Jul 08 2021 05:26 AM
We have a Azure Tenant with One subcription Managed by a CSP. we want to create another Subscription of 7 VM's to run Azure Openshift ( with RH VM's), In the same Region.
The Question is.
- We want to leverage the AD/DC resources in Existing subscription, for this, Do we need to have any Additional Network Components ( vNet Peering etc) ..
- Do we need other network Components like WAF, Firefall, LB etc in the New subcription.
Jul 14 2021 11:44 PM
Oct 06 2021 09:24 AM - edited Oct 08 2021 02:53 AM
you can peer virtual networks that exist in two different subscriptions as long as a privileged user of both subscriptions authorizes the peering and the subscriptions are associated with the same Active Directory tenant.
https://azure.microsoft.com/en-in/updates/vnet-peering-cross-version-cross-subscription/#:~:text=Not....
Once the network peering is established you can replicate the AD sync with each other
assuming if you have Hub and spoke configuration then peer both subscription to the HUB vNet where you have the firewall and route the AD/DNS traffic via firewall .
Hope this helps