Share via

Customize Just in Time priority order rule on the NSG

Nico Marino 31 Reputation points
2023-02-21T10:07:34.34+00:00

Hi There!

As per the documentation, it looks "Azure Just in Time" adds an NSG "100" priority rule when enabled!

Is there any way to customize that priority, for example setting it as 200 (instead of 100)?

Thank you.

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,762 questions
0 comments
Accepted answer
  1. Carlos Solís Salazar 18,191 Reputation points MVP Volunteer Moderator
    2023-02-23T13:13:54.42+00:00

    Thank you for asking this question on the Microsoft Q&A Platform.

    According to the documentation

    If other rules already exist for the selected ports, then those existing rules take priority over the new "deny all inbound traffic" rules. If there are no existing rules on the selected ports, then the new rules take top priority in the NSG and Azure Firewall.

    Source: https://learn.microsoft.com/en-us/azure/defender-for-cloud/just-in-time-access-overview?tabs=defender-for-container-arch-aks#how-jit-operates-with-network-resources-in-azure-and-aws

    So, the new rule always will assign the top priority to the selected port, however, if you already created a rule for a port, your rule will be prioritized.

    Hope this helps!

    Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.

    NOTE: To answer you as quickly as possible, please mention me in your reply.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.