Introduction
Azure Lighthouse enables multitenant management with scalability, higher automation, and enhanced governance across resources. This helps service providers access their customers’ Azure environments to provide technical services.
With Azure Lighthouse, service providers can sign in to their own Azure tenant, then access resources that customers have delegated. Customers maintain control over who has access to their tenant, which resources they can access, and what actions can be taken.
In this module, you work for Contoso, an organization that delivers technical services to customers (also known as a Managed Service Provider or MSP). Contoso signed managed service contracts with multiple customers, who are relying on Contoso to manage their Azure resources for them. Customers onlyThe customers want Contoso to have only the access and privileges needed to carry out the administration, maintenance, and governance activities that are specified in the contracts. Contoso wants to make it easy for its staff to perform these tasks.
You need to understand the capabilities of Azure Lighthouse, how it works, and whether it’s a good option for Contoso to use to manage its customers’ Azure environments.
Learning objectives
After completing this module, you'll be able to:
- Evaluate whether Azure Lighthouse is appropriate for a service provider who is managing customer resources.
- Describe how the cross-tenant delegation feature of Azure Lighthouse enables customers to grant access for a service provider to manage specific resources.