Ensure that Microsoft Azure virtual machines are configured to use Just-in-Time (JIT) access.
Risk
Without JIT access, management ports such as 22 (SSH) and 3389 (RDP) may be exposed, increasing the risk of brute-force and DDoS attacks.
Run this check with Prowler CLI
prowler azure --checks vm_jit_access_enabled
Recommendation
Enable Just-in-Time (JIT) network access for your Microsoft Azure virtual machines using the Azure Portal under Security Center > Just-in-time VM access.
Remediation
CLI
az security jit-policy list --query '[].virtualMachines[].id | []'
Other
JIT access can only be enabled via the Azure Portal. Ensure Security Center standard pricing tier for servers is enabled.
Source Code
Resource Type
Microsoft.Compute/virtualMachines