Using a central IAM provider is certainly a great thing. While setting SSO up for AWS, the management for the AWS root-users became an issue, because its required for them to have globally unique e-mail address. This might not a problem for small companies, but if you plan several hundred or even thousand of AWS-accounts, this becomes a nightmare real fast. In this post, I will go over one approach on how you can manage all your root-users with M365 offerings and some Azure services, pretty much for free.

Retrieving a list of all Azure AD role assignments sounds easy enough, right? Well, there are some things to consider, here is waht.

Some resources in Terraform allow to pass them a list if multiple values can be set - for instance, DNS servers for the azurerm_virtual_network can be set this way. However, on the same resouce, you can add subnet during the creation and this would not work in the same way, because each subnet requires their own subnet-block in the resource. However, Terraform offers a way to create mutiple blocks of the same kind dynamically - using the dynamic-block.

Administrative accounts without mailbox and still receive notifications in Primary Mailbox - How does it work?

During the onboarding / rollout of Defender for Endpoint and Azure Arc Agent, the network plays a significant role. Communication via the Internet is usually restricted by segmented networks and secured by firewalls and proxies. To prevent errors or communication problems, the required ports & URLs should be opened to ensure seamless onboarding and operational processes.

Based on the default settings and configuration, mailboxes in Exchange / Exchange Online are created with the default language. This is causing some users to see Inbox (default language en-US) in Outlook instead of “Postfach” (German).

Many automations with Power Automate are based on SharePoint lists. Some of them are used to collect, analyze data and send notifications. This is where most of the requests come to send notifications by mail to specific users.

This section of the blog series is focused on the migration and the selection of the tool and the procedure during the migration process. Once the basic topics of strategy and identity have been clarified, we come to the next question: “How and what do we actually migrate?

In many cases, the use of Microsoft 365 Services requires existing processes & workflows to be reworked and existing Microsoft Excel lists to be replaced by Power Apps and SharePoint Online Lists / Microsoft Lists, because with the integration into the native Office 365 environment, new and significant possibilities for automation are provided and previously time-consuming processes can be accelerated.

In the first part of the blog series, we took a look at the topic of planning and selecting the migration scenario and developed a long-term strategy based on the business and technical requirements and defined how the tenant migration should be implemented schematically.