You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/virtual-network-manager/deploy-cross-tenant-ip-address-management.md
+14-34Lines changed: 14 additions & 34 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,5 +1,5 @@
1
1
---
2
-
title: 'Tutorial: Deploy cross-tenant IP address management'
2
+
title: 'Deploy cross-tenant IP address management'
3
3
description: In this tutorial, you learn how to deploy a virtual network in a managed tenant that uses an IP address allocation from an Azure Virtual Network Manager IPAM pool in a management tenant.
4
4
author: mbender-ms
5
5
ms.author: mbender
@@ -8,18 +8,9 @@ ms.topic: tutorial
8
8
ms.date: 05/05/2025
9
9
---
10
10
11
-
# Tutorial: Deploy cross-tenant IP address management
11
+
# Deploy cross-tenant IP address management
12
12
13
-
In this tutorial, you learn how to deploy a virtual network in a managed tenant (Tenant B) that draws from an Azure Virtual Network Manager (AVNM) IP Address Management (IPAM) pool maintained in a management tenant (Tenant A). This process demonstrates how a parent organization can centrally manage IP address allocations across multiple child organizations that exist in different Azure tenants.
14
-
15
-
In this tutorial, you learn how to:
16
-
17
-
> [!div class="checklist"]
18
-
> * Understand the cross-tenant AVNM IPAM architecture
19
-
> * Create an IPAM allocation in the management tenant
20
-
> * Associate a virtual network in a managed tenant with an IPAM pool from the management tenant
21
-
> * Configure a multi-tenant service principal for programmatic cross-tenant IPAM management
22
-
> * Deploy a virtual network using CLI/REST that references a cross-tenant IPAM pool
13
+
In this article, you learn how to deploy a virtual network in a managed tenant (Tenant B) that draws from an Azure Virtual Network Manager (AVNM) IP Address Management (IPAM) pool maintained in a management tenant (Tenant A). This process demonstrates how a parent organization can centrally manage IP address allocations across multiple child organizations that exist in different Azure tenants.
23
14
24
15
## Prerequisites
25
16
@@ -57,6 +48,8 @@ In this example, the managed tenant (Tenant B) is a child organization that cons
57
48
58
49
## Deploy cross-tenant IPAM
59
50
51
+
In thi
52
+
60
53
# [Azure portal](#tab/azureportal)
61
54
62
55
### Create an IPAM allocation in the management tenant
@@ -69,35 +62,22 @@ In this example, the managed tenant (Tenant B) is a child organization that cons
69
62
70
63
1. Select the IPAM pool where you want to create an allocation.
71
64
72
-
1. Select **Allocate CIDR** to begin creating an allocation.
73
-
74
-
1. When prompted to associate a resource, select **Associate a resource**, then choose **Cross-tenant resource** option.
75
-
76
-
### Select the managed tenant and authenticate
77
-
78
-
1. When prompted to select a tenant, enter or select the tenant ID of Tenant B.
65
+
1. Select **+ Create**>**Allocate resources**.
79
66
80
-
1. The portal will prompt you to authenticate with credentials that have appropriate permissions in Tenant B.
67
+
1. In the **Allocate resources** pane, select the **Tenant :** dropdown and choose choose the managed tenant (Tenant B) where you want to allocate IP addresses.
68
+
1. Select **Apply** and then select **Authenticate**.
81
69
82
-
1. Sign in with credentials that have Network Contributor permissions in Tenant B.
70
+
> [!NOTE]
71
+
> The authentication process requires you to sign in with a user or service principal that has the *Network Contributor* role in Tenant B at the subscription or resource level.
83
72
84
-
### Select the resource to manage
85
-
86
-
1. After authentication, select the subscription in Tenant B where you want to create or manage resources.
87
-
88
-
1. Choose the virtual network (or the resource group where you'll create a virtual network) that will use the IP allocation.
89
-
90
-
1. Complete the allocation process by selecting the appropriate settings for the IP prefix allocation.
91
-
92
-
1. Select **Create** to finalize the allocation.
73
+
1. After authentication, select the virtual network you want to associate with the IP address pool and select **Associate**.
93
74
94
75
### Verify the cross-tenant association
95
76
96
-
1. In Tenant A's portal view, navigate to the IPAM pool and verify that the cross-tenant resource appears in the list of allocations.
97
-
77
+
1. In Tenant A's portal view, navigate to your IP address pool and select **Allocations** under **Settings**.
78
+
1. Select **Resources** and verify that the virtual network from Tenant B is listed as an allocated resource.
98
79
1. Switch to Tenant B's portal view and navigate to the virtual network that received the allocation.
99
-
100
-
1. Verify that the virtual network shows the IP address space allocated from the management tenant's IPAM pool.
80
+
1. Select **Subnets** under **Settings** and verify the name listed in the **IPAM pool** column matches the name of the IPAM pool in the management tenant (Tenant A).
0 commit comments