Upkip

FREE TRIAL
GET STARTED

Start Your Trial Now!

This is the Upkip Trial request page! You can create your Upkip Trial* experience at any time with no help from our side! Just follow the instructions below.

Support is everything! So, let’s begin!

 

Before you start:

  1. You need to sign in your Azure AD Tenant at https://portal.azure.com and select the Directory where Upkip resources will be installed
  2. Prepare an Azure Subscription. All Upkip resources will be installed in a single Resource Group within that subscription
  3. Optionally, prepare also an Azure Resource Group for the Upkip services to be installed in

 

Step 1: Delegate resource management access

To be able to properly support, configure and update your Upkip system we would need access to the Upkip resources within your Azure Subscription. For this purpose, we will onboard you as our customer to Azure Lighthouse.

When we do so, the delegated resources (subscription or resource group) in your Azure Active Directory (Azure AD) tenant will be managed by our customer support team through Azure delegated resource management. ICB will be the Upkip Service Provider for you.

You will be able to manage this access Delegation via the “Service Providers” menu in Azure Portal:

upkip

There are two options to proceed:

Delegate access to the target Subscription.

  • To do this, you need to have Owner role assigned on the target Subscription
Delegate Subscription Access

Delegate access to the target Resource Group.

  • To do this, you need to have Owner role assigned on the target Resource Group 
  • Make sure you have prepared the target Resource Group
Delegate RG Access

By clicking on either of the buttons above you will be redirected to the Custom deployment page in Azure Portal:

upkip
  1. Preview the Delegated Access deployment page. Pay special attention to:
    • Subscription
    • Region
    • Resource Group Name
    • Authorizations
  2. Input and/or change required parameters (e.g. Subscription and/or Resource Group)
    • Follow and complete the delegation wizard as prompted
    • A new Deployment entry will be created under Deployments for the target Subscription or Resource Group accordingly
  3. After the deployment has finished successfully:
    • Click on the Outputs view from the Deployment Overview page (this can be also be accessed from the Subscription/Deployments blade)
upkip
  • Locate the upkipSetupToolURL output parameter and follow the link to download the package
  • Unarchive the package in a local folder

Step2: Setup configuration

 

Run the PowerShell script file “Setup.ps1” as Administrator

The script may be carefully examined by the customer. It will perform the following activities:

 

  • Validate customer input
  • Install any unavailable required Azure PowerShell modules
  • Prompt the user to authorize against the target tenant
  • Create Resource Group, if necessary
  • Create App Registrations required by the Upkip system:
  • Some applications will be assigned with access to the target Resource Group
  • Admin Consent will be granted for some applications API permissions
  • Create local certificates for some AAD App credentials (these certificates can be deleted safely later)
  • Configure AAD users and groups to serve system needs
  • Upon completion, will send a request for a new environment to the Upkip installation services

 

The script requires the executing user to provide values for the following parameters:

 

  • “companyName”: The free-form name of the customer’s company;
  • “companyShortName”: The unique code of customer’s company. The code can be composed of maximum 5 characters. The code can be composed of only letters or digits;
  • “tenantId”: The unique identifier of your Azure Active Directory tenant;
  • “subscriptionId”: The unique identifier of the target Azure Subscription;
  • “resourceGroupName”: The name of resource group which will be used to accommodate Upkip related resources;
  • “resourceGroupLocation”: The desired Azure location for Upkip related resources (e.g. West Europe);
  • “basePlatformGroupName”: The desired name of root Upkip system Azure Active Directory group;
  • “contactPersonEmail”: The email of customer’s primary contact;
  • “contactPersonFirstName”: The first name of customer’s primary contact;
  • “contactPersonLastName”: The last name of customer’s primary contact;

 

For the purposes described the following access is required for the user executing the script:

 

Subscription Contributor:
  • Create resource group
  • Create roles assignments on the resource group for the system applications
AAD Global Administrator:
  • Create/update apps and their permissions
  • Create/update user groups and memberships
  • Create system internal Notifier user
  • Grant admin consents for some API application permissions

Step3: Deployment

 

  • If you have completed the steps above successfully, your request will be processed shortly (typically 2h)
  • You can monitor the progress by observing the Deployments blade of the target Resource Group that you have selected for the Upkip services
  • Once the deployment is complete, an email with basic introductions will be sent to the provided contact person

 

If you experience any issues, feel free to get in contact with us.

 

* Upkip Trial will put some minimal costs to your subscription