Is just-in-time access supported for VMSS with Bastion

Jan Turecek 1 Reputation point
2021-09-15T20:03:22.39+00:00

I would like to enable just-in-time access via Azure Security for VMSSs (virtual machine scale sets) that have bastion hosts for RDP/ssh access. I don't see any documentation on how to do this for a VMSS, only standalone VMs. There is a link that shows up when I use bastion to connect to one of the VMs in the VMSS that says "To improve security, enable just-in-time access on this VM", but clicking it just goes back to the VM instance page where there is no way to enable it.

Azure Bastion
Azure Bastion
An Azure service that provides private and fully managed Remote Desktop Protocol (RDP) and Secure Shell (SSH) access to virtual machines.
241 questions
Azure Virtual Machine Scale Sets
Azure Virtual Machine Scale Sets
Azure compute resources that are used to create and manage groups of heterogeneous load-balanced virtual machines.
345 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. prmanhas-MSFT 17,886 Reputation points Microsoft Employee
    2021-09-24T07:06:49.957+00:00

    @Jan Turecek Apologies for the delay in response and all the inconvenience caused because of the issue.

    I had discussion internally and got to know that Azure Security Center JIT currently cannot be enabled for scale set VMs, only individual VMs. This is not a supported scenario yet but this feedback is already into pipeline and there might be updates on same by next semester. Currently we do not have an ETA on this but rest assured it is being worked upon.

    Hope it helps!!!

    Please "Accept as Answer" if it helped so it can help others in community looking for help on similar topics.

    0 comments