Create a custom role for JIT access requests.

Published by Ibrahima Mbodji on

In this post we will see how to create a custom role via the portal and give to a user the ability to request access to one or more virtual machines via JIT vm access.

JIT Just in Time vm access is a network security feature wich permit to lock down inbound traffic to your Azure VMs This reduces exposure to attacks while providing easy access to

connect to VMs when needed. or more information about JIT in security center :

https://docs.microsoft.com/en-gb/azure/security-center/security-center-just-in-time

To begin Go to your susbscription or your resource group and add a role assignement. You should be able to get the add custom role feature in the list . Click on that

I want to create a custom role named “JIT user” who will allow a member of my project team for example to access a particular VM .

 

Permission section is blank since i’ve choosed to start from scratch .

Click on Add permissions and in you right hand side search for JIT and select Microsoft Security .

Now in this section you have to choose what rights your users need to have . In my case: just the abilty to see the vm in the scope and initiate a request .

Awsome now click Review plus create to see the summary and create the role .

Once the JIT user role have been created you can add a role assignment 

and check  it after creation ;

 

Categories: RBAC
Tags:

Ibrahima Mbodji

Passionné de nouvelles technologies

0 Comments

Related Posts

RBAC

Create an Azure custom role using the Azure portal

Hi Folks,  Azure custom role creation in the Azure portal is in public preview. Previously, creating or editing custom roles was only possible through the command-line or Azure Resource Manager API. Now, ease your role-based Read more…

en_GBEnglish
en_GBEnglish
%d bloggers like this: