Azure ITAR M365

Getting your Azure Government Tenant

ByMike Poulson

Apr 28, 2023

Getting your first Azure Government tenant for GCC-HIGH and IL4 operations isn’t as simple as signing up on line. You have to go through a number of approval steps with Microsoft and the U.S. Government then work with an approved reseller to get your licenses.

Azure Public and the commercial M365/O365 services can be acquired fully self-service, however because Azure Government is for the DoD, Defense Contractors, Criminal Justice/FBI, and for holding ITAR/CUI there is a few extra steps.

This post will cover the steps and requirements to get your Azure Government Tenant.

Did you know: Once you have your first Azure Government tenant you can create as many more as you want/need afterwards via https://portal.azure.us/#view/Microsoft_AAD_IAM/CreateDirectoryBlade/releaseCreateOperation~/false

Requirements to get an Azure Government Tenant

  1. Please provide a valid company website
  2. Please provide one of the following:
  • A copy of Government signed contract (direct or indirect), signed PO, or signed Invoice from a valid US Government entity, or another eligible previously validated and approved entity directly doing business with a valid US Government entity.
  • Documented evidence of a US Government contract through a GSA Schedule contract (Direct or Indirect) or the contract number
  • A valid CAGE Code or full SAM Registration Unique Entity ID (UEI) to determine eligibility to do business with the US Government (www.sam.gov)
  • A sponsor letter directly from a valid US Government entity, or another previously validated and approved government contractor or solution provider directly doing business with a valid US Government entity.  This must be on sponsor letterhead, dated within 12 months, include the sponsor signature (ink or certified electronic), be in a non-modifiable format, and confirm an established business relationship between that US Government / approved government contractor / solution provider and your business.  (A sample sponsor letter is attached if needed)

Step 1: Get SAM.GOV ID

Getting a SAM.GOV ID is the easiest option if you want to start to work in Azure Government for your business or personally. However, you must qualify to as a business entity to do business with the U.S. Government and complete all the items with getting your SAM.GOV ID.

Tips when getting your SAM.GOV ID

Don’t use your home address or personal phone number

  1. Decide what state you want your LLC in – I recommend Navada – https://goremote.virtualpostmail.com/article/reasons-why-you-should-have-a-nevada-llc/
  2. Get a Virtual Mailbox – I recommend https://virtualpostmail.com
  3. Be sure your LLC or Sole Proprietorships is registered with your state – this will have a fee
  4. Get your EIN with the IRS at https://www.irs.gov/businesses/small-businesses-self-employed/apply-for-an-employer-identification-number-ein-online
  5. Request your login.gov login
  6. Request your SAM.GOV
  7. You will need your SAM.GOV registration to be complete and Active with a CAGE CODE and Unique Entity ID assigned.
  8. The process will take ~2-3 weeks

STEP 2: Request Azure Government Trial

  1. Complete the Azure Government Trial request form at https://azure.microsoft.com/en-us/contact/government-trial/
    • Note: When entering your desired domain name note that this cannot be changed and is the base domain for your tenant. It will be visible in your production environment on some APIs and URLs
    • Domain Name cannot be changed
  2. Wait for emails from “US Government Cloud Eligibility” – usgcce@microsoft.com
    • Microsoft is required to confirm your entry in SAM.GOV so you will have to make sure your Company name, email, and other information is correct
  3. Once approved you will be provided
    • Tenant Username/Password
    • Approval as Level 2/Level 3 notice – Keep this email – You must provide when you request your M365 account
  4. Login to https://portal.azure.us/ to start using your new Gov Tenant.

STEP 3: Request M365/O365 GCC-HIGH License

Note: If you want to use any of the GCC-HIGH/M365/O365 products you will need to work with an approved CSP reseller to get licenses. You can use Azure services by creating your subscription and resources directly within the portal. However, if you want any Azure Active Directory Premium P1 or P2 you will need to go through a reseller.

  1. Find your Reseller at https://learn.microsoft.com/en-us/azure/azure-government/documentation-government-csp-list
  2. Request a license/quote from your reseller
  3. Determine if you want G3 or G5 and if you want M365 or O365 services
    • Note: Services are billed annually
  4. Complete your order and start using your tenant!

Example of some features that are not available in Azure Government

  1. “Trials of Enterprise Mobility + Security are not available in this Environment”
  2. “Trials of Azure AD Premium are not available in this Environment”

Step 4: Link your license to your Tenant

Once you have signed your license agreement with Microsoft you will be directed to either provide a new name to use <name>.onmicrosoft.us or to link to your existing tenant.

To link to an existing tenant your will be provided a URL like https://signup.microsoft.us/signup?vlid=<guid>&pcn=<id>&pi=5

By Mike Poulson

Leave a Reply

Your email address will not be published. Required fields are marked *