This quick tip guides you in your first steps of onboarding Azure Management Groups into your Enterprise-Scale Architecture.

Before getting started with deploying your Management Group hierarchy, make sure to initialize your root hierarchy. This is required and takes up to a couple of minutes before you can deploy your first management group. If you don’t, you’ll hit a couple of issues when automating your management hierarchy deployment.

Below is a quick how-to PowerShell script:

# Log in first with Connect-AzAccount if not using Cloud Shell

$azContext = Get-AzContext
$azProfile = [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile
$profileClient = New-Object -TypeName Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient -ArgumentList ($azProfile)
$token = $profileClient.AcquireAccessToken($azContext.Subscription.TenantId)
$authHeader = @{
    'Content-Type'='application/json'
    'Authorization'='Bearer ' + $token.AccessToken
}

# Invoke the REST API
$restUri = 'https://management.azure.com/providers/Microsoft.Management/startTenantBackfill?api-version=2020-05-01'
$response = Invoke-RestMethod -Uri $restUri -Method Post -Headers $authHeader

The response should be like something like this.

After the initialization of your Tenant Root Group has been completed, you can start working on your own hierarchy.

Thank you!

Thank you for reading through this blog post, I hope you liked the quick tip, which can get you started on your management group onboarding process.

If you encounter any new insights, feel free to drop me a comment or contact me via mail or other social media channels