Azure Security Center—Improved just-in-time experience
Published date: March 11, 2020
The features, operation, and UI for Azure Security Center’s just-in-time tools that secure your management ports have been enhanced as follows:
- Justification field—When requesting access to a virtual machine (VM) through the just-in-time page of the Azure portal, a new optional field is available to enter a justification for the request. Information entered into this field can be tracked in the activity log.
- Automatic cleanup of redundant just-in-time (JIT) rules—Whenever you update a JIT policy, a cleanup tool automatically runs to check the validity of your entire ruleset. The tool looks for mismatches between rules in your policy and rules in the NSG. If the cleanup tool finds a mismatch, it determines the cause and, when it's safe to do so, removes built-in rules that aren't needed any more. The cleaner never deletes rules that you've created.