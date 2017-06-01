In my last post on Industrial Scale RBAC, I alluded to the fact that in an enterprise context you’ll likely need some special processes and tools for onboarding new projects into Azure. In this post, I’m going to break this down. As with my last post, the advice in this one isn’t likely to be applicable in small organisations or where a team has a subscription to themselves. But in a large enterprise with many teams working on different projects while sharing subscriptions, things start to get interesting.

To see why, let’s pay a visit to everyone’s favourite multinational, Contoso. After following the guidance in the Azure Enterprise Scaffold, Contoso’s central cloud team has already set up their foundational Azure environment, by setting up subscriptions for production and non-production work, VNETs and subnets, connectivity to their on-premises networks, defining naming standards and writing polices on what can be deployed in which regions. They also have defined a chargeback regime, whereby each cost centre needs to pay for the resources used by their projects.

What they don’t have yet is any actual workloads running in Azure. This is not due to lack of demand—in fact there are a whole bunch of teams itching to deploy resources to the cloud. But the cloud team is fearful that once they start granting access to the Azure subscription it will become a free-for-all, where loads of resources are deployed with little regard to their careful planning, and no way of knowing which resources are owned by which team and used for what purpose.

Read the entire article here, Industrial Scale Onboarding in Microsoft Azure – Tom Hollander’s blog

via the fine folks at Microsoft