使用ARM模板或Azure策略应用JIT accesspolicy [英] Apply JIT accesspolicy using either an ARM template or an Azure Policy

问题描述

是否有人知道是否可以将JIT访问策略应用于Azure VM ARM模板或使用应用于VM的Azure策略？

Does anyone know if it is possible to apply the JIT access policy to an Azure VM just using an ARM template or using an Azure Policy applied to a VM?

我为我的组织定义了许多基础模板（以便始终应用默认值），安全中心始终建议使用JIT已经应用于VM了。

I am defining a number of foundation templates for my organization (so that the defaults are always applied) and Security Centre always suggests that JIT is applied to the VM's.

我真的不想手动激活JIT策略后期配置，因此最好以自动方式进行。 因为我们使用ARM模板（和蓝图），所以最好使用它来实现PowerShell后期部署步骤而不是使用
。

I really don't want to have to manually activate the JIT policy post provisioning so doing it in an automated manner would be preferred.  Because we are using ARM templates (and Blueprints), it would be better to do it using this rather than having to implement a PowerShell post deployment step.

干杯，

Andy

推荐答案

你好， 

Hello, 

目前无法通过ARM模板或Azure策略在VM上启用JIT访问。 

Currently it's not possible to enable JIT access on a VM through ARM templates or with Azure policies. 

PS和REST API是唯一可用于自动执行此操作的方法。您可以详细了解这些

此处。我建议将此作为反馈请求发布
here ，以便产品团队可以考虑添加此功能。 

PS and REST API's are the only methods available to automate this. You can learn more about these here. I would recommend posting this as a feedback request here, so that product team can consider adding this feature. 

这篇关于使用ARM模板或Azure策略应用JIT accesspolicy的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！