Hey friends, did you know that
you can manage hundreds of customers, thousands of
subscriptions and millions of resources all within a single
control plane? Archana is here to show me how with Azure
Lighthouse will see how service providers are delivering managed
services using comprehensive management tools in Azure today
on Azure Friday. Hey friends, I'm Scott Hanselman
in its Azure fried him here with Archana Balakrishnan. We're
talking about Azure Lighthouse. How are you? Fantastic. How are you Scott?
I'm very well. I'm learning all kinds of fun things on Azure
Friday and I love it when people bring me cool things. An Azure
lighthouses, one of those because it let's you manage
things at scale. What is the problem that Azure Lighthouse solves for people? So partners
do amazing things on Azure and really we have a built Azure
always for enterprises and with Azure lighthouse, what we're
trying to do is address the needs of those partners, right?
Partners who are managing hundreds of customers, how could
they have a comprehensive management tool natively in
Azure to manage maybe thousands of subscriptions and millions of
resources? It helps them automate game visibility. And drive efficiencies to
Delaware. Those services for their customers. Interesting. So
if I were theoretically planning to. I don't know quit the
company. Become an Azure provider. I want to become like
maybe I want to help a mom and pop shop. I want to make people
successful on Azure, but I feel that maybe them signing up for
Azure would be too complicated. Could I potentially use Azure
Lighthouse as someone who would provide those services and kind
of give them to other people? Absolutely yeah you wanna go and
sign up maybe as a partner on our Microsoft Partner Network
and then think about what kind of customers you want to
acquire? Typical mom and pop shop probably wants to go with a
cloud solution provider model so you could very easily register
as a cloud solutions provider, set up an Azure subscription,
purchase an Azure subscription on behalf of your customer. Uh, and let's say this customer
really loves the services that you Delaware. Do you back up
everything on time and make sure their security updates were in
in order and then lo and Behold, in a week you have 200 customers
lining up. You were still a small services provider and now
suddenly you have to scale to serve these 200 customers.
That's really where like house comes in and helps you Delaware.
Those managed services at scale across all of these customers. That sounds like that's not
that's my new retirement plan. Azure lighthouses now here to
what I'm going to do after this. Cool so can you show me what
that looks like absolutely. So here I'm I'm basically logged in
as a customer so I work for Microsoft an I want to go about
looking for some of these service providers like yourself
maybe who are going to go an offer some interesting managed
services for me? So one of the routes, uh, with
which I can discover some of these service providers, is the
marketplace, and so I could go to the Azure marketplace and
look for what are known as managed services offers with
lighthouse. The cool thing is that you don't necessarily need
to go the managed services route. Let's say you're already
working with a partner who is extremely trusted partner of
yours that you could follow this exact same procedure with arm
templates. An onboard to that partner. Uh, but kind of coming
back to the marketplace route. I like this partner. They're
giving me monitoring, management services and so I kind of need
to do is go in here and grab you their offer itself, right? I
could say I'm interested in purchasing managed services for
monitoring, and really this is the Magic of lighthouse, right?
So with lighthouse what I'm doing is I'm giving this partner
or certain level of access. To my customer subscriptions. So
all I do is I click create there and by doing that I'm basically
trusting this partner up to now manage my resources and so as
that partner is getting added I can just skip through and show
you what that would look like. As a customer I would now be
able to view all of the partners who are serving me, right? I may
actually have multiple partners who are serving me an. Particularly, maybe what I want
to do is I want them to manage very specific stuff. So
initially maybe when I don't trust the partner as much, I'm
going to ask them to maybe manage it dev subscription
alone, right? So I could get very granular and ask them to
manage a very small subscription. For example,
right? I could even get as granular as resource groups and
so with this basically what I'm doing is I'm giving this partner
very, very specific access. To my customer environment and
so now it's gone. I'm actually going to switch over to um,
become an play. The role of a service provider. So I'm here
now. Logged in as rally cloud managed services Ann, I want to
go in here and go and look at all of these customers that I'm
managing right? And so I would just pretty much go and look at
these customers. I would be able to see all of these customers
from that single control plane. Right no longer having to log
out. Log into customer one, log out, log into customer 2 right.
There is now a single token that works across all these customers
and so in here you can see that I'm managing contoso Microsoft
wingtip toys global wineries. I can drill down and look at
exactly specifique scopes that I'm managing, right? So, for
example, Microsoft's asked me to manage this library subscription of theirs. A man so I know that
Microsoft has given my global admin contributor access and
then someone called Megan just reader access right? The cool
thing about this is you can have named people have very specific
access or you could have groups right? So let's say I have an
architect's group and tomorrow's cock wants to quit his job and
common work for my partner write an I hire him as an architect. All I kind of need to go and do
is add him to this group and he immediately gets access to all
of those customer environments, right? It's as simple as that
and this is a huge benefit for both partners and customers.
Customers can did you know, don't want to have their
environment exposed? Wotif, Rob leaves MSP one and I no longer
want drop to have access to all of those customers scopes, so
pretty much what I. Come in here and do is delete
drop from this group and he would no longer have access. So
again very specific access. Very easy to manage, no overhead and
truly kind of giving you that single control plan again to
look across all of your customers, but that's not the
only stuff you can do In addition to kind of managing
Azure environment. You can also manage on premises environment,
you can manage other clouds as well through this. So here's an example. Right, so this is a.
This is a customer subscription that Microsoft has delegated to
me and within that subscription itself you can see it's that
same library subscription that Microsoft delegated to me as a
managed services provider. I actually went into my on premises datacenter. Installed
an agent on these machines out there and so these are actually
machines that are sitting in my on premises datacenter that for
Microsoft that I as a partner I'm now able to manage right so
I could do cool things like leverage all of the inbuilt
tooling, the amazing management tooling that's built into Azure
like policies for example and be able to go and audit all of
these VMS that are not maybe set to a specified time zone. Right, and I see, for example,
that this particular machine in that data center is not
compliant than I could go and do the right thing for this
customer and make sure that the VM is set to that time zone. So
with Azure lighthouse you now have a single and unified
control plan, not just to manage your Azure resources, but your
resources across on premises environments across all kinds of
data centers. Another clouds, even right. Similarly, you can
kind of get this single pane of glass views. Uh, so previously,
maybe the way I organized my team was to go customer by
customer and look at what are the high issues impacting
customer want today. Now with a single pane of glass, I don't
have to invest in building these complex scripts and dashboards.
I natively log into Azure security center and I'm able to
view what are the 18 high severity recommendations that
Azure is throwing up for me. Right and now I can really
organize my team to say hey, this is the team that's gonna go
and tackle these 18 high severity issues across all of
the customers I managed. So really a very efficient way for
you to Delaware services avoid the need for repetition across
customers and really also drive a lot of automation,
efficiencies and cost savings, right? One of the features that
are partners love Scott is this thing called back up right. This
is just an example of a backup workbook, so you could go to any
backup Walt. So these walls exist in your customers codes
and then you would pretty much go and click on Black, back up
Explorer and it would launch a workbook like this, right? With
this workbook. What I'm doing is I'm looking at Azure
environments that are managed. Across all of these customers,
across all of these subscriptions and scopes, and
I'm able to very quickly go and say across all these customers,
where is back up not enabled, which particular jobs have field
right? Are there any alerts that I need to go and look at? For
example, right? And so clearly I'm doing a great job because I
don't have any alerts, but I can go and look at more details and
this really is that again, kind of coming back to that messaging
of Azure Lighthouse helps you truly manage. Azure Environment
at scale. It gives you the single pane of glass views. It
allows you to automate deployment. It allows you to
view and manage customers at scale. How do people do this
before? Did they just have to open new tabs in Incognito mode
and remember it doesn't passwords? I mean, how would you
manage thousands of some things before? Previously we you know
we have what are known as guest users, right? So typically every
customer goes in and adds guest users on behalf of the partner.
So imagine your company had 25 employees and you had 100
customers, right? So each customer is going and adding
those 25 employees as guest accounts and then Rob decides to
leave. They need to go and delete. Rob part was really were
doing this with either through scripting, right? So they wrote
these amazing scripts that it log in, log out, log in, log out which. Not so secure. Uhm and
expensive to maintain, right? They kind of have to keep up to
speed with a change. Is making sure that every time a customer
on boards like there on boarded to the right we a lot of
scripting. Pretty much with how partners achieve this before an
investing in expensive tooling to create these single pane of
glass views right? All of which now is bringing the power of the
management platform in Azure to you directly. The lighthouse and
you and the lighthouse team. You all work through like hundreds
of user voices. You talk to partners to understand exactly
what they needed so that they could then refactor their
business processes by subtracting like you don't want
them running scripts. They need this feature and you don't want
them doing Incognito mode tabs. They need this feature so that
lighthouse team is always listening to make sure that the
features in lighthouse mirror the business processes that
they're trying to Automate. Absolutely, we talked to
partners day in day out. That's what we love to do. It's in our DNA. A man in fact like a lot of
enterprise customers, are also actually using Azure Lighthouse
to manage their crazy number of environments that they may be
acquired through emines right through these partner feedback
forums we realize kind of three things right? One is partners
have different kinds of relationships with customers.
They kind of have. You know they choose a different licensing
model so our product is built on the principle of we will be
agnostic licensing models. They want to still keep the
automation. They may not want to write long scripts, but they
still want everything to be automated. what I showed you
today was it demo in a GUI right? Which is not typically
how partners operate. They'll still like to Automate a lot of
stuff and with lighthouse, our principle is do APIs 1st and
bring UI to parody, right? So we always give partners and choice
for automation and then like you said, finally we are all about
leveraging what's natively in the platform, so you don't need
to go and spend a whole chunk of money. Now are learning you tool
sad and scale up your stuff? It's all built into Azure. It's
backed by Azure. It's backed by Azure idiots. It's gonna work
across 100,000 million billion customers. So that's the value
proposition of Azure lighthouse. And that catch phrase that
single pane of glass as you said, it's the API level first
and then the UI on top of that, so that pain of glasses APIs
that one could go and Automate. So anything that you could do
with one customer, you can do now for N plus one customers. Absolutely, and we've in fact
found that partners use Azure Lighthouse for onboarding their
customers typically cut that on boarding time by more than 80%.
So you are now able to on board setup this customer and really
move on today to write what other innovative services can I
give this customer and the partners that we listen to say
hey, I spend that time learning about all of the other amazing
stuff Azure keeps throwing at me so that I can go in Delaware
more value to my customers. Very cool. Could you show me real
quick where people would go to learn more about? Azure
lighthouse sure, uhm the best place to go to
hisazure.com/lighthouse and we have pretty good docs. We in
fact recently launched to learn module as well so we would love
for you to give it a shot and give us feedback. Fantastic, I
am learning all about how to manage my environments at scale
with Azure Lighthouse today on Azure Friday. Hey, thanks
for watching this episode of Azure Friday. Now I need you
to like it. Comment on it, tell your friends, retweet
it. Watch more Azure Friday.
