Skip to main content
Skip table of contents

Azure Lighthouse Explained

Unlock the Full Potential of Your Azure Experience with SoftwareOne and Azure Lighthouse!

Are you ready to revolutionize how your Azure environment is managed? With Azure Lighthouse, you’ll experience a whole new level of efficiency, transparency, and control. Let us take the hassle out of managing multiple Azure environments, so you can focus on what truly matters: growing your business.

What is Azure Lighthouse?

Azure Lighthouse is the ultimate solution for seamless multi-tenant management. At SoftwareOne, we use this service to deliver top-tier management across your Azure environments with unmatched scalability, automation, and governance. Here’s why it’s a game-changer:

  • Cross-tenant management: Manage multiple environments in one place without the need to switch between accounts; saving you both time and effort.

  • Scalability: With automation and standard processes, we handle an unlimited number of customers efficiently, no matter how large your Azure footprint.

  • Enhanced Governance: We operate with full transparency, giving you peace of mind as all activities are logged and visible to both you and SoftwareOne.

Why Azure Lighthouse is Crucial for Your Business?

Azure Lighthouse empowers you with full control and complete transparency while receiving expert management and support from SoftwareOne.

  1. Full Access Control: You decide who accesses your environment, which resources they can manage, and what actions are permitted. You’re always in control, even when working with service providers like us.

  2. Complete Transparency: Every action taken by SoftwareOne is logged in the Azure Activity Log, giving you full visibility into what changes are made, when, and by whom.

  3. Top-Notch Security and Governance: Rest easy knowing that our support engineers only have read-only access unless you grant explicit permission for higher-level actions; keeping your environment secure!

How Azure Lighthouse Elevates SoftwareOne’s Service?

With Azure Lighthouse, SoftwareOne delivers a streamlined and secure management experience, optimized for performance at every scale.

  1. Efficient Service Delivery: We provide top-tier managed services without the complexity of managing each tenant separately. Our focus is on delivering the best service, faster.

  2. Scalable Management: Thanks to automation, SoftwareOne manages multiple customers effortlessly, reducing operational costs and improving service consistency.

  3. Security First: We follow strict role-based access protocols, ensuring that our team only gets elevated access with your explicit approval, minimizing any potential risks.

What Happens if You Don’t Activate Azure Lighthouse?

Not activating Azure Lighthouse may result in significant drawbacks for both of us.

  1. For You (Customers):

    • Limited Visibility and Control: Customers would have less granular control over which service providers can access their environments and what actions they can perform.

    • Higher Costs: For customers with a CSP agreement with SoftwareOne, removing Azure Lighthouse access can result in increased Azure charges due to the lack of optimized management capabilities.

  2. For SoftwareOne:

    • Inefficient Management: Without Azure Lighthouse, SoftwareOne would face increased complexity when managing multiple customers, reducing the efficiency of service delivery.

    • Security Risks: Without built-in governance and role-based access controls, there would be a higher risk of unauthorized actions within customer environments.

Still got questions? Reach out to your Onboarding Manager or Service Delivery Manager.

 Lighthouse Access Levels

Microsoft Lighthouse is used for administration of Azure in addition to the GDAP for Azure which it leverages.

For a customer’s Azure subscription a link will be sent to authorize Lighthouse usage. Lighthouse is an enterprise application, hosted by Microsoft in Azure and it needs to be trusted as an application in the customer tenant. 

Lighthouse Access for Azure

Service Impact

Standard Access

·       Default State: Reader Access

·       During Incident or service Request: Privileged access (Contributor Role, Log Analytics Contributor Role, Managed Services Registration assignment Delete Role and User Access Administrator Role) is temporarily granted in case of an Incident or Service Request with approval of their SoftwareOne supervisor and of the Customer.

·       All activities are logged in Azure Activity Log by default for ninety (90) days.

·       No Foreign Principle required.

 

·       Support engineers can perform management operations or support on Customer’s Cloud Accounts, including service requests and incidents

·       SoftwareOne can escalate to Microsoft on behalf of the Customer

Limited Access

 ·       Reader.

·       Support request contributor.

·       Logs are also kept for 90 days on customers tenant (default MS access logs).

 

·       Support engineers can perform management operations or support on Customer’s Cloud Accounts, including service requests and incidents

·       SoftwareOne can escalate to Microsoft on behalf of the Customer for subscription located resources – Tenant level access is not possible using Lighthouse.

Restricted Access

No Lighthouse or Foreign Principle privileges are allowed for SoftwareOne to access the customer’s Azure cloud.

 

·       Not supported, because SoftwareOne cannot directly resolve incidents on customer’s cloud platform AND SoftwareOne cannot escalate to Microsoft.

 

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close