G’day,
Over the last few years I’ve had the privilege of helping people start on their Azure journey. Some come along with Azure Subscriptions, others just want to get started.
While there are multiple ways of getting Azure subscriptions, I’m going to concentrate on how to get a free subscription and how I would walk through this with somebody who was doing this for the very first time.
On the way, there are a few interesting points that come up, which I feel are beneficial to introduce at this point – and drill into in more details once more experience has been gained. After all, whenever we start something new there’s always that element of culture shock and finding your feet – at least there is with me.
The very first thing that I would advise somebody to do is to get a brand new Microsoft account (known as an MSA) – the simplest thing to do is head to outlook.com and open a brand new account. These accounts have gone by various different terms over the years (such as Passport) – but nowadays it’s just an MSA.
Once that has been set up, head to https://portal.azure.com/ and log in using the MSA credentials that you have just created.
At this point, the question normally arises as to why a new MSA is recommended. Well, my answer to that is that a brand new (outlook.com) account will have never been used with any Azure infrastructure previously.
I’d avoid a company account, event a new one as you’ll likely end up being linked to their Azure Tenant. (I’ll blog more on this later)
At the portal we should see a screen like the following, We’ll be hitting the “Free Trial” button soon – but we’ll have a look around first.
Before we provision our free trial, lets take a look around Azure Active Directory. As we progress our journey, it’s important to understand the relationship between an Azure Tenant and an Azure Subscription. An Azure Tenant is used by Azure Active Directory – at present we do not have an Azure Tenant, but we do have the ability to look around Azure Active Directory. Type “Azure Active Directory” in the blue search box at the top of the screen and lets look around.
Upon choosing the above option, you’ll see a menu on the left hand side of the screen appear. Have a look around this. You won’t be able to create anything (on the off chance that a button appears letting you, chances are you’ll get an error when you press the button as at this point you do not have an Azure Tenant)
You’ll see that here you can create Users, Groups, Administrative units and various other things. Just have a look, browse around and get curious about what’s on offer – but remember, at this stage you DO NOT have an Azure Active Directory Tenant (Azure AD). After you have finished looking around then head back to the home page by clicking the “Home” link in the top left hand corner of the browser.
This will return you to the home screen, where you were Originally – now select the Free Trial button.
At this point, you’re going to need to verify your identity. You’ll do this using your credit card.
This usually is the point at which people are hesitant – and I totally understand.
However, the free trial gives $200 worth of free credit and there is a spending block that WILL NOT allow you to go over that limit. Yes, you can take steps to remove it and these are fairly involved. Removing the spending limit is unlikely to be something that you will do by accident. Also note that you can only use a credit card for 1 free trial.
After filling out your details you’ll end up back at the home screen, it’ll look different now.
Notice in the top left hand corner, your account appears.
You’ve also now got a tenant. If you used an outlook account like I did, the Azure Tenant will take the form
emailname + outlook.onmicrosoft.com
example
email address is myazureaddress@outlook.com
Azure Tenant is – myazureaddressoutlook.onmicrosoft.com
more on this another time.
Type “subscription” into the search bar and check out your new subscription.
You can rename the subscription. Just click on the subscription name. This will take you to the Subscription overview page. From there, locate the name, click it and rename – remember to hit “Save”
So now we are all set up.
At this point we have an Azure Tenant and an Azure Subscription.
We’ll use the Azure Tenant for Authentication.
We’ll use the Subscription for Authorization with Azure Role Based Access Control or RBAC as it is commonly known..
We’ll use the Tenant and Subscription for other things too, but Authentication and Authorization are big ticket items. Identity is a huge concept.
One other thing to realize is that Azure Active Directory (Azure AD) is NOT Window Active Directory in the cloud. While there are similarities there are also huge differences.
One of them is Authentication – for example Windows Active Directory uses Kerberos while Azure Active Directory user open standards such as OpenID.
Have that help somebody.
Have a great day
Cheers
Martin.