You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/virtual-network-manager/concept-cross-tenant.md
+9-4Lines changed: 9 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -24,16 +24,21 @@ Cross-tenant support in Azure Virtual Network Manager allows you to add subscrip
24
24
25
25
- Acquisitions – In instances where organizations merge through acquisition and have multiple tenants, cross tenant support allows a central network manager to manage virtual networks across the tenants.
26
26
27
-
-Manage service provider – In managed service provider scenarios, an organization may manage the resources of other organizations. Cross-tenant support will allow central management of virtual networks by a central service provider for multiple clients.
27
+
-Managed service provider – In managed service provider scenarios, an organization may manage the resources of other organizations. Cross-tenant support will allow central management of virtual networks by a central service provider for multiple clients.
28
28
29
29
## Cross-tenant connection
30
30
31
-
Establishing cross-tenant support begins with creating a cross tenant connection between two tenants. Cross-tenant support requires two-way consent from both your network manager and from the tenant, in the form of cross-tenant connection objects. A cross-tenant connection can only be established and maintained when both objects from each party exist.
31
+
Establishing cross-tenant support begins with creating a cross tenant connection between two tenants. Cross-tenant support requires two-way consent--one from the network manager, the other from the target tenant's virtual network manager hub. The connections are as follows:
32
32
33
-
Next, you create a cross-tenant connection from your network manager. The connection includes the exact scope of the tenant’s subscriptions and/or management groups to manage in your network manager. Then, the tenant creates a cross-tenant connection from their virtual network manager hub. This connection includes the scope of subscriptions and/or management groups to be managed by the central network manager.
33
+
- Network manager connection - You create a cross-tenant connection from your network manager. The connection includes the exact scope of the tenant’s subscriptions or management groups to manage in your network manager.
34
+
- Virtual network manager hub connection - the tenant creates a cross-tenant connection from their virtual network manager hub. This connection includes the scope of subscriptions or management groups to be managed by the central network manager.
34
35
35
-
Once a cross-tenant connection is established, administrators can use their network manager to manage virtual networks included in the connection scope. This may involve the deployment of connectivity and/or security admin rules, either new or existing.
36
+
Once both cross-tenant connections exist and the scopes are exactly the same, a true connection is established admins. Administrators can use their network manager to add cross-tenant resources to their NGs and to manage virtual networks included in the connection scope. Existing connectivity and/or security admin rules will be applied to the resources based on existing configurations.
36
37
38
+
A cross-tenant connection can only be established and maintained when both objects from each party exist. When one of the connections is removed, the cross-tenant connection is broken. If you need to delete a cross tenant connection, you'll perform the following:
39
+
40
+
-
41
+
-
37
42
## Required Permissions
38
43
39
44
To use cross-tenant connection in Azure Virtual Network Manager, users need the following permissions:
0 commit comments