What is Azure Lighthouse?

The multi-tenant management with increased scalability, automation, and resource governance is done with the help of Azure Lighthouse.

Service providers can utilize Azure Lighthouse to deliver managed services leveraging the Azure platform's broad and robust capabilities.

With the help of this service, the customers can have the complete control on who has access to what resources and what their tenants have access to, and what actions they can take. Enterprise IT firms that manage resources across different tenants may profit from this service.

Benefits

Azure Lighthouse makes it easier for service providers to create and provide managed services. The following are some of the advantages:

• Management at scale: Now it is simpler and more scalable to do the Customer engagement and life-cycle operations for managing customer resources. Delegated resources, including computers hosted outside of Azure, can be used using existing APIs, management tools, and workflows, regardless of the regions in which they're situated.
• Greater visibility and control for customers: Customers have complete control over the scopes of management they assign and the permissions that are granted. They have the ability to examine service provider, behaviour and, if necessary, they can fully remove access.
• Comprehensive and unified platform tooling: This adaptability supports a variety of service provider scenarios, including EA, CSP, and pay-as-you-go licensing models.

Capabilities

Azure Lighthouse has a number of features that can aid with engagement and management:

• Azure delegated resource management: In the controlling tenant, customer subscriptions and resource groups can be assigned to certain users and responsibilities, with the flexibility to withdraw access as needed.
• New Azure portal experiences: Customers can monitor and manage their service provider access on the related Service providers page.
• Azure Resource Manager templates: Customers can check and adjust their service provider access on a dedicated website for them.
• Managed Service offers in Azure Marketplace: Customers can sign up for the services through private or public offers, and they'll be automatically added to Azure Lighthouse.

Tip

Microsoft 365 Lighthouse, a comparable offering, assists service providers in onboarding, monitoring, and managing their Microsoft 365 users at scale. The preview version of Microsoft 365 Lighthouse is presently available.

Pricing and availability

There are no additional fees involved with managing Azure resources using Azure Lighthouse. Azure Lighthouse is available to any Azure client or partner.

Cross-region and cloud considerations

Azure Lighthouse is a service that is not limited to a specific region. We can handle resources that are delegated to us and are located in different areas.

Azure Lighthouse Support

If we need any assistance, then we can open a support ticket. Select Technical as the issue type. Choose a subscription, then Lighthouse (under Monitoring & Management).

Azure Lighthouse architecture

While managing delegated resources at scale with agility and precision, the service providers may use Azure Lighthouse to streamline client engagement and onboarding.

Without having an account in the customer's Azure Active Directory (Azure AD) tenant or being a co-owner of the customer's tenant, authorized users, groups, and service principals can work directly in the context of a customer subscription. Azure delegated resource management is the technique that enables this access.

Delegation resources created in the customer tenant

The registration definition and the registration assignment resources can be accessed via APIs and administrative tools, or we can deal with them directly in the Azure site, and they are created when the customer's resource group is onboarded into the Azure Lighthouse.

Registration assignment

Each registration assignment must relate to a valid subscription-level registration definition, which ties the service provider's authorizations to the delegated scope and therefore grants access.

The Resource Manager can grant access based on the information defined by the resources in certain cases.

The activity log, which is saved in the customer's tenancy, tracks activity from users in the service provider's tenant. This allows the client to see who made the modifications and when they were done.

For more information on this topic visit: https://www.tpointtech.com/what-is-azure-lighthouse

HAPPY LEARNING!!!!