You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
title: 'Deploy cross-tenant IP address management using the Azure portal'
3
-
description: Learn how to deploy a virtual network in a managed tenant that uses an IP address allocation from an Azure Virtual Network Manager IPAM pool in a management tenant using the Azure portal.
2
+
title: Configure Cross-Tenant IPAM with Azure Virtual Network Manager
3
+
description: Manage IP addresses across tenants with IPAM pools. Follow this guide to deploy and verify cross-tenant allocations.
4
4
author: mbender-ms
5
5
ms.author: mbender
6
6
ms.service: azure-virtual-network-manager
7
7
ms.topic: tutorial
8
-
ms.date: 05/05/2025
8
+
ms.date: 05/21/2025
9
+
ms.custom:
10
+
- ai-gen-docs-bap
11
+
- ai-gen-title
12
+
- ai-seo-date:05/21/2025
13
+
#customer intent: As an IT operator, I want to set up cross-tenant IPAM using Azure Virtual Network Manager so that I can simplify IP address management for multiple tenants.
9
14
---
10
15
11
-
# Deploy cross-tenant IP address management using the Azure portal
16
+
# Configure Cross-Tenant IPAM with Azure Virtual Network Manager
12
17
13
-
This article demonstrates how to deploy a virtual network in a managed tenant (Tenant B) using an IP address allocation from an Azure Virtual Network Manager IP address management (IPAM) pool in a management tenant (Tenant A). You use the Azure portal to configure cross-tenant IPAM, enabling centralized IP address management across multiple tenants. This guide also covers prerequisites, configuration steps, and how to remove IPAM allocations.
18
+
Managing IP addresses across multiple Azure tenants can be complex, especially in large or distributed organizations. Azure Virtual Network Manager simplifies this process by enabling centralized IP address management (IPAM) across tenants. This article shows you how to deploy a virtual network in a managed tenant using an IP address allocation from an IPAM pool in a management tenant, all through the Azure portal. You'll learn about prerequisites, step-by-step configuration, and how to remove IPAM allocations when they're no longer needed.
14
19
15
20
## Prerequisites
16
21
17
22
- An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
23
+
18
24
- Two Azure tenants: a management tenant (Tenant A) and a managed tenant (Tenant B)
19
25
- Management tenant (Tenant A) must have:
20
26
- An Azure Virtual Network Manager instance. If you don't have a network manager instance, see [Create a network manager instance](create-virtual-network-manager-portal.md).
@@ -29,40 +35,58 @@ This article demonstrates how to deploy a virtual network in a managed tenant (T
29
35
### Create an IPAM allocation in the management tenant
30
36
31
37
1. Sign in to the [Azure portal](https://portal.azure.com/) using credentials with access to Tenant A.
38
+
32
39
1. Navigate to **Azure Virtual Network Manager** and locate your network manager instance.
40
+
33
41
1. Select **IP address pools** under **IP address management**.
42
+
34
43
1. Select the IPAM pool where you want to create an allocation.
44
+
35
45
1. Select **+ Create** > **Allocate resources**.
46
+
36
47
1. In the **Allocate resources** pane, select the **Tenant :** dropdown and choose the managed tenant (Tenant B) where you want to allocate IP addresses.
48
+
37
49
1. Select **Apply** and then select **Authenticate**.
38
50
39
-
> [!NOTE]
40
-
> The authentication process requires you to sign in with a user or service principal that has the *Network Contributor* role in Tenant B at the subscription or resource level.
51
+
> [!NOTE]
52
+
> The authentication process requires you to sign in with a user or service principal that has the *Network Contributor* role in Tenant B at the subscription or resource level.
41
53
42
54
1. After authentication, select the virtual network, you want to associate with the IP address pool and select **Associate**.
43
55
44
56
### Verify the cross-tenant association
45
57
46
58
1. In Tenant A's portal view, navigate to your IP address pool and select **Allocations** under **Settings**.
59
+
47
60
1. Select **Resources** and verify that the virtual network from Tenant B is listed as an allocated resource.
61
+
48
62
1. Switch to Tenant B's portal view and navigate to the virtual network that received the allocation.
63
+
49
64
1. Select **Subnets** under **Settings** and verify the name listed under **IPAM pool** matches the name of the IPAM pool in the management tenant (Tenant A).
50
65
51
66
## Remove IPAM allocation
52
67
53
68
To remove an IP allocation from a cross-tenant resource:
54
69
55
70
1. Sign in to the [Azure portal](https://portal.azure.com/) with credentials for Tenant A.
71
+
56
72
1. Navigate to **Azure Virtual Network Manager** and locate your network manager instance.
73
+
57
74
1. Select **IP address pools** under **IP address management**.
75
+
58
76
1. On the **IP address pools** page, select **Allocations** under **Settings**.
77
+
59
78
1. Select the virtual network that you want to remove the IPAM allocation from.
79
+
60
80
1. Select **X Remove**.
81
+
61
82
1. Authenticate to Tenant B and complete authentication.
83
+
62
84
1. Once authenticated, select **Yes** to remove the IPAM allocation.
85
+
63
86
1. Refresh the page to verify that the IPAM allocation is removed.
64
87
65
88
## Next steps
66
89
67
90
-[Learn about IP address management in Azure Virtual Network Manager](./concept-ip-address-management.md)
91
+
68
92
-[Add remote tenant scope in Azure Virtual Network Manager](./how-to-configure-cross-tenant-portal.md)
0 commit comments