Provisioning

Overview

Provisioning is the process of setting up and managing resources, services, or configurations for users or systems within an organization. In Atria, provisioning extends beyond simple setup tasks to include seamless integration with external systems and dynamic resource management. This includes creating new resources, updating configurations, and managing the lifecycle of objects such as users, servers, and applications.

Atria’s provisioning system is designed to be efficient, scalable, and flexible. It uses a combination of asynchronous processing, dynamic rule execution, and real-time status tracking to ensure provisioning tasks are handled smoothly and effectively. By decoupling the initiation of provisioning tasks from their execution, Atria allows administrators to start a process and continue other activities while the system works in the background.

Atria provides a robust framework that includes:

• A centralized Provisioning Engine for managing and executing tasks.
• A database-driven model for tracking the status and results of provisioning activities.
• Customisable logic and workflows through Provisioning Rules and Actions, enabling tailored automation.
• Built-in support for error handling, logging, and monitoring to ensure transparency and reliability.

Whether you're provisioning users for collaboration platforms like Azure AD or managing infrastructure resources like virtual machines, Atria's provisioning system streamlines the process, enhances consistency, and reduces administrative overhead.

Atria Provisioning Processes

Atria provides a standardized system for provisioning. Provisioning processes are handled asynchronously, meaning users can initiate a provisioning process and let it complete in the background.

Atria uses a database to track the Provisioning state of Objects, Messages to structure information into Provisioning Requests, Queues to route and deliver messages, and Provisioning Processes to define the steps to be executed.

The Atria Provisioning Engine listens to queues for any new provisioning requests. When a new message is received, Atria dynamically loads and executes the appropriate provisioning process. During this process, the execution status is updated for the associated Atria object. Upon completion, the request is marked as Success (Green) or Failed (Red), and the related object status is updated accordingly.

In Atria, Provisioning refers to creating an object in an external system (e.g., creating a user in Azure AD or adding a database server). Deprovisioning refers to the removal of an object (e.g., removing a user from Azure AD or deleting a VDI for a user).

Provisioning Engines and Environments

Each Atria environment has an associated provisioning engine. Customers within that environment will have their provisioning requests processed by that environment's engine.

The platform environment, where Atria is installed, also has a provisioning engine. It processes all messages before routing them to the customer environment. The platform engine is the only environment with access to the Atria database, and it handles tasks like database updates or cloud service interactions, either before or after provisioning processes run in the customer environment.

Atria provides an event-based structure for provisioning logic, allowing customised processes to be executed in the correct location and sequence.

Provisioning Requests

A Provisioning Request contains all the contextual information needed for a provisioning process. Each request consists of steps that make up the process, along with a Hashtable of property/value pairs. This hashtable can include arrays or other nested hashtables.

Common header properties in a provisioning request include the RequestID, the related ObjectID, and the Request Type. Once a request is created, it is packaged into a message and dispatched for execution.

Provisioning Processes, Rules, and Actions

Provisioning processes are built from a series of Provisioning Rules:

• Each Provisioning Rule calls a Provisioning Action.
• Each Provisioning Action performs a logical, reusable task.
• The Provisioning Rule specifies which request parameters should be passed into the Provisioning Action.

Atria provides over 200 pre-built Provisioning Actions that can be reused in any process. Some examples include:

• Create DNS A Record
• Create AD User
• Create Azure AD Security Group

More generic actions include:

• Execute SQL Script
• Execute PowerShell Script
• Execute Command

Each rule can have a logical condition applied, for example: {Country} = "United Kingdom" This condition ensures that the rule only executes if the "Country" parameter in the request matches "United Kingdom." Any valid Visual Basic Expression can be used.

Provisioning rules are stored in the Atria database and are dynamically compiled at runtime. This "soft" architecture allows logic to be easily modified without requiring a new software release.

Logging

Provisioning requests can be logged at varying levels, based on configuration. At the most granular level, Atria logs the execution time and details of each rule execution. This data is stored in the database against each provisioning request.

Editing Provisioning Logic

The Provisioning Manager is an inbuilt Windows utility for viewing and editing provisioning logic. It allows core processes to be loaded and rule changes to be saved back to the Atria database.

Each Atria release may update standard provisioning processes. Rule changes made to core rules will be replaced during upgrades. However, events are provided to attach custom logic, ensuring that processes can be extended without losing changes during an upgrade.

Custom Services

When creating a custom service, associated provisioning rules can be exported using the Service Export feature. These rules can then be imported with the Service into other environments.