Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 8 Next »

A single-tenant on Unique is a separate, isolated, regulated and governed deployment of our product within our own Azure perimeter. Customers that opt for this approach get their own landing-zone that they can reach e.g. with https://customer.unique.app.

Get started

Refer to Get started with a Single Tenant

Tenat setup

Unique built their setup according to Azures What is a Landing Zone? and their Architecture of an AKS regulated cluster for Payment Card Industry Data Security Standard v3.2.1.

For every detail you can not find in our concept refer first to the official (blue star) documentation.

For Single-Tenants we use another Active Directory Tenant than for our /wiki/spaces/Q/pages/235470943!

The tenant used here adheres to the Principle of Least Privilege. To do so, we leverage Privileged Access Management and Conditional Access.

Property

Scenario

Azure Active Directory

As outlined above, for single-tenants we use a heavily governed AAD tenant.

Management Group

Unique Enterprise

Our top level management group

Management Group

Landing Zone Customer 1 (…n)

Each customer has their own management group in order to leverage one subscription per customer

Subscription

Landing Zone Subscription 1 (…n)

Each customer has their own subscription so we can leverage the full capabilities of RBAC, Security Policies, Privileged Access Management and Conditional Access based on a customers need

Author

Dominik Meyer

 

  • No labels

© 2025 Unique AG. All rights reserved. Privacy PolicyTerms of Service