Automate Azure Cloud User Management
Johand Cruse
Project Manager
Cloud Infrastructure Architect
Azure
Microsoft Power Automate
Microsoft SharePoint
Transport for London
Project Summary: TfL Azure User Account Life Cycle Management
Project Overview: The TfL Azure User Account Life Cycle Management project involved the comprehensive design, deployment, and configuration of an automated user account management process within the Azure environment. This project aimed to streamline the approval process, display user account approval statuses, automate the provisioning of access, and manage the entire user life cycle efficiently.
Key Achievements:
Process Review and Stakeholder Agreement:
Conducted a thorough process review to ensure all stakeholders were aligned with the procedures for user account access requests.
Established and agreed upon Role-Based Access Control (RBAC) with all stakeholders to ensure secure and appropriate access.
User Account Access Requests:
Utilized Microsoft Forms to facilitate user account access requests, ensuring a user-friendly and efficient submission process.
Automated Workflow with Power Automate:
Developed a Power Automate flow to collect information from Microsoft Forms and populate a SharePoint list, displaying the application status alongside the information.
Created an additional Power Automate flow to route user account access approval requests to the necessary approvers within the agreed Service Level Agreement (SLA). This flow included instructions for handling denied requests and sent email and Microsoft Teams notifications to approvers regarding the request status.
Approval and Notification Process:
Upon approval, environment managers were notified, and the status was updated on SharePoint through the Power Automate flow, ensuring seamless communication and tracking.
Azure Access Package Implementation:
Designed Azure Access Packages for various roles to provide access to Azure resources based on the agreed RBAC. The “MyApp” link was shared with requesters to process access requests efficiently.
Managed user account recertification through Azure Access Packages to ensure compliance with security policies and created an audit trail for ISO 27001 certification.
Standard Procedures Followed:
Solution Architecture:
Conducted a detailed requirements analysis and stakeholder consultation to define the project scope and objectives.
Designed a scalable and secure architecture to support the automated user account life cycle management process.
Ensured integration with existing systems and compliance with TfL’s security policies and standards.
Project Management:
Employed Agile project management methodologies to ensure iterative development, continuous feedback, and timely delivery.
Conducted regular stakeholder meetings and progress reviews to ensure alignment and address any issues promptly.
Maintained comprehensive documentation of the project, including process flows,
configurations, and user guides.
