Announcement

Connect your Azure Tenants with Guardrails

Automatically sync and maintain your entire Azure tenant structure in Turbot Guardrails with just a few clicks.

Turbot Team
5 min. read - Jan 29, 2025
Automatically sync and maintain your entire Azure tenant structure in Turbot Guardrails with just a few clicks.

We're excited to announce native Azure tenant support in Turbot Guardrails, making it easier than ever to bring your existing Azure tenant structure into your cloud governance framework.

Historically, cloud teams have structured their Azure subscriptions primarily around billing and cost center considerations. This structure, while effective for financial management, may not always align perfectly with governance requirements. Guardrails has always supported connecting individual Azure subscriptions through our UI, API, and Terraform provider. This flexibility allowed customers to either maintain their existing cloud tenant structure or transform it into a governance-focused hierarchy, often integrating accounts across multiple cloud providers.

As enterprises have matured their use of Azure tenants and management groups, our customers have increasingly requested a simpler way to import and maintain their existing Azure tenant structure within Guardrails.

Guardrails for Azure tenants

With this new integration, you can now import your entire Azure tenant structure into Guardrails with just a few clicks. This feature automatically:

  • Discovers and imports your complete Azure Tenant hierarchy instantly
  • Detects new subscriptions as they're added to your Azure Tenant
  • Maintains your management groups and subscriptions structure in sync as changes occur
  • Supports exclusion policies to filter specific management groups and subscriptions
  • Enables controls to be applied at any layer of your Tenant hierarchy

This feature also enables enterprises to consolidate governance across multiple Azure tenants by grouping and applying policies across their entire Azure footprint.

How to connect your Azure Tenant

The connect page now offers an option to connect your Azure tenant(s) to Turbot Guardrails.

You can choose between adding individual Azure subscription or connecting an entire tenant.

To connect your Azure tenant, Guardrails requires the Tenant ID, Client ID, Client Secret, and which Azure cloud environment (Global Cloud, US Government or China Cloud).

Before connecting, you can specify exclusions using Subscription IDs, or management group names. Flexible regex patterns are supported to ensure your exclusions remain effective as your tenant evolves over time.

Syncing to the Guardrails CMDB

After clicking the "Connect" button, Guardrails immediately starts discovering your tenant configurations, management group structure and Azure subscriptions. It then continues to discover all resources in each subscription and resource group to build your complete asset inventory in the Guardrails CMDB.

With your Azure tenant now integrated into Guardrails, you gain immediate access to powerful capabilities: comprehensive resource exploration, full-text inventory search, and the ability to implement governance controls that ensure consistent FinOps and Security posture.

Guardrails maintains continuous synchronization with your tenant, automatically reflecting changes as subscriptions move between management groups, new subscriptions are added, or tenant configurations evolve.

Managing multiple Azure tenants? Simply repeat these steps - you can either segregate tenants in separate Guardrails folders or unify them under a single hierarchy.

See it in Action

Watch this demo to see how Turbot Guardrails can integrate your entire Azure tenant(s) in just a few clicks:

Elevate your Azure tenant & subscriptions with Guardrails

This new Azure tenant feature addresses a common challenge faced by our users with large Azure footprints who want to bring in their entire tenant structure as-is. It would be time-consuming to do this by hand or with Terraform scripting. Now you can bring your whole Azure tenant into Guardrails quickly, easily, and automatically. Best of all, Guardrails stays up-to-date with your tenant as it evolves, automatically reflecting any changes to your management groups and subscriptions.

Get started with a 14-day free trial of Guardrails for Azure Tenants today.