Skip to content

Commit ed014bf

Browse files
ktoliverktoliver
authored
Merge pull request #43370 from scheffler/patch-1
Correct permissions for requesting JIT access
2 parents 3cfc542 + 2810c6d commit ed014bf

File tree

1 file changed

+2
-3
lines changed

1 file changed

+2
-3
lines changed

articles/security-center/security-center-just-in-time.md

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -44,9 +44,8 @@ When a user requests access to a VM, Security Center checks that the user has [R
4444

4545
| To enable a user to: | Permissions to set|
4646
| --- | --- |
47-
| Configure or edit a JIT policy for a VM | *Assign these actions to the role:* <ul><li>On the scope of a subscription or Resource Group that is associated with the VM:<br/> ```Microsoft.Security/locations/jitNetworkAccessPolicies/write``` </li><li> On the scope of a subscription or Resource Group or VM: <br/>```Microsoft.Compute/virtualMachines/write```</li></ul> |
48-
| ||
49-
|Request JIT access to a VM | *Assign these actions to the user:* <ul><li>On the scope of a subscription or Resource Group that is associated with the VM:<br/> ```Microsoft.Security/locations/jitNetworkAccessPolicies/initiate/action``` </li><li> On the scope of a Subscription or Resource Group or VM:<br/> ```Microsoft.Compute/virtualMachines/read``` </li></ul>|
47+
| Configure or edit a JIT policy for a VM | *Assign these actions to the role:* <ul><li>On the scope of a subscription or resource group that is associated with the VM:<br/> `Microsoft.Security/locations/jitNetworkAccessPolicies/write` </li><li> On the scope of a subscription or resource group or VM: <br/>`Microsoft.Compute/virtualMachines/write`</li></ul> |
48+
|Request JIT access to a VM | *Assign these actions to the user:* <ul><li>On the scope of a subscription or resource group that is associated with the VM:<br/> `Microsoft.Security/locations/jitNetworkAccessPolicies/initiate/action` </li><li>On the scope of a subscription or resource group that is associated with the VM:<br/> `Microsoft.Security/locations/jitNetworkAccessPolicies/*/read` </li><li> On the scope of a subscription or resource group or VM:<br/> `Microsoft.Compute/virtualMachines/read` </li><li> On the scope of a subscription or resource group or VM:<br/> `Microsoft.Network/networkInterfaces/*/read` </li></ul>|
5049

5150

5251
## Configure JIT on a VM

0 commit comments

Comments
 (0)