Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Private Link Resource - Storage Account in Another Tenant #72045

Closed
ghost opened this issue Mar 11, 2021 · 6 comments
Closed

Private Link Resource - Storage Account in Another Tenant #72045

ghost opened this issue Mar 11, 2021 · 6 comments
Assignees
@SaiKishor-MSFT
Labels
cxp Pri1 private-link/svc product-question triaged

Comments

@ghost
Copy link

ghost commented Mar 11, 2021

When we create private endpoint for storage account, does it support a storage account from a subscription in different AAD tenant?

image

[Enter feedback here]

Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
@SaiKishor-MSFT SaiKishor-MSFT self-assigned this Mar 12, 2021
@SaiKishor-MSFT
Copy link
Contributor

Thanks for the feedback! We are currently investigating and will update you shortly.

@SaiKishor-MSFT
Copy link
Contributor

Yes. Private endpoints can connect to Private Link services or to an Azure PaaS across Azure Active Directory tenants. Private endpoints that connect across tenants require a manual request approval. Please let me know if you have any further questions. Thank you!

@ghost
Copy link
Author

ghost commented Mar 12, 2021

@SaiKishor-MSFT That's a great information. I'm very excited!
So in tenant A, I create a private endpoint for storage account type of resource.
and I want to point to a storage account account resource in tenant B
what I should input in the "resource id or alias" field?
does it accept resource id from tenant B?

Thank you so much!

@SaiKishor-MSFT
Copy link
Contributor

@RonnieQuan Yes you should input the resource ID of the storage account and use Manual request. Then approved by the Storage owner using Private Link Center or Storage resource manage on Private Endpoint Connections section. Find more details here in document.

Please also find the Powershell command here in document. Hope this helps.

@ghost
Copy link
Author

ghost commented Mar 12, 2021

Looks perfect, I have tested and put the test result in
https://cloudjourney.medium.com/azure-private-endpoint-across-aad-tenant-f5fa86abb948

@SaiKishor-MSFT
Copy link
Contributor

@RonnieQuan Great article! Thanks for sharing.
We will now proceed to close this thread. If there are further questions regarding this matter, please tag me in your reply. We will gladly continue the discussion and we will reopen the issue. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SaiKishor-MSFT SaiKishor-MSFT

Labels
cxp Pri1 private-link/svc product-question triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@PRMerger14 @SaiKishor-MSFT