Azure Lighthouse: Prepare and Onboard Customers

By | November 10, 2020
0 Comment

Azure Lighthouse enables cross- and multi-tenant management, allowing for higher automation, scalability, and enhanced governance across resources and tenants. If you are a managed service provider, it is a great way to view your customers resources from a single pane of glass.

What will this Post Cover?

In this post we will cover using my PowerShell script to onboard a customer subscription. You should already have your JSON templates created for a customer subscription. If you have not, please follow this article to get the templates created.

Pre-Requisites

  • Owner access to the subscription you wish to onboard
  • Az module installed on the PC where the script will run
  • Your management and parameters template stored on the computer where the script will run

Download Script

Open a PowerShell window and use the following to download the script from GitHub. Change the $Path parameter to where you want to save the output. E.g ‘C:\temp\’

$Path = ''
(Invoke-WebRequest -Uri https://raw.githubusercontent.com/decturau/PowerShell-Scripts/main/Azure/Deploy-Lighthouse.ps1).Content | Out-File $Path\Deploy-Lighthouse.ps1

Running the Onboarding Script

Ensure you have the location of your management and parameters template for your Lighthouse offer. Open PowerShell and change the directory to where script resides. If you used the code snippet above to download the script, you can use the same $Path parameter. 

$Path = ''
Set-Location $Path

You will need to specify the following parameters for the deployment.

  • DelegateJSONPath – This is the location of your management template. E.g. C:\temp\delegatedResourceManagement.json
  • ParamJSONPath – This is the location of your parameter template. E.g. C:\temp\delegatedResourceManagement.parameters.json
  • Name – This will be the name of the deployment. E.g. Lighthouse Offer.
  • Location – This is the location of the deployment. E.g. canadaeast (If you don’t know the location alias, you can run (Get-AzLocation).Location to get a list of locations.

The script is interactive and you will be required to enter information such as TenantId and SubscriptionId. This will be presented to you before you are required to choose. Ensure you have owner permissions on the subscription. Go ahead and run the script like the example below. 

.\Deploy-Lighthose.ps1 -Name 'Offer1' -Location 'canadaeast' -DelegateJSONPath 'C:\temp\delegatedResourceManagement.json' -ParamJSONPath 'C:\temp\delegatedResourceManagement.parameters.json'

Confirm the deployment was successful.

On the customer Azure portal, confirm you can see the delegation by going to this blade.

Related Posts