Cloudflare Access RDP Bastion Host

I’m looking at deploying Bastion host for RDP access for my team remotely to our servers. Looking for some best practices here.

I’m thinking just get a CentOS host in our network and running cloudflared. Is that all I need?