Just In Time access vs Azure Policy

Copper Contributor

I have setup an Azure Policy that blocks the creation of NSG rule with 3389 from an Any source. This works as expected when I try to create NSG rules manually. However with JIT from the security center it will still allow the creation of NSG rules from Any source.


Is there any way to prevent this action or to change the default option from the VM blade to by My IP rather than any ip?



2 Replies

Hi @nathanmitten, I don't think this is something you need to work out on your system - it seems like something that shouldn't be happening on anyone's environment. We suggest you contact support, and they'll help you find a solution (or escalate it if this needs to be fixed).


Sorry if it's been a long while since you posted this but I just ran into the same issue. May I ask you if you had to work with support to work through this?

Thank you for your time,