Entra tenant implementation (DEV, QA, Prod)
Entra tenant implementation project description:
Entra tenant implementation project scope is to implement three Entra (formerly Azure Active Directory) tenants for the organization: a dedicated tenant for each environment development (DEV), quality assurance (QA), and production (PROD). This refers to a dedicated instance of Entra that an organization receives when they sign up for Microsoft Azure or other Microsoft cloud services. The Entra tenant is the organization’s cloud resources’ identity and access management service. This project follows the standard on-premise approach where organizations have at least three environments (DEV, QA, PROD).
If synchronization is needed between the on-premise Active Directory and Entra, the Entra Connect project covers this scope; otherwise, this project is a greenfield Entra tenants project where the DEV, QA, and PROD Entra will be created and configured.↕
Entra tenant project implementation project approach:
Following the design approval, the project team will configure the Entra tenants and follow the process for configuring QA and Prod dedicated environments. Our standard approach is to move to the QA and PROD environments only the approved settings and to use the DEV for proof of concept.
Follow the organization’s long-term processes.
From the beginning (already from the contract phase), the project team will know if the Entra tenant is to be synchronized with the on-premise Microsoft Active Directory or if the users and groups will be managed in the cloud only. Based on the business requirements and the roadmap, the project team will design the needed Entra tenants (DEV, QA, Prod). The design document will be presented and approved by the organization.
Proof of concept:
The different settings that are needed by the organization or as part of the program are implemented in the DEV Entra tenant of the organization. Test users, user settings, tenant settings, and test workstations used by the different projects have been joined/added to this tenant. After the settings are agreed and documented, they are propagated into QA and PROD. The team is available during the whole program, ensuring settings from DEV to QA and PROD are implemented and propagated according to the organization’s change management process.
https://www.csebusiness.com/azure/microsoft-azure-cloud-project/
Entra tenant implementation in-scope project activities:
- Align the requirements and create the design
- Create DEV, QA and Prod tenants with the respective Entra as per design
- Implement access controls and security policies for users and groups.
- Configure role-based access control (RBAC) to assign permissions to users and groups.
- Perform the configurations in each of the created environments according to the design:
- Multi-factor authentication
- Conditional access policies
- Self-service password reset
- Single sign-on
Additional activities when Entra Connect is not planned to be used:
- Create user accounts and groups according to the design
- A few user accounts in DEV and QA
- The user accounts are needed for the organization in the production environment.
- Group creation in the environment according to the design document
- Security groups
- Distribution groups
- Dynamics groups (updated based on different criteria)
- Integration with organization human resources software and identity and access management systems
Entra tenant implementation project required hardware and software
- No hardware requirements
Software:
- No software is required for this project, the organization needs to have a contract with a Microsoft Partner to be able to create the respective tenants and assign licenses to the user
Entra tenant implementation project pre-requirements
- Organization FRD documents for using and implementing Microsoft Cloud Services
- Organization processes for handling Development (DEV), Quality Assurance (QA) and Production (PROD) environments