Forum Discussion
Securing app services across multiple AAD tenants
It sounds like you're encountering a common challenge with using Azure App Service Restrictions across multiple tenants. While I can't provide a definitive solution, I can offer some suggestions:
Consider using Azure Private Link instead of App Service Restrictions: Private Link allows you to access your App Services over a private endpoint within your own virtual network, rather than via a public IP address. This would give you more control over the network traffic and could potentially solve your cross-tenant access issues.
Use Azure ExpressRoute to connect the two tenants: ExpressRoute allows you to create private connections between Azure datacenters and infrastructure that's on-premises or in another cloud. This would give you a dedicated, private connection between the two tenants that you could use for secure communication.
Use Azure Traffic Manager to route traffic between the two tenants: Traffic Manager is a global DNS-based traffic load balancer that allows you to route incoming traffic across multiple Azure regions, datacenters, and networks. You could use it to route traffic between the two tenants in a secure and controlled way.
Consider using a VPN or Virtual Network Gateway to connect the two tenants: A VPN or Virtual Network Gateway would allow you to create a secure, encrypted tunnel between the two tenants over the public internet, which could be used for secure communication between the two.
I hope these suggestions are helpful, and that you're able to find a solution that works for your specific situation.