GDAP means Granular Delegated Admin Privileges, it is a security feature that lets partners configure granular and time-bound access to their customers’ workloads.
It’s a more secure model than DAP for administering customer tenants that adheres to the Microsoft Zero Trust principle of least-privileged access.
As such, requires an additional relationship to be established in the Customer onboarding process.
On January 17th, 2023, Microsoft will start removing inactive DAP relationships that haven’t been used in 90 days. DAP relationships, when a new customer or reseller relationship is created, will no longer be established.
On March 1st, 2023, the Bulk Migration Tool will no longer be available to upgrade existing DAP connections that were granted by customers to GDAP.
Starting in March, Microsoft will begin to transition remaining active DAP relationships to GDAP with limited Azure Active Directory (Azure AD) roles to perform least-privilege customer management activities. Partners will be required to perform more steps to continue to have access to Azure subscriptions after the limited roles are granted.
Using CloudCockpit, we recommend that you begin establishing new GDAP relationships when customers are onboarded. This will be especially important after the bulk migration process has been performed.
Microsoft launched a bulk migration tool that enables partners to automatically create new GDAP relationships with implied customer consent.
We can help while current customers’ DAP relationships exist to migrate existing customers to GDAP.
CloudCockpit is a platform built to respond to our clients’ needs and GDAP is no exception. Making the most of the Migration Tool, we will turn the DAP to GDAP bulk transition for existing costumers into a seamless process that will guarantee that all your operations are up-to-date and secure.
If you have any questions or want to discuss what CloudCockpit can do for your business, feel free to hit us up! We’ll be happy to help!
All the best, The CloudCockpit Team