GDAP Vs Azure Lighthouse
Granular Delegated Admin Privileges (GDAP) vs. Azure Lighthouse: How They Differ and Why Service Providers like SoftwareOne Need Both?
Azure Lighthouse is a Microsoft service that enables SoftwareOne to manage multiple customer tenants with enhanced scalability, automation, and governance across delegated azure subscriptions and resources.
Granular Delegated Admin Privileges (GDAP) is a security feature that allows SoftwareOne to access customer’s Microsoft workloads in a time-bound manner.
Here are some ways Azure Lighthouse and GDAP differ:
Feature | Granular Delegated Admin Privileges (GDAP) | Azure Lighthouse |
Scope | All key Microsoft workloads including azure | Azure resources and subscriptions |
Access | Least privileged access | Multi and crossed tenant view based on delegated permissions |
Primary Purpose | Granular control for Microsoft 365 support | Centralized, scalable management for Azure |
Access Method | Role-based permissions for Microsoft 365 tasks | ARM-based roles and policies for Azure resources |
GDAP and Azure Lighthouse operate separately, providing control over their respective environments without overlap.
How They Work Together for Complete Cloud Management?
GDAP enables SoftwareOne with granular, least-privilege access to manage Microsoft workloads, keeping permissions limited to what’s necessary.
Azure Lighthouse allows scalable, centralized control over your Azure environment, enabling efficient multi-tenant Azure management through single plane.
Using GDAP and Azure Lighthouse independently provides streamlined, secure support across all your cloud environments, giving SoftwareOne the right level of access for each platform.