class="news-template-default single single-news postid-1731 wp-custom-logo tribe-no-js">
Azure Lighthouse – Managing all of your customers from one place
~By Alan Kinane
If you have customers with deployments in Azure, then you are probably providing some kind of managed service around this. This managed service that you are providing is likely to include the likes of resource monitoring, service health alerting, security management, service optimisation, policy governance and so on. Azure has a vast and ever-expanding array of services to help with this but the management of all of this has until recently had a natural boundary of the customer’s Microsoft tenant. In other words, each of your customers is managed in a separate context making providing a managed service more time consuming and difficult to scale across customers.
Introducing Azure Lighthouse, this is a free service (or tool) from Microsoft that will allow you to get delegated access to each of your customers’ Azure subscriptions from a single portal and within the same context. This will allow you to view and manage all of the Azure resources across your customer base from the same pane of glass. Let’s take for example a service like Azure Advisor which is a free best practices recommendation tool in the Azure portal. This service can now be used across all of your customers’ Azure subscriptions in a single context showing you a list of recommendations for all of your customers on a single page.
As another example, you can now create Azure resource monitors and alerts or deploy naming convention policies and apply these to all of your customers’ Azure subscriptions from a single portal. Previously this would have had to be done individually for each tenant and would be prone to inconsistency depending on how and when it was set up and difficult to maintain across multiple customers.
In terms of access, you can define multiple security groups within your own partner tenant and assign members with different levels of access. For example, you may want to create a group of users who audit and assess Azure environments but only require ‘reader’ access to your customers’ Azure resources. Then you can have a second security group who have full ‘contributor’ access and can make changes to the deployments where required. Access can be assigned to an entire customer Azure subscription or just to individual resource groups within the subscription.
To onboard your customers to Azure Lighthouse you have the option of publishing your managed service “offer” to the Azure marketplace. Your customer can then add this offer themselves if they have the required access to their subscriptions.
Alternatively, you can define an Azure Resource Manager (ARM) template for your offer and deploy this on each of your customers’ tenants.
Please get in contact with us here in MicroWarehouse for assistance with this onboarding process or why not attend my upcoming webinar “Land Ahoy! Microsoft Azure Lighthouse” on Thursday, 10th October @ 2pm. Open to all Microwarehouse partners, you can Register here>>.
Not a MicroWarehouse Partner? Click here become one!