization system you use to manage access to Azure resources. These are the required roles to access a virtual machine via Bastion resource. Additional reference https://video2.skills-academy.com/en-us/azure/role-based-access-control/rbac-and-directory-admin-roles#azure-roles Just in case if you need any additional assistance regarding any billing issue. You can create a billing related support request as Azure provides Billing and Subscription management support for all the customers. More information here : https://azure.microsoft.com/en-us/support Hope this helps! Please let me know if you have any questions. Thank you! Please "Accept the answer" if the information helped you. This will help us and others in the community as well.