Today, Windows virtual machine has been deployed by executing codes defined in ARM(Azure Resource Manager) template where the infrastructure and configuration are written in JSON format following JavaScript object syntax. In this section, let me skip over a lot of detail about ARM template, and refer to this link for overall structure and syntax breakdown. Reference site 2
In Azure portal
To create a virtual machine from ARM template, go and search “deploy a custom template” in Azure portal. There are two options, either write codes there or upload JSON file. Refer to this link for step-by-step instruction. On the “Edit template” screen, ensure everything is ok and click on “Save” button.
Then on the next screen, check all parameters, specify “Resource Group” under the “subscription”, followed by “Windows Admin User Name” and “Windows Admin Password”. If everything is ok, click on “Review + Create” to proceed to the next screen. 
Read Terms and Condition and again click on “Create” button. Finally after a few minutes, several resources have been created for two virtual machines as follows:
| AzureBastion-pip | Public IP Address |
| AzureBastionHost | Bastion |
| AzureStudy-vnet | Virtual Network |
| Linux-VM | Virtual Machine |
| Linux-VM-nic | Network Interface |
| Linux-VM-nsg | Network Security Group |
| Linux-VM_OsDisk_1_<some_letters_and_numbers> | Disk |
| Windows-VM | Virtual Machine |
| Windows-VM-nic | Network Interface |
| Windows-VM-nsg | Network Security Group |
| Windows-VM_OsDisk_1_<some_letters_and_numbers> | Disk |
All of above have been created without friendly explanation leaves some questions, and here are summaries about what it is, as follows.
- Public IP Address – Public IP addresses enable Azure resources to communicate to Internet and public-facing Azure services
- Bastion – Azure Bastion enables connection to a virtual machine using web browser and provides secure and seamless RDP/SSH connectivity directly from the Azure portal.
- Virtual Network – Azure VNet (Azure Virtual Network) is a service that enables your own private network logically isolated from the other networks. It is required to connect to the other Azure resources and on-premise resources.
- Virtual Machine
- Network Interface – Network Interface Card (NIC) is a component which holds the Public IP and the private IP of the Virtual Machine for the communication between Virtual Machines or internal network or internet.
- Network Security Group – Network Security Group(NSG) contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources.
- Disk – 127GB OS Disk
Connecting to Virtual Machine via Bastion
First, go to “resource group”, and navigate to a virtual machine on which you want to connect to. Then click on “connect” and select Bastion from dropdown menu.
Make sure user name is correct and key in password which has been specified in previous screen. Then lick on “connect” button.
Now a new browser window opens with the Virtual Machine on that tab.
From new browser window opened with the Virtual Machine on that tab, type “powershell” in the “Type here to search” box, and navigate to “Windows PowerShell ISE” from best match listed.
Typically, when a Virtual Machine is deployed, several components such as Public IP, NIC, NSG and Disk will be deployed along, other than Bastion used as a jump box to connect to Virtual Machines using web browser. However, in ARM template that I used this time round, everything is pre-defined to be deployed as follows:
| Virtual Network Name | AzureStudy-vnet |
| Virtual Network Address Range | 10.0.0.0/16 |
| Subnet Name | Windows-VM-subnet |
| Subnet Address Range | 10.0.0.0/24 |
| Subnet NSG Name | Windows-VM-nsg |
| Windows OS Admin Name | AzureAdmin |
| Windows OS Admin Password | Null |
| Windows Server OS Version | 2016-Datacenter |
| Windows Virtual Machine Size | Standard_D2_v3 |
| Windows Virtual Machine NIC | Windows-VM-nic |
| Windows Virtual Machine Name | Windows-VM |
| Azure Bastion Subnet Name | AzureBastionSubnet |
| Azure Bastion Subnet Range | 10.0.1.0/24 |
| Azure Bastion Name | AzureBastionHost |
| Azure Bastion Public IP Name | AzureBastion-pip |
How much has VM consumed?
I’ve totally forgotten what time I have deployed Virtual Machine and what time I stopped it. According to “Cost Management”, virtual machine has been running from 24 June and stopped on 27 June as follows:
| Date | Accumulated Cost | Daily Consumption |
| 24 June | $3.43 | |
| 25 June | $8.73 | $5.3 |
| 26 June | $14.04 | $5.31 |
| 27 June | $15.73 | $1.69 |
Only one thing the comparison between the Pricing Calculator and actual consumption tells me is that US$5.30 matches the cost per 24 hours. The cost consumed on the first day is US$3.43 which can be 15 hours 30 minutes of usage according to calculator. Thus, the time the Azure has started counting Virtual Machine should be 8:30 am in UTC zone (4:30 pm in SGT zone). US$1.69 of usage, on the day I stopped virtual machine, is approximately 7 hours 30 minutes, and it simply means 7:30 am in UTC zone (3;30 pm in SGT zone).
What about Bastion?
| Date | Accumulated Cost | Daily Consumption |
| 24 June | $2.73 | $2.73 |
| 25 June | $7.29 | $4.56 |
| 26 June | $11.85 | $4.56 |
| 27 June | $16.40 | $4.55 |
| 28 June | $20.96 | $4.56 |
| 29 June | $21.60 | $0.64 |
Azure Bastion surprisingly consumes US$4.56 a day, and I’ve carelessly forgotten to stop it for at least more than 24 hours even after having stopped VM on 27 June 3:30 pm till 29 June. Note: It has to completely delete from resource group for stopping charges. The amount of cost US$2.73 on 24 June means 14 hours 30 minutes of usage and it will be 9:30 am in UTC zone(5:30 pm in SGT zone) by calculating backward. The question is why the starting time differs by 1 hour from Virtual Machine.
Hi, this is a comment.
To get started with moderating, editing, and deleting comments, please visit the Comments screen in the dashboard.
Commenter avatars come from Gravatar.