Picking the Right Technology to Meet Azure Expert MSP Requirements
The first blog of this MSP series described How to Become a World-Class MSP in 3 Steps: developing and demonstrating expertise, defining and documenting processes, and creating or adopting a powerful cloud management platform. This approach not only helps all MSPs gain industry-leading capabilities, it also serves as a path for Microsoft MSPs to earn the prestigious Azure Expert MSP certification.
In this blog, let’s take a closer look at the type of cloud management platform needed by all top-performing MSPs, along with a deep-dive into the technology requirements of the Azure Expert MSP certification program.
MSPs require an automated cloud management platform (CMP)
A CMP is a core element of running a successful MSP business and managing your Azure clients. Having a powerful, automated CMP will help you increase efficiency and drive more revenue by delivering more services in less time.
Microsoft has confirmed the importance of CMPs in enhancing the capabilities of MSPs by adding requirement 5.20 to the Azure Expert MSP certification program. The requirement states that MSPs must “operate an automated CMP integrated with Microsoft Cloud Platform. The CMP can be a combination of home-grown tools and APIs, enabling 3rd party ISV applications and APIs, as well as Microsoft native tools.”
This can be a daunting aspect of the Azure MSP audit as it requires you to have a tool, or set of tools, that flow through every aspect of the customer experience on Azure from provisioning and service management to consumption monitoring and utilization monitoring. It goes further to require that your systems have the capability to handle comprehensive access management, including governance and policies that restrict access by users within the system.
These management capabilities must also be able to inherit the governance policies set up within the Azure environment. They need to be designed for each customer in an automated fashion, which adds a level of complexity that many MSPs currently do not have built into their platform.
Another aspect that must be considered is how many systems do you want interacting within your environment to fulfill the requirements of 5.20. When looking at the requirements, Microsoft offers MSPs the option of having multiple systems fulfill the tasks required, but the caveat is that these systems must be able to seamlessly interact with each other.
The auditor will be looking for a cohesive flow of data throughout your environment. While one system will not necessarily fit all needs, limiting the number of systems simplifies matters and provides fewer failure points within the section.
In addition, ensuring that the systems you’re using easily integrate with each other is imperative to being successful, not just in the audit, but also in providing a platform for your employees and customers that provides the best Azure experience across the board.
Further underscoring the essential nature of the requirement, 5.20 falls into Category 0 on the certification’s checklist. If you’re looking to pass the certification or become recertified, you must pass 100% of all Category 0 items during the onsite audit or fail at the outset. In other words, not having a robust and powerful CMP is a non-starter for passing the onsite audit.
In contrast, you may choose not to present evidence for some Category 2 and Category 3 checklist items, as long as you meet the minimum category requirements. The table below identifies the categories for each section of the requirements.
To illustrate further, the table below shows that not all Category 2 and Category 3 items must be met, unlike Category 0 and Category 1 requirements.
Evidence to pass requirement 5.20
Now that we’ve examined the critical nature of CMPs to the Azure Expert MSP certification, let’s drill down into the characteristics your CMP must have to pass the certification or qualify for recertification. As described in Microsoft’s Azure Expert Managed Service Provider (MSP) Full Audit Process and Checklist Spring 2020 document, the “CMP can be a combination of home-grown tools and APIs, enabling 3rd party ISV applications and APIs, as well as Microsoft native tools.”
For evidence to pass requirement 5.20, you must demonstrate successful Microsoft Azure use cases with at least 20 customers in the following areas:
- Service Request Management
- Orchestration and Automation
- Governance and Policy
- Consumption Monitoring and Metering
- Resource Utilization Optimization
- Access Management
In addition, you will need to make sure your business and CMP have specific capabilities in service-level management and monitoring. For further details on each of these items, please see Microsoft’s certification checklist.
As discussed above, this requires your platform to provide myriad functions that work in conjunction with one another as well as interact with the capabilities and functions within the Azure portal. Along with this, the auditor will ask you to walk through how a customer is represented in each of these scenarios, often from start to finish, meaning you may need to look up a customer on your CMP and demonstrate evidence of how you provision for that customer.
Next, you’ll move to showing how access is controlled for that customer and present a service request and resolution based on that provisioning. Having a CMP that provides you with as close to a “single pane of glass” for that customer as possible will demonstrate your expertise in managing Azure customers, while having a mish-mash of different, disconnected tools will make the process of proving your expertise more difficult and in some cases could cause the auditor to lose faith in your system-based abilities.
Along with the 5.20 requirements, there are a number of other aspects of the audit where your CMP comes into play, such as sections 4.10 and 4.11.
Provisioning and orchestration tooling
Another Category 0 requirement is 4.10, Provisioning and Tooling. To meet this requirement, you must complete an on-site demonstration showing how your products, tools or scripts are used to provision and orchestrate services for your customers in a fully functional Azure environment. While not as extensive in wording as some of the other requirements, this is not a requirement to be passed over quickly.
The auditor is going to be looking for an integrated tool that quickly and easily deploys Azure environments and your ability to use this tool in a customer-facing manner. This means you need to be able to quickly spin up customer-facing Azure environments in real-time. Also, expect that you will be asked how this ties in with the other aspects required in requirement 5.20, not just as a stand-alone capability.
Automated deployment tools
A third technology component of the Azure Expert MSP program is requirement 4.11, Automated Deployment Tools, which falls into Category 1. While not an element required to be completely fulfilled during the on-site audit, all Category 1 requirements must be met to pass the certification or recertify.
This part of the certification requires that partners prove their ability to service customers with products, tools or scripts in the area of “automated provisioning and deprovisioning, and deployment of infrastructure, including tools for continuous integration and continuous delivery (CI/CD).” With this requirement building on 4.10, you should be able to demonstrate this with the same tooling environment given that it is an important aspect of showing your integrated capabilities.
While the information above provides insights into these requirements, I recommend you review the details regarding requirements 5.20, 4.10 and 4.11. To do so, please refer to the certification’s full audit process and checklist document.
If you need a proven CMP that has met each of the technology components of the Azure Expert MSP certification, we can help. In fact, CloudBlue enabled Ingram Micro Cloud to pass all the technology elements of the program right out of the box. Now, we can help you do the same. For more information, contact us at firstname.lastname@example.org.