Azure Lighthouse: be aware with subscription filters

Posted by

After trying Azure Lighthouse for a couple of days, we have extracted a series of conclusions:

  • It’s a great solution to manage customer subscriptions
  • It can be based on Security AzureAD Groups or users, not Office365 groups
  • Provide a single point of access to all the resources, it is not necessary to use guest users to access to customer subscriptions or even to switch subscriptions when we need to manage the subscription

Beside the above points, what you will need to be aware is with the subscription filters, we have been struggling with this for a couple of hours, until we realized that the subscription filters were the responsible for this behavior. Let me resume the case:

We configured a customer subscription to be listed into my customers:

AL1

So we are able to list all the resources into the customer, so the next thing it was to try to create a resource inside the customer, but for our surprise, the subscription customer was not listed inside the drop down menu:

AL2

At first glance, we thought that it was a limitation of Azure Lighthouse, but after struggling a little bit with it, we realized that inside the filters of Azure subscription, the managed subscription was not checked in…

AL3

If you make focus into the image, you will realize that it says current + delegated directory, so… once this checkbox is checked in, we are able to check in the subscription

AL4

And finally, we can create new resources inside this subscription with Azure Lighthouse

Once again, lesson learned

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s