Single Tenant
- Daylan Araz
- Enerel Khuyag
- Andreas Hauri
- Dominik Meyer
A single-tenant on Unique is a separate, isolated, regulated and governed deployment of our product within our own Azure perimeter. Customers that opt for this approach get their own landing-zone that they can reach e.g. with https://customer.unique.app.
Get started
Refer to Get started with a Single Tenant
Tenat setup
Unique built their setup according to Azures What is a Landing Zone? and their Architecture of an AKS regulated cluster for Payment Card Industry Data Security Standard v3.2.1.
For every detail you can not find in our concept refer first to the official documentation.
For Single-Tenants we use another Active Directory Tenant than for our https://unique-ch.atlassian.net/wiki/spaces/Q/pages/235470943!
The tenant used here adheres to the Principle of Least Privilege. To do so, we leverage Privileged Access Management and Conditional Access.
Property | Scenario |
|---|---|
Azure Active Directory | As outlined above, for single-tenants we use a heavily governed AAD tenant. |
Management Group Unique Enterprise | Our top level management group |
Management Group Landing Zone Customer 1 (…n) | Each customer has their own management group in order to leverage one subscription per customer |
Subscription Landing Zone Subscription 1 (…n) | Each customer has their own subscription so we can leverage the full capabilities of RBAC, Security Policies, Privileged Access Management and Conditional Access based on a customers need |
Tenant architecture
Unique built their setup according to Azures What is a Landing Zone? and their Architecture of an AKS regulated cluster for Payment Card Industry Data Security Standard v3.2.1.
For every detail you can not find in our concept refer first to the official documentation.
This is Uniques implementation of our own Infrastructure requirements with additions to empower Terraform and Audit Logs.
Author | @Dominik Meyer |
|---|
Related content
© 2025 Unique AG. All rights reserved. Privacy Policy – Terms of Service