Quick Video #
Blueprints are collections of different configuration items, including policies, configurations and settings, which allow you to apply them to a tenant as a group. Instead of applying configuration items one at a time, you can apply an entire Blueprint, making customer onboarding more efficient.
In the Blueprints view, click on the blueprint you want to edit or click on Add Blueprint to create a new one
The overview of the Blueprint shows the Blueprint’s name and description. The Blueprint can be broken down into multiple steps. 1 to 25 steps are supported. In the image below, there are four steps: Geo-blocking, App/Device Compliance, MFA, and Authentication Strengths.
Create a New Step #
To manage the steps in the blueprint, click on Step Manager.
To add a step, click on Create.
Give the step a name and an optional description.
To add configurations for the step, click in the Search Configurations and either scroll through the list or search by name, then click on the required configuration. Then set the action to report or remediate.
Note that you have to add at least one configuration in each step.
Click on Save when finished editing.
Manage Existing Steps #
If you click on a step, it will display a list of are the configuration items that will be applied as part of that step. This step – Geo-blocking – will add a list of blocked countries, allowed countries, and the conditional access policy to enforce them.
The status column shows that these items will all be added to the tenant. The action column shows whether each item will be remediated or just reported on.
Items can be removed by clicking on the X button in the last column.
The next step – App/Device Compliance – shows that the three items from the first step will be inherited, and two new items will be added. The action for each item can be changed, even inherited items.
Items from previous steps can be removed but will only be removed from the current and future steps. They will remain in the previous steps.
To add configurations for the step, click in the Search Configurations and either scroll through the list or search by name, then click on the required configuration. Then set the action to report or remediate.
Click on Save when finished editing.
The blueprint will now be updated as will any tenants that have the blueprint applied.
Managing Deployment of Blueprints #
Within the Blueprint view, click on tenants on the left.
A list of all the tenants with this blueprint currently applied will be displayed, and what step they’re at.
Click on manage to manage the deployment within that tenant.
The tenant will be displayed with the Blueprints tab pre-selected, showing which step is currently applied.
Click on Apply to deploy the next step, or Change to deploy a later step (and all in between), or roll back to a previous step.
The Todo column will show what action will be taken when the chosen step is applied.