Forum Discussion
when vm is enabled for JIT access, this rule denies virtual network access. If you wish to allow access to your virtual network, add an inbound rule with higher priority to Allow VirtualNetwork to VirtualNetwork.
If you want to remove JIT access to you VM you can do it from
Microsoft Defender for Cloud->Workload protection->Just in time access -> configured ->( Select the VM and remove it from configuration)
Thanks for your reply!
When adding a rule with higher priority, azur creates or updates a rule, to again lock the port after some time.
So I have to remove the JIT access of the VM. When navigating to Microsoft Defender for Cloud, it looks like Microsoft Defender is not even active:
Is there another way to remove the JIT-Access?
- Matan_ShabtayOct 06, 2023Microsoft
You may have some JIT policy that was some how created even when your subscription doesnt have Defender for Servers enabled.
Try to delete that JIT policy using API.
Go to Azure portal API playground by following this link
https://ms.portal.azure.com/#view/Microsoft_Azure_Resources/ArmPlayground
List all the JIT policies under your subscription using the api described here
Find the JIT policy associated with that VM and delete it