none
Apply JIT accesspolicy using either an ARM template or an Azure Policy

    Question

  • Hi,

    Does anyone know if it is possible to apply the JIT access policy to an Azure VM just using an ARM template or using an Azure Policy applied to a VM?

    I am defining a number of foundation templates for my organization (so that the defaults are always applied) and Security Centre always suggests that JIT is applied to the VM's.

    I really don't want to have to manually activate the JIT policy post provisioning so doing it in an automated manner would be preferred.  Because we are using ARM templates (and Blueprints), it would be better to do it using this rather than having to implement a PowerShell post deployment step.

    Cheers,

    Andy

    Monday, April 29, 2019 9:26 AM

All replies

  • Hello, 

    Currently it's not possible to enable JIT access on a VM through ARM templates or with Azure policies. 

    PS and REST API's are the only methods available to automate this. You can learn more about these here. I would recommend posting this as a feedback request here, so that product team can consider adding this feature. 


    Monday, April 29, 2019 10:54 AM
    Moderator
  • Hello,

    Please let us know if you find above reply useful. If yes, do click on 'Mark as answer' link in above reply. This will help other community members facing similar query to refer to this solution. Let me know if you have any other questions.

    Thursday, May 2, 2019 6:19 AM
    Moderator