Managing cross Tenant Sentinel Workspace using the Azure Light House capabilities.
Updated: Mar 3, 2022
This blog talks about configuring the test environment for the Azure Lighthouse and Sentinel. Here I am sharing my learning. This is just meant for learning purpose not for the production environment. Views are my own and it has nothing to do with my employer.
Azure Lighthouse provides capability for cross-tenancy management of Azure services for Managed Service Providers (MSPs) and organizations with multiple Azure tenants, all from a single Azure portal. Here I am preparing the “Light House demo” Environment. I am planning demo environment on a scenario where: -
· Sentinel workspace ‘Second-Workspace’ is part of the subscription ‘Keshav- Azure Pass – Sponsorship’ of the Subscription and Tenant. Details are below: -
Steps in the Managing tenant: -
· Create the “ARM Template” from the managing Tenant. So, in my case I will be managing the Sentinel ‘Second-Workspace’ from the subscription ‘Keshav Azure Subscription’.
· So, as first step go to “My customers” on Azure Portal. And start creating the ARM template.
· Click on ‘Create ARM Template’.
· Fill the name and description. Select the option “Subscription”.
· Click on add ‘Authorization’ and follow the below image. Here you need to select the user which will be doing the management. And select the required role. Since it’s a demo environment so I am selecting the role like “Microsoft Sentinel Contributor”.
· Click on view ‘Template’. And download this. And save this ARM template.
Now, open the other Azure Portal (the one which you want to manage) in other browser.
- Go to Service providers. And select ‘Service providers.
- Here select “+ ADD Offer’. And select ‘Add Via a Template.
- Upload the ARM template that we generated in previous steps.
- This will take you to the ‘ARM template Deployment’ page.
- Here review the details and click on ‘create’.
- And we are done with the steps.
- Go to the ‘Service Provider’. And select Service Providers Offers. Here you can see the ‘ Demo-LightHouse’ which we configured in the managing tenant.
Now, Further login back to the managing tenant and subscriptions :-
- Go the subscription and you can see this :-
- And now go the sentinel and here you can see this :-
Note: Above steps are only for the learning and demo purpose. These steps are only meant for testing purpose. If you want to create this for the production environment, then follow the Microsoft articles.