Deploying the Lighthouse Template and Parameters from each spoke subscription, to onboard them in the one Lighthouse Hub/Service Manager to rule them all.
1. Create and configure an Application Registration to gain access using a secret.
2. Create a template- and parameter-file for connecting other subscriptions to Lighthouse in the hub subscription.
3. Register the AppReg in all other tenants.
4. Create a custom role for the AppReg (or use builtin roles).
5. Deploy the Lighthouse Template- and Parameter-file.
6. Create the Service Connections in Azure DevOps.
7. Test DevOps with Lighthouse
Step 5 Deploy the Lighthouse Template- and Parameter-file.
#Yes, I am using AzureRM rather than the Az PS-module, because communcating to multiple customers/owners its efficient to have all use the Azure Shell and it doesnt have the Az-module yet. Makes sure it works for everyone, no matter which PS-module they may have installed on their clients.
1. Upload the previous modified template and parameter-files to where your able to run an Azure Deployment from.
Can be anywhere, but I prefer having all owners use the same and recommend them to use the Azure Cloud Shell.
2. Change to the directory your files where uploaded to:
3. From a PowerShell window with the module AzureRM, like the Azure Cloud Shell, run an ARM Deployment.
New-AzureRmDeployment -Name Lighthouse -TemplateFile ./Lighthouse-Template.json -TemplateParameterFile ./Lighthouse-Parameter.json -Location WestEurope