Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

For customers deploying our security solutions into a Microsoft Azure environment, we recommend setting up a new subscription to house the stack. While it is possible to deploy into an existing subscription, it’s often easier to maintain as a separate subscription. This article describes the steps to create a new subscription, into which the Armor solution will be deployed. It also describes the permissions that will be required by Armor during

Creating a New Azure Subscription

There are several options for procuring a new subscription that depend on your engagement model with Microsoft. Each are described below:

Creating a Pay-As-You-Go Subscription

  1. Begin by opening the Subscriptions blade in the Azure portal.

  2. In the top left, click Add.

  3. In the Pay-As-You-Go card, click Select offer.

  4. You’ll be redirect to a sign-up form. Fill out the required information, then click Sign up.

Creating an Enterprise Agreement (EA) Subscription

To create an EA subscription, use the following Microsoft guide for configuring your subscription: https://learn.microsoft.com/en-us/azure/cost-management-billing/manage/create-enterprise-subscription

Creating a Microsoft Customer Agreement (MCA) Subscription

To create an MCA subscription, use the following Microsoft guide for configuring your subscription: https://learn.microsoft.com/en-us/azure/cost-management-billing/manage/create-subscription

Create a Cloud Solution Provider (CSP) Subscription

If you wish to use Armor as your CSP, simply let your solutions consultant know and Armor will provide the new subscription for you. Your solution consultant will collect a few basic details to configure the subscription and it will appear in your Azure portal upon provisioning.

If you have an existing relationship with another CSP, contact them to request a new subscription.

Provisioning the Armor Service Account

Armor will require specific access in order to manage the initial deployment and configuration of the new subscription. While most interactions after the initial provisioning will be handled via an Azure Lighthouse delegation, there are certain activities which can only be performed by a service account in your tenant’s Azure Active Directory (for example, management of Azure Key Vault stores).

  • No labels