Posted in How To

How do I configure Azure Just in Time Virtual Machine Access ?

   March 8, 2023

Configuring Azure Just-in-Time Virtual Machine (VM) Access requires several steps, which include:

  1. Enable Azure Security Center: If you haven’t already done so, you will need to enable Azure Security Center for your subscription.
  2. Select the virtual machine: In the Azure Security Center, select the virtual machine that you want to enable JIT access for.
  3. Configure JIT settings: In the JIT access pane, configure the following settings:
    • Select the ports that will be opened for JIT access.
    • Set the maximum duration for the JIT access window.
    • Specify the users and groups that are authorized to request JIT access.
  4. Enable JIT access: After configuring the JIT settings, enable JIT access by selecting the “Enable JIT on this VM” option.

Once JIT access is enabled, authorized users can request access to the virtual machine through the Azure portal, PowerShell, or Azure CLI. The request is then approved by a designated security administrator before access is granted.

Here are more detailed steps to configure Azure Just-in-Time Virtual Machine Access:

  1. Open the Azure Security Center: You can access the Azure Security Center through the Azure portal by selecting “Security Center” from the left-hand menu.
  2. Select the virtual machine: In the Azure Security Center, select the virtual machine that you want to enable JIT access for.
  3. Configure JIT settings: In the JIT access pane, click “Configure JIT access” to configure the following settings:a. Select the ports that will be opened for JIT access: You can select the default ports (RDP and SSH), or you can specify custom ports that will be opened for JIT access.b. Set the maximum duration for the JIT access window: This specifies the maximum amount of time that the ports will be opened for JIT access. You can choose a duration of up to 24 hours.c. Specify the users and groups that are authorized to request JIT access: You can specify individual users or groups of users who are authorized to request JIT access.
  4. Enable JIT access: After configuring the JIT settings, click “Save” to enable JIT access.

Once JIT access is enabled, authorized users can request access to the virtual machine through the Azure portal, PowerShell, or Azure CLI. The request is then approved by a designated security administrator before access is granted.

Share: XFacebookPinterestLinkedin
Author: tonyhughes