How to Publish Managed Services Through Azure Lighthouse

Symon
November 7, 2019

Save to My DOJO

How to Publish Managed Services Through Azure Lighthouse

Table of contents

  1. Prerequisites to Publishing a Managed Service
  2. Step 1) Create the Managed Service Offer & Settings
  3. Step 2) Create a Plan
  4. Step 3) Configure the Manifest Details
  5. Step 4) Provide Marketplace Details
  6. Step 5) Add Support Information
  7. Step 6) Publish your Managed Service Offering

Azure Lighthouse provides Managed Service Providers (MSPs) and software developers (ISVs) with a centralized management portal to view all of their customers’ resources. Additionally, it makes it easy for the MSPs and ISVs to find new customers by https://azuremarketplace.microsoft.com/marketplace/apps/company.servicename publishing their offerings on the Azure Marketplace. The Azure Marketplace is a web portal that functions like an app store for Azure applications. Additionally, it lets MSPs publish IT services that they can offer, and ISVs can publish deployment or management services for their software. These managed services let the publishers maximize their revenue by monetizing from their specialized skills to help Azure users deploy, manage, optimize and even secure their cloud infrastructure. Check out the Altaro blog series about the Azure Lighthouse solutions, its foundational technologies using ADRM and AAD, Azure integration and the go-to-market strategy. This blog post will walk you through the process to publish a managed service in the Azure Marketplace, allowing you to then use Azure Delegrated Resource Management (ADRM) to access that customer’s cloud resources. While it refers to publication from the perspective of an MSP, these same best practices are also applicable to ISVs.

Prerequisites to Publishing a Managed Service

First, you must have access to publish to the Azure Marketplace, which means that you need to have a Microsoft Partner Account. To set this up, following these instructions from Microsoft: https://docs.microsoft.com/en-us/azure/marketplace/partner-center-portal/create-account. You will need to have a Microsoft Partner Network (MPN) ID which means that you have passed the requirements to be a certified partner. By linking your MPN account to your Azure Lighthouse offering, you will automatically be credited for the consumption of any customers who subscribe to your service(s). This is helpful for MSPs who are trying to move to a high certification tier which requires proof of higher consumption.

You must also offer a standardized service to all possible customers, which is known as a public offering. In its current release, it is not possible to make a service offering only available to certain classes of customers based on their geography or other factors. Providing customized services must be done through a private offering that uses an Azure Resource Manager (ARM) template, which is a topic we’ll be covering in detail in a future blog post.

It is also important to spend some time evaluating the marketplace to see what offers are already out there. There may not be much value in being the hundredth organization to offer basic Azure VM management. Take time to think about your team’s unique skill set and any IP which you have developed.  Which scripts have you created which scale up and secure workloads faster? How can you add greater resiliency or faster recovery to a service?  Do you have expertise within a regulated industry and can ensure that your tenants will be compliant? Can you offer better Tier 1 support or SLAs?  Make you that you are going to offer something to stand out from the crowd so that customers will select you over your competitors.

Also, consider asking your company’s search engine optimization (SEO) expert to help you build and define compelling keywords to increase your discoverability.  This is known as App Store Optimization (ASO). You can use publicly available tools like Google Keyword Planner or Bing Keyword Research to filter through organic search traffic. While these tools are designed for Google and Bing’s respective search engines, rather than the Azure Marketplace, they can provide good guidelines for how customers may be searching for your types of services. And since any offer listed on the Azure Marketplace will get propagated to Google and Bing, this will also maximize your chance of getting more hits. Also, request that any of your customers who have subscribed to your offer give you a review. This will increase your visibility on the Azure Marketplace as positive recommendations increase your ranking.

Step 1) Create the Managed Service Offer & Settings

Once you have determined the public service to offer through the Azure Marketplace you will go into the Cloud Partner Portal and select New Offer > Managed Services. You will then provide the following information:

  • Name: This is the friendly name that customers will see when they access the offer details. Make sure to include your company name and a clear description. This is limited to 50 characters.
  • Offer ID: This is a unique identifier for your offer which appears in the billing reports and product URLs. Since product URLs are indexed by search engines and increase discoverability, it is helpful to include your company name and keywords here. This string is also restricted to 50 characters, but only lowercase letters, numbers, underscores and dashes. Once this is created, it cannot be changed.
  • Publisher ID: You will select your publisher ID. This option is only provided since some partners have multiple publishing accounts.

After saving this information you will create a new plan.

Step 2) Create a Plan

A plan is a variation of your offering, similar to an SKU. Consider using standard terms for the different tiers, like Bronze/Silver/Gold or Basic/Premium/Enterprise. Customers will be able to browse and select the best plan for their requirements and budget. For each plan you will select New Plan and complete the following information:

  • Plan ID: This is a unique identifier for your offer which has the same uses and restrictions as the Offer ID from Step 1. It also cannot be changed.
  • Public / Private: By default, all plans are public and accessible to everyone in the marketplace. If you want to restrict your plan to specific users, you can select a private plan, however, this cannot be changed. If you wish to limit the plan to certain users, you can then provide a list of unique customer IDs who are whitelisted to subscribe to this plan. You can enter these manually (currently limited to 10 subscriptions) or upload a CSV file (up to 20,000 subscriptions). It is also a good idea to include the subscription ID of your own test accounts so that you can validate the offering is published and working as expected.
  • Title: This is the friendly name that customers will see when they browse to the details of the plan. Make sure to include your company name, a clear description, and any search optimized keywords. This is limited to 50 characters.
  • Summary: This lets you add a short description of the plan. Make sure to include your company name, a clear description, and any important keywords. This is limited to 100 characters.
  • Description: Here you can add a long description which lets you go into details of exactly what you are offering and how you can differentiate yourself. Here you should include the following information:
    • Specific services which are included
    • Onboarding steps
    • Costs and billing process
    • Technical support and SLA
    • Company profile and experience
  • Billing Model: This option is a little confusing, as for managed services you must always select Bring your own license. This is because Microsoft will not bill you for any expenses directly, rather, you will bill your customers directly for any associated costs.

After you Save you’ll move on to the manifest details section.

Step 3) Configure the Manifest Details

The manifest defines exactly which of your tenants’ resources you will have access to, and what permissions will be assigned. One of the fundamental technologies powering Azure Lighthouse is ADRM which allows granular role-based access control (RBAC) that is requested by the MSP and approved by the customer. Any Azure resource with is managed by Azure Resource Manager (ARM) can be granted access to any of the 70+ different Azure user roles. Keep in mind that with a public plan, all users will be required to assign identical access to the MSP. It is best to minimize what you are requesting so as to avoid unnecessarily exposing any of your potential customer’s infrastructure, or scaring them off since they do not yet know or trust you.

For the manifest, you will provide the following information:

  • Version: Provide a version number in the format x.y.z, such as 2.1.1.
  • Tenant ID: Enter the GUID which is linked to your organization’s Azure Active Directory account. You can find this identifier for your directory from the upper right-hand corner of the Azure Portal.
  • A list of Authorizations: These define each of the resources which your staff can access for every customer who subscribes to the plan. These include:
    • Azure AD Object Display Name: This assigns a friendly name for each Azure resource which will be placed under management by the MSP. Make this clear and descriptive so that your customers understand the usage.
    • Azure Object ID: This provides the Azure AD GUID of the MSP’s admin, an MSP-managed Azure AD group, or the application which will be granted access to the customer’s resource group. If you are providing access to users, a best practice is to assign this to a group, rather than individual admin(s). This simplifies management as it lets you add and remove admins from that group as your staff changes, instead of having to make updates to every tenant’s workload each time someone joins or leaves your organization.
    • Role Definition: You will select which of the 70+ Azure AD built-in roles to assign to this Azure AD Object. This designates the permissions of that role to the specific object.
      • Assignable Roles: This option will only appear if you select the User Access Administrator role definition. In this case, you will define a list of different possible roles that the user can select and designate for their MSP.  This is helpful if you do not require one specific type of access to a resource group, want to build trust, and empower your users to specify the level of access themselves.

Click Save, then you can add more details about your offering in the Marketplace section.

Step 4) Provide Marketplace Details

Next, you will enter the details which get published in the Azure Marketplace. These are publicly displayed and picked up by search engines.  Use your SEO/ASO best practices here with descriptive keywords to maximize your discoverability. Some of these fields are repetitive from details that you have previously entered, so you may wish to go back to earlier menus in a new browser tab so you can copy the previously entered text.

You will need to provide the following information:

  • Title: This is the friendly name that customers will see in the Azure Marketplace. Make sure to include your company name, a clear description, and any search optimized keywords. This is limited to 50 characters.
  • Marketing Identifier: This lets you add some customized text into URLs, which should include your company name and the name of your service. Including this text in the website link also helps with SEO/ASO. The URL will then follow the format https://azuremarketplace.microsoft.com/marketplace/apps/company.servicename.
  • Summary: This lets you add a short description of the plan. Make sure to include your company name, a clear description, and any search optimized keywords. This is limited to 100 characters.
  • Long Summary: This section allows you to enter a longer description using search optimized keywords. This has a maximum length of 256 characters.
  • Description: Here you can add a long description which lets you go into details of exactly what you are offering and how you can differentiate yourself. This also supports simple HTML and supports to up 3000 characters. You ought to include the string “managed service” or “managed services” so that it gets picked up by internal and external search engines.  Here you should include the following information:
    • Specific services which are included
    • Onboarding steps
    • Costs and billing process
    • Technical support and SLA
    • Company profile and experience
  • Useful Links: You can add a list of hyperlinks to your company’s website, product page, contact forms or anything else.
  • Categories: Select which categories you would like your managed services to be listed under. You can select a maximum of 5 categories, and it is best to select as many as are applicable so that potential customers who are browsing by category will discover your service.
  • Marketing Artifacts: Here you can upload your logos (required), screenshots (optional) or add links to product videos (optional). Adding logo in four sizes is required in 255×115 pixels (wide), 115×115 (large), 90×90 (medium) and 40×40 (small). Microsoft recommends keeping the logo simple with basic colors and with no text so that it looks consistent with the rest of their enterprise business offerings. You can also add a “hero logo” (815×290) which is a large background image that helps your service get visibility in the Azure Marketplace. Text for your company name, title and summary will automatically be added in white. Once published, you cannot remove the hero logo, but you can replace it.
  • Lead Management & Lead Destination: This section allows you to specify a CRM system where any customer leads will be automatically imported and stored.
  • Legal: Add the URLs for your Privacy Policy and for your Terms of Use.
  • Preview Subscription ID: You should always test that your Azure Marketplace offering looks right before you publish it. This is possible through adding a list of up to 100 subscription IDs for accounts that can preview the offer before it goes live. Microsoft’s product and support teams will also be able to view the marketplace preview.

Save your changes then move to the support section.

Step 5) Add Support Information

This section allows you to list contact information for your customer support and engineering teams. This includes a name, email address, and phone number. You will also be required to add URLs for support information. Make sure you keep this information current so that prospective customers can contact you. Microsoft may also use this contact information. Click Save so then you can review the information before it goes live.

Step 6) Publish your Managed Service Offering

You are almost ready to make your service offering go live. Take time to preview the offer from an account you defined using the Preview Subscription ID from Step 4. Once you click the Publish button, the offering will go through an automatic review and shortly afterward will appear in the Azure Marketplace.

Congratulations, you have now published your managed service in the Azure Marketplace. From here you can expect new customers to discover your services and help you bring in new revenue. Make sure that you check out the next post from Altaro about onboarding Azure Lighthouse customers to understand the additional steps to access your tenants’ workloads.

Altaro O365 Backup for MSPs
Share this post

Not a DOJO Member yet?

Join thousands of other IT pros and receive a weekly roundup email with the latest content & updates!

Leave a comment

Your email address will not be published.

More in this category

Microsoft 365 Lighthouse – Simple M365 Management for MSPs

Microsoft 365 Lighthouse – Simple M365 Management for MSPs

Is it Time you Ditched On-Premises Services Completely?

Is it Time you Ditched On-Premises Services Completely?

What is a CSP?

What is a CSP?

More from this author

Introducing Altaro EndPoint Backup for Managed Service Providers

Introducing Altaro EndPoint Backup for Managed Service Providers

Why ISVs Should Use Azure Lighthouse

Why ISVs Should Use Azure Lighthouse

How to Onboard Customers in Azure Lighthouse

How to Onboard Customers in Azure Lighthouse

About the Author

author

Symon Perriman

Symon is an internationally recognized Microsoft expert, business leader, author, keynote presenter,..

View Full Profile