{"id":230,"date":"2021-07-14T09:12:00","date_gmt":"2021-07-14T07:12:00","guid":{"rendered":"https:\/\/greg.klonis.gr\/?p=230"},"modified":"2021-10-13T15:54:33","modified_gmt":"2021-10-13T13:54:33","slug":"just-in-time-vm-access-in-azure","status":"publish","type":"post","link":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure","title":{"rendered":"Just-in-Time VM Access in Azure"},"content":{"rendered":"\n

Azure Just-in-Time VM Access is a great option to control when engineers need to work in their VM\u2019s with RDP in to the system. Let\u2019s assume they work 1 hour per day on servers. so, keeping port open for 24 hours is a risk.
Using Just-in-Time VM Access we can limit the time it keeps RDP ports open.<\/p>\n\n\n\n

When Just-in-Time VM Access enabled, we can define what VM and what ports will be controlled. In most scenarios you do not need to control access to ports used by your applications or services. It will be more in to ports related to management tasks. This all done by using azure network security group rules.<\/p>\n\n\n\n\n\n\n\n

Configuration<\/p>\n\n\n\n

  1. Log in to Azure Portal using Global Administrator account.<\/li>
  2. Go to Security Center > Just-In-Time VM Access (you may have to enable Azure Defender, if it’s not already).<\/li><\/ol>\n\n\n\n
    \"Configuring<\/figure>\n\n\n\n

    <\/p>\n\n\n\n

    3. From the Not configured tab, mark the VMs to protect with JIT and select Enable JIT on VMs.<\/p>\n\n\n\n

    The JIT VM access page opens listing the ports that Security Center recommends protecting:<\/p>\n\n\n\n

    22 – SSH
    3389 – RDP
    5985 – WinRM
    5986 – WinRM<\/p>\n\n\n\n

    <\/p>\n\n\n\n

    Cheers,<\/p>\n\n\n\n

    Greg<\/p>\n","protected":false},"excerpt":{"rendered":"

    Azure Just-in-Time VM Access is a great option to control when engineers need to work in their VM\u2019s with RDP in to the system. Let\u2019s assume they work 1 hour per day on servers. so, keeping port open for 24 hours is a risk.Using Just-in-Time VM Access we can limit the time it keeps RDP … Continue reading “Just-in-Time VM Access in Azure”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[48,49],"tags":[22,26],"class_list":["post-230","post","type-post","status-publish","format-standard","hentry","category-cloud","category-microsoft-azure-cloud","tag-azure","tag-security"],"yoast_head":"\nJust-in-Time VM Access in Azure • Gregory Klonis IT Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Just-in-Time VM Access in Azure • Gregory Klonis IT Blog\" \/>\n<meta property=\"og:description\" content=\"Azure Just-in-Time VM Access is a great option to control when engineers need to work in their VM\u2019s with RDP in to the system. Let\u2019s assume they work 1 hour per day on servers. so, keeping port open for 24 hours is a risk.Using Just-in-Time VM Access we can limit the time it keeps RDP … Continue reading "Just-in-Time VM Access in Azure"\" \/>\n<meta property=\"og:url\" content=\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure\" \/>\n<meta property=\"og:site_name\" content=\"Gregory Klonis IT Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/gklonis\/\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/gklonis\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-14T07:12:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-13T13:54:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/media\/security-center-just-in-time\/jit-config-security-center.gif\" \/>\n<meta name=\"author\" content=\"gklonis\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@gklonis\" \/>\n<meta name=\"twitter:site\" content=\"@gklonis\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"gklonis\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#article\",\"isPartOf\":{\"@id\":\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure\"},\"author\":{\"name\":\"gklonis\",\"@id\":\"https:\/\/greg.klonis.gr\/#\/schema\/person\/94626c43ab702708882d359305b7fd04\"},\"headline\":\"Just-in-Time VM Access in Azure\",\"datePublished\":\"2021-07-14T07:12:00+00:00\",\"dateModified\":\"2021-10-13T13:54:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure\"},\"wordCount\":190,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/greg.klonis.gr\/#\/schema\/person\/94626c43ab702708882d359305b7fd04\"},\"image\":{\"@id\":\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#primaryimage\"},\"thumbnailUrl\":\"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/media\/security-center-just-in-time\/jit-config-security-center.gif\",\"keywords\":[\"Azure\",\"Security\"],\"articleSection\":[\"Cloud\",\"Microsoft Azure\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure\",\"url\":\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure\",\"name\":\"Just-in-Time VM Access in Azure • Gregory Klonis IT Blog\",\"isPartOf\":{\"@id\":\"https:\/\/greg.klonis.gr\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#primaryimage\"},\"image\":{\"@id\":\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#primaryimage\"},\"thumbnailUrl\":\"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/media\/security-center-just-in-time\/jit-config-security-center.gif\",\"datePublished\":\"2021-07-14T07:12:00+00:00\",\"dateModified\":\"2021-10-13T13:54:33+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#primaryimage\",\"url\":\"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/media\/security-center-just-in-time\/jit-config-security-center.gif\",\"contentUrl\":\"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/media\/security-center-just-in-time\/jit-config-security-center.gif\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/greg.klonis.gr\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Just-in-Time VM Access in Azure\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/greg.klonis.gr\/#website\",\"url\":\"https:\/\/greg.klonis.gr\/\",\"name\":\"Gregory Klonis IT Blog\",\"description\":\"IT Infrastructure Blog\",\"publisher\":{\"@id\":\"https:\/\/greg.klonis.gr\/#\/schema\/person\/94626c43ab702708882d359305b7fd04\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/greg.klonis.gr\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/greg.klonis.gr\/#\/schema\/person\/94626c43ab702708882d359305b7fd04\",\"name\":\"gklonis\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/greg.klonis.gr\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/greg.klonis.gr\/wp-content\/uploads\/2025\/03\/cropped-Removal-489.png\",\"contentUrl\":\"https:\/\/greg.klonis.gr\/wp-content\/uploads\/2025\/03\/cropped-Removal-489.png\",\"width\":240,\"height\":136,\"caption\":\"gklonis\"},\"logo\":{\"@id\":\"https:\/\/greg.klonis.gr\/#\/schema\/person\/image\/\"},\"sameAs\":[\"http:\/\/greg.klonis.gr\",\"https:\/\/www.facebook.com\/gklonis\/\",\"https:\/\/www.linkedin.com\/in\/gklonis\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Just-in-Time VM Access in Azure • Gregory Klonis IT Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure","og_locale":"en_US","og_type":"article","og_title":"Just-in-Time VM Access in Azure • Gregory Klonis IT Blog","og_description":"Azure Just-in-Time VM Access is a great option to control when engineers need to work in their VM\u2019s with RDP in to the system. Let\u2019s assume they work 1 hour per day on servers. so, keeping port open for 24 hours is a risk.Using Just-in-Time VM Access we can limit the time it keeps RDP … Continue reading \"Just-in-Time VM Access in Azure\"","og_url":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure","og_site_name":"Gregory Klonis IT Blog","article_publisher":"https:\/\/www.facebook.com\/gklonis\/","article_author":"https:\/\/www.facebook.com\/gklonis\/","article_published_time":"2021-07-14T07:12:00+00:00","article_modified_time":"2021-10-13T13:54:33+00:00","og_image":[{"url":"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/media\/security-center-just-in-time\/jit-config-security-center.gif","type":"","width":"","height":""}],"author":"gklonis","twitter_card":"summary_large_image","twitter_creator":"@gklonis","twitter_site":"@gklonis","twitter_misc":{"Written by":"gklonis","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#article","isPartOf":{"@id":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure"},"author":{"name":"gklonis","@id":"https:\/\/greg.klonis.gr\/#\/schema\/person\/94626c43ab702708882d359305b7fd04"},"headline":"Just-in-Time VM Access in Azure","datePublished":"2021-07-14T07:12:00+00:00","dateModified":"2021-10-13T13:54:33+00:00","mainEntityOfPage":{"@id":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure"},"wordCount":190,"commentCount":0,"publisher":{"@id":"https:\/\/greg.klonis.gr\/#\/schema\/person\/94626c43ab702708882d359305b7fd04"},"image":{"@id":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#primaryimage"},"thumbnailUrl":"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/media\/security-center-just-in-time\/jit-config-security-center.gif","keywords":["Azure","Security"],"articleSection":["Cloud","Microsoft Azure"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#respond"]}]},{"@type":"WebPage","@id":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure","url":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure","name":"Just-in-Time VM Access in Azure • Gregory Klonis IT Blog","isPartOf":{"@id":"https:\/\/greg.klonis.gr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#primaryimage"},"image":{"@id":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#primaryimage"},"thumbnailUrl":"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/media\/security-center-just-in-time\/jit-config-security-center.gif","datePublished":"2021-07-14T07:12:00+00:00","dateModified":"2021-10-13T13:54:33+00:00","breadcrumb":{"@id":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#primaryimage","url":"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/media\/security-center-just-in-time\/jit-config-security-center.gif","contentUrl":"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/media\/security-center-just-in-time\/jit-config-security-center.gif"},{"@type":"BreadcrumbList","@id":"https:\/\/greg.klonis.gr\/index.php\/just-in-time-vm-access-in-azure#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/greg.klonis.gr\/"},{"@type":"ListItem","position":2,"name":"Just-in-Time VM Access in Azure"}]},{"@type":"WebSite","@id":"https:\/\/greg.klonis.gr\/#website","url":"https:\/\/greg.klonis.gr\/","name":"Gregory Klonis IT Blog","description":"IT Infrastructure Blog","publisher":{"@id":"https:\/\/greg.klonis.gr\/#\/schema\/person\/94626c43ab702708882d359305b7fd04"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/greg.klonis.gr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/greg.klonis.gr\/#\/schema\/person\/94626c43ab702708882d359305b7fd04","name":"gklonis","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/greg.klonis.gr\/#\/schema\/person\/image\/","url":"https:\/\/greg.klonis.gr\/wp-content\/uploads\/2025\/03\/cropped-Removal-489.png","contentUrl":"https:\/\/greg.klonis.gr\/wp-content\/uploads\/2025\/03\/cropped-Removal-489.png","width":240,"height":136,"caption":"gklonis"},"logo":{"@id":"https:\/\/greg.klonis.gr\/#\/schema\/person\/image\/"},"sameAs":["http:\/\/greg.klonis.gr","https:\/\/www.facebook.com\/gklonis\/","https:\/\/www.linkedin.com\/in\/gklonis\/"]}]}},"_links":{"self":[{"href":"https:\/\/greg.klonis.gr\/index.php\/wp-json\/wp\/v2\/posts\/230","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/greg.klonis.gr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/greg.klonis.gr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/greg.klonis.gr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/greg.klonis.gr\/index.php\/wp-json\/wp\/v2\/comments?post=230"}],"version-history":[{"count":2,"href":"https:\/\/greg.klonis.gr\/index.php\/wp-json\/wp\/v2\/posts\/230\/revisions"}],"predecessor-version":[{"id":232,"href":"https:\/\/greg.klonis.gr\/index.php\/wp-json\/wp\/v2\/posts\/230\/revisions\/232"}],"wp:attachment":[{"href":"https:\/\/greg.klonis.gr\/index.php\/wp-json\/wp\/v2\/media?parent=230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/greg.klonis.gr\/index.php\/wp-json\/wp\/v2\/categories?post=230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/greg.klonis.gr\/index.php\/wp-json\/wp\/v2\/tags?post=230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}