This article describes the prerequisites for a private SLASCONE deployment in your own Microsoft Azure subscription.
For most customers, SLASCONE SaaS is the recommended deployment model because it is the fastest and simplest way to evaluate, integrate, and operate SLASCONE. Private deployment should usually be considered only when there are specific hosting, compliance, data control, or operational requirements.
For a general comparison of both deployment models, see SaaS vs Private Deployment.
SCOPE
A private deployment means that SLASCONE is deployed into your Microsoft Azure subscription. The installation and operational model are agreed with SLASCONE as part of the deployment project.
SLASCONE is a cloud-native Azure application. A traditional on-premise installation on customer-managed virtual machines, local servers, or non-Azure infrastructure is not supported.
AZURE SUBSCRIPTION
Before a private deployment can be prepared, you need an appropriate Microsoft Azure subscription. This can be a new subscription or an existing subscription, depending on your internal cloud governance and cost management model.
The Azure subscription should be managed by an Azure administrator from your organization. This administrator is responsible for preparing the required resource groups, permissions, and Azure settings before the SLASCONE deployment begins.
SYSTEM LANDSCAPE
We recommend at least two environments:
DEV: used for testing, validation, and update verification
PROD: used for production workloads
Depending on your internal requirements, an additional QA or staging environment can also be considered.
RESOURCE PROVIDER REGISTRATION
The required Azure resource providers must be registered in the target subscription before the deployment can start.
The exact list of resource providers may depend on the agreed architecture. Typical resource providers include:
Microsoft.WebMicrosoft.SqlMicrosoft.StorageMicrosoft.KeyVaultMicrosoft.InsightsMicrosoft.ManagedIdentity
Registration can be performed in the Azure Portal or through Azure CLI by an Azure administrator.
RESOURCE GROUPS
Dedicated Azure resource groups should be created for the SLASCONE deployment. We recommend using separate resource groups for each environment.
Example:
rg-slascone-devrg-slascone-prod
The exact naming convention can follow your internal Azure governance standards.
INSTALLATION ACCESS
During the initial deployment, SLASCONE requires temporary access to the target Azure resource groups in order to install and configure the platform.
This access should be scoped to the relevant resource groups and limited to the deployment period whenever possible.
A typical approach is to create a temporary installation user, for example:
licensing@yourdomain.com
This user is used only during the installation phase and can be removed or restricted after the deployment has been completed and the operating model has been finalized.
SERVICE PRINCIPAL
As part of the private deployment, a service principal may be created for deployment automation, platform maintenance, and future updates.
The service principal should be granted the required permissions only on the relevant SLASCONE resource groups. In most cases, resource group scoped permissions are sufficient.
The exact permission model is agreed during deployment preparation and should follow your internal security and governance requirements.
IDENTITY PROVIDER
SLASCONE uses a Microsoft-based customer identity platform for portal authentication. For new deployments, Microsoft Entra External ID is the recommended identity platform. Existing deployments may still use Azure AD B2C.
The exact identity setup is agreed during deployment preparation. In most cases, one identity tenant can be used across DEV, QA, and PROD environments.
If your organization uses Microsoft Entra ID, federation can be configured to allow users to sign in with their existing organizational accounts.
For more information, see Identity Providers and Federation.
SUBDOMAIN CONFIGURATION
A private deployment usually requires customer-specific subdomains for the SLASCONE portal and API endpoints.
Example:
licensing.yourdomain.comfor the SLASCONE portallicensing-api.yourdomain.comfor the SLASCONE API
DNS configuration is performed by your organization. SLASCONE provides the required target information during deployment preparation.
EMAIL CONFIGURATION
SLASCONE can send system emails, invitations, and notifications. For private deployments, the email configuration should be agreed during the deployment project.
Depending on the setup, emails can be sent using SLASCONE-managed settings or customer-provided email infrastructure.
Typical topics to clarify include sender address, SMTP or email service configuration, authentication, DNS records, and internal approval requirements.
MONITORING AND BACKUP
Monitoring, backup, and operational responsibilities must be agreed as part of the private deployment operating model.
Compared to SaaS, a private deployment usually requires more coordination because Azure resources, monitoring, access control, and operational procedures are located in the customer's Azure environment.
The exact setup depends on the agreed responsibility model and the Azure services used in the deployment.
UPDATES
The update process is agreed as part of the private deployment operating model.
Depending on your requirements, SLASCONE updates can be installed with prior approval or according to an agreed maintenance process. Different rules can be defined for DEV, QA, and PROD environments.
We recommend validating updates in a non-production environment before applying them to production.
POST-INSTALLATION STEPS
After the initial installation, temporary deployment access can usually be removed or restricted.
The final operating model should define how updates, monitoring, support, identity configuration, and Azure access are handled going forward.
At this point, the focus can shift from infrastructure preparation to the actual SLASCONE setup, such as products, editions, licenses, API integration, analytics, and rollout.
Comments
0 comments
Please sign in to leave a comment.