azure - vnet peering across tenants - however the current tenant not auth to linked sub...

[Franco König]

hi all

i try to create a vnet peering between 2 different azure tenants. but it will fails. i try it with a SP Account and also with normal User where both Users from both Tenants are global administrator. but i can not create it, i always get the same failure:

however the current tenant 'xxxxx' is not authorized to access linked subscription 'xxxx'."

i try it with powershell, that will works. so is there a way to get this working?

code:

resource "azurerm_resource_group" "rg1" {

 name     = "RG_Vnet_Peering_02"

 location = "westeurope"

 provider = "azurerm.SUB-N4K-FK"

 }

resource "azurerm_resource_group" "rg2" {

 name     = "RG_Vnet_Peering_02"

 location = "westeurope"

 provider = "azurerm.SUB-Gmail-FK"

 }

resource "azurerm_virtual_network" "vn1" {

 name                = "vnet-peering-vn-01"

 resource_group_name = azurerm_resource_group.rg1.name

 address_space       = ["10.200.0.0/16"]

 location            = "westeurope"

 provider            = "azurerm.SUB-N4K-FK"

 }

resource "azurerm_virtual_network" "vn2" {

 name                = "vnet-peering-vn-01"

 resource_group_name = azurerm_resource_group.rg2.name

 address_space       = ["10.100.0.0/16"]

 location            = "westeurope"

 provider            = "azurerm.SUB-Gmail-FK"

 }

resource "azurerm_subnet" "vnsn1" {

 name                 = "Server"

 resource_group_name  = azurerm_resource_group.rg1.name

 virtual_network_name = azurerm_virtual_network.vn1.name

 address_prefix       = "10.200.1.0/24"

 provider             = "azurerm.SUB-N4K-FK"

 }

resource "azurerm_subnet" "vnsn2" {

 name                 = "Server"

 resource_group_name  = azurerm_resource_group.rg2.name

 virtual_network_name = azurerm_virtual_network.vn2.name

 address_prefix       = "10.100.1.0/24"

 provider             = "azurerm.SUB-Gmail-FK"

 }

resource "azurerm_virtual_network_peering" "vnetpeering1" {

 name                         = "N4K-TO-GMAIL-FK"

 resource_group_name          = azurerm_resource_group.rg1.name

 virtual_network_name         = azurerm_virtual_network.vn1.name

 remote_virtual_network_id    = azurerm_virtual_network.vn2.id

 allow_virtual_network_access = true

 allow_forwarded_traffic      = true

 provider                     = "azurerm.SUB-N4K-FK"

}

resource "azurerm_virtual_network_peering" "vnetpeering2" {

 name                         = "GMAIL-TO-N4K-FK"

 resource_group_name          = azurerm_resource_group.rg2.name

 virtual_network_name         = azurerm_virtual_network.vn2.name

 remote_virtual_network_id    = azurerm_virtual_network.vn1.id

 allow_virtual_network_access = true

 allow_forwarded_traffic      = true

 provider                     = "azurerm.SUB-Gmail-FK"

}

regards frank

[Eilesh Gondalia]

Did you ever get this working?  Any help would be appreciated

[rafael veloso]

Hello Bro,

I'm facing the same issue, did you solve this?