As an Azure consultant, for me, it is the best way to give the administrator access as you can manage the permission - including who can access Bastion.
Azure Bastion enables secure virtual machine connectivity without internet exposure, optimizing management of administrative access and permissions. Its user-friendly setup and support for scripting improve operational efficiency, while runbook features benefit infrastructure management. Users incur charges for data retrieval. Azure Bastion is more compatible with Edge, although protocol speed could be faster. Boot issues on Windows remain unresolved, and direct file transfer requires Azure Storage.