Saturday, June 20, 2020

just in time access

secure your management ports with just in time access 


The port 3389 is the remote desktop protocol port that is used to connect to the virtual machine. This port should be enabled using just-in-time access.


Request JIT access to a VM : Assign these actions to the user

 Role Based Access Actions need to be allowed for a user that would request for just-in-time access to a virtual machine.

on the scope of a subscription or Resource Group that is associated with the VM:
Microsoft.Security/locations/jitNetworkAccessPolicies/initiate/action

On the scope of a subscription or resource group or VM 
Microsoft.Compute/virtualMachines/read


Configure or edit a JIT policy for a VM : Assign these actions to the role:

on the scope of a subscription or Resource Group that is associated with the VM:
Microsoft.Security/locations/jitNetworkAccessPolicies/write
On the scope of a subscription or resource group or VM 
Microsoft.Compute/virtualMachines/write


reference:

https://docs.microsoft.com/en-us/azure/security-center/security-center-just-in-time

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)