Explore the first run experience

  • 15 minutes

The organization you work for wants to increase the efficiency and capabilities of its security analyst to improve security outcomes. In support of that objective, the office of the CISO determined that deploying Microsoft Copilot for Security is a key step towards that objective. As the Security administrator for your organization, you're tasked with setting up Copilot.

In this exercise, you go through the first run experience of Microsoft Copilot for Security to provision Copilot with one security compute unit (SCU).

Note

The environment for this exercise is a simulation generated from the product. As a limited simulation, links on a page may not be enabled and text-based inputs that fall outside of the specified script may not be supported. A pop-up message will display stating, "This feature is not available within the simulation." When this occurs, select OK and continue the exercise steps.
Screenshot of pop-up screen indicating that this feature is not available within the simulation.

Exercise

For this exercise, you're logged in as Avery Howard and you have the global administrator role in Microsoft Entra. You'll work in both the Azure portal and Microsoft Copilot for Security.

This exercise should take approximately 15 minutes to complete.

Note

When a lab instruction calls for opening a link to the simulated environment, it is generally recommended that you open the link in a new browser window so that you can simultaneously view the instructions and the exercise environment. To do so, select the right mouse key and select the option.

Task: Set role permissions

Before users can start using Copilot, admins need to provision and allocate capacity. To provision capacity:

  • You must have an Azure subscription.
  • You need to be an Azure owner or Azure contributor, at a resource group level, as a minimum.

In this task, you walk through the process of ensuring you have the appropriate role permissions. This starts by enabling access management for Azure resources.

Why is this needed? As a Global Administrator in Microsoft Entra ID, you might not have access to all subscriptions and management groups in your directory. Microsoft Entra ID and Azure resources are secured independently from one another. That is, Microsoft Entra role assignments don't grant access to Azure resources, and Azure role assignments don't grant access to Microsoft Entra ID. When you elevate your access, you're assigned the User Access Administrator role in Azure at root scope (/). This allows you to view all resources and assign access in any subscription or management group in the directory. For details, see Elevate access to manage all Azure subscriptions and management groups..

Once you're assigned the User Access Administrator role in Azure, you can assign a user the necessary access to provision SCUs for Copilot. For the purpose of this exercise only, which is to show you the steps involved, you will be assigning yourself the necessary access. The steps that follow will guide you through the process.

  1. Open the simulated environment by selecting this link: Azure portal.

  2. You'll start by enabling Access management for Azure resources. To access this setting:

    1. From the Azure portal, select Microsoft Entra ID.
    2. From the left navigation panel, expand Manage.
    3. From the left navigation panel, scroll down and select Properties.
    4. Enable the toggle switch for Access management for Azure resources, then select Save.

  3. Now that you can view all resources and assign access in any subscription or management group in the directory, assign yourself the Owner role for the Azure subscription.

    1. From the blue banner on the top of the page, select Microsoft Azure to return to the landing page of the Azure portal.
    2. Select Subscriptions then select the subscription listed Woodgrove - GTP Demos (Exernal/Sponsored).
    3. Select Access control (IAM).
    4. Select Add, then Add role assignment.
    5. From the Role tab, select Privileged administrator roles.
    6. Select Owner, then select Next.
    7. Select + Select members.
    8. Avery Howard is the first name on this list, select the + to the right of the name. Avery Howard is now listed under selected members. Select the Select button, then select Next.
    9. Select Allow user to assign all roles except privileged administrator roles, Owner, UAA, RBAC (Recommended).
    10. Select Review + assign, then select Review + assign one last time.

As an owner to the Azure subscription, you'll now be able to provision capacity within Copilot.

Task: Provision capacity

In this task, you go through the steps of provisioning capacity for your organization. There are two options for provisioning capacity:

  • Provision capacity within Copilot for Security (recommended)
  • Provision capacity through Azure

For this exercise, you provision capacity through Copilot for Security. When you first open Copilot for Security, a wizard guides you through the steps in setting up capacity for your organization.

  1. Open the simulated environment by selecting this link: Microsoft Copilot for Security.

  2. Follow the steps in the Wizard, select Get started.

  3. On this page, you set up your security capacity. For any of the fields listed below, you can select the information icon for more information.

    1. Azure subscription: From the drop-down, select Woodgrove - GTP Demos (External/Sponsored).
    2. Resource group: From the drop-down, select RG-1.
    3. Capacity name: Enter a capacity name.
    4. Prompt evaluation location [Geo]: From the drop-down, select your region.
    5. You can choose whether you want to select the option, "If this location has too much traffic, allow Copilot to evaluate prompts anywhere in the world (recommended for optimal performance).
    6. Capacity region is set based on location selected.
    7. Security compute: This field is automatically populated with the minimum required SCU units, which is 1. Leave field with the value of 1.
    8. Select the box, "I acknowledge that I have read, understood, and agree to the Terms and Conditions.
    9. Select Continue on the bottom right corner of the page.

  4. The wizard displays information about where your customer data will be stored. The region displayed is based on the region you selected in the Prompt evaluation field. Select Continue.

  5. You can select options to help improve Copilot. You can select the toggle based on your preferences. Select Continue.

  6. As part of the initial setup, Copilot provides contributor access to everyone by default and includes Global administrators and Security administrators as Copilot owners. In your production environment, you can change who has access to Copilot, once you've completed the initial setup. Select Continue.

  7. You're all set! Select Finish.

  8. Close the browser tab, as the next exercise will use a separate link to the lab-like environment.

Review

In this exercise, you successfully provisioned Copilot for Security. You're now ready to move to the next exercise where you'll explore the core functionality of Microsoft Copilot for Security.