In this blog, I will explain roughly what Azure Lighthouse is, why you want to use it, and provide a quickstart on how you implement it. What is Azure Lighthouse?
We all know the struggle of switching from tenant to tenant, the endless vaults and registers with credentials, carrying out the same (management) activities over and over again in different environments, and simply missing a centralized view of all (customer) environments. With Azure Lighthouse, multiple tenants can be managed, automated, and scaled, with improved governance in resources and tenants.
In this blog, I will explain roughly what Azure Lighthouse is, why you want to use it, and provide a quickstart on how you implement it.
_Azure Lighthouse offers service providers a single control plane to view and manage Azure across all their customers with higher automation, scale, and enhanced governance. With Azure Lighthouse, service providers can deliver managed services using comprehensive and robust management tooling built into the Azure platform. This offering can also benefit enterprise IT organizations managing resources across multiple tenants. — [What is Azure Lighthouse? — Azure Lighthouse | Microsoft Docs_](https://docs.microsoft.com/en-us/azure/lighthouse/overview)
The above quote sounds great, but it is still a bit cryptic. What it’s trying to tell is that Azure Lighthouse offers several ways to simplify management and improve engagement with customers.
With delegated management, the management of your customers’ Azure resources can be done securely from the service provider’s tenant, without having to switch contexts and control planes. Customer subscriptions and resource groups can be delegated to specified users and roles in the managing tenant, with the option to remove access if necessary. Lighthouse provides the ability to collect resources that sit under one Azure AD tenant and project them into another tenant.
The Azure portal integration with Lighthouse provides cross-tenant information on the “My Customers” page in the Azure portal. For customers, there is an associated service providers page, where they can view and manage access from their service provider.
The “What” section of this blog covered some of the reasons why you should be thrilled to use Azure Lighthouse. Azure Lighthouse helps the service provider (or shared services center) build and deliver managed services efficiently.
Azure Lighthouse eliminates the need to add guest user accounts in the customer’s Azure Active Directory. Customers are often against this because of security, privacy, and compliance requirements. With the delegated resource management capabilities the service provider is still able to access and manage the environment. This also makes it possible to manage from one view, without and instead of having to switch between tenants.
Furthermore, it enables existing APIs, management tools and workflows to be used with delegated resources, including machines hosted outside of Azure, regardless of the regions they are in. This makes customer engagement and lifecycle activities to manage customer resources simpler and more scalable.
Through Azure Lighthouse, customers enjoy the convenience of one central point to see what access service providers have to the customer’s subscription. Customers maintain visibility and precise control over the scopes they delegate for administration and the permissions they are allowed. They can monitor the actions of the service provider and remove access completely if and when desired.
There are also some other advantages, for example, the transparent provision of applications via the marketplace where the responsibility for management and support must be retained. For these and other detailed features, it is best to consult the Microsoft documents here.
And to top it all off: there is no additional cost to use Azure Lighthouse to manage Azure resources. Any Azure customer or partner can use Azure Lighthouse!
Mismanagement of multi-cloud expense costs an arm and leg to business and its management has become a major pain point. Here we break down some crucial tips to take some of the management challenges off your plate and help you optimize your cloud spend.
During the recent Ignite virtual conference, Microsoft announced several updates for their Azure multi-cloud and edge hybrid offerings. These updates span from security innovations to new edge capabilities.
Storing and managing corporate data by applying the cloud is becoming more and more popular. Companies grow, and it gets too expensive, and resources consuming to store their data on traditional servers. To prove it, look at the research conducted by Google in 2019 that includes insights for the cloud computing market for the next 10 years.
Microsoft recently announced the general availability of Azure Attestation, a unified solution for remotely verifying the trustworthiness of a platform and the integrity of the binaries running inside it.
Recently Microsoft launched its Azure Space initiative as a further push of cloud computing towards space. This initiative by the public cloud vendor consists of several products and partnerships to position Azure as a critical player in the space- and satellite-related connectivity and compute part of the cloud market.