Problem – Azure Virtual Desktop (AVD) administrators often lack direct line-of-sight access to Desktop Images when updating or changing them. The current workarounds involve creating public IP addresses, using an AVD session as a jump box, or deploying a bastion host. These options are either insecure or cost-inefficient.
Description – This feature provides AVD administrators the ability to enable a console connection directly to the Desktop Image, removing the need for public IP addresses or VPN connectivity to access the image during modification.
Vision – The solution functions by integrating a console connect feature within the AVD administration console, allowing seamless, secure access to Desktop Images regardless of network visibility constraints. Unlike traditional methods relying on public IP exposure or VPN tunnels, this console connect would maintain secure, direct management within the Azure portal environment, improving security posture and administrative efficiency. This would align with existing Azure virtual machine console connectivity capabilities and reduce dependency on less secure or costly network configurations.
This approach would avoid the overhead and security risk of public IPs and VPNs as currently discouraged in Azure Virtual Desktop best practices, where direct line-of-sight is typically required to use RDP Shortpath or UDP-based VPN tunnels74. Allowing a console connect bypasses these networking restrictions, creating a more seamless experience for AVD admins changing golden images.
Comments (2 comments)