Connecting with a VPC on Azure
To allow Cube Cloud to connect to a Virtual Network on Azure, the following information is required:
- Virtual Network Name: This can be found in the Virtual Networks section of the Azure Portal.
- Tenant ID: This can be found under Azure Active Directory > Properties > Tenant ID in the Azure Portal.
Unfortunately Azure cross-tenant peering suppose that you grant peering role to the user id/service principal to the peering party Below the list of steps that would register Cube Cloud tenant at your organization and grant peering access to Cube Cloud service principal
Add Cube tenant to your organization
First the Cube Cloud tenant must be added to your organization. To do this, open the Azure Portal and go to Azure Active Directory > External Identities > Cross-tenant access settings > Organizational Settings > Add Organization.
For Tenant ID, enter 197e5263-87f4-4ce1-96c4-351b0c0c714a
. Make sure that B2B
Collaboration > Inbound Access > Applications is set (or inherited) so that it
Allows access
Register Cube Cloud service principal at your organization
Cube Cloud service principal
info: Client ID: 0c5d0d4b-6cee-402e-9a08-e5b79f199481
Name:
cube-dedicated-infra-sp
Using browser tab where account that has rights to register
Enterprise applications
is logged in open the following url:
https://login.microsoftonline.com/**Tenant
ID**/oauth2/authorize?client_id=0c5d0d4b-6cee-402e-9a08-e5b79f199481&response_type=code&redirect_uri=https%3A%2F%2Fwww.microsoft.com%2F
Select Consent on behalf of your organization
And click Accept
Grant peering permissions to Cube Cloud service principal on your Virtual Network
As peering role
you can use built-in Network contributor
or custom role that
has the following permissions:
- Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write
- Microsoft.Network/virtualNetworks/peer/action
- Microsoft.ClassicNetwork/virtualNetworks/peer/action
- Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read
- Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete
On the Azure Portal, go to Virtual networks
> Virtual
Network Name > Access Control (IAM)
> Add
> Add role assignment
Role =
peering role
Members: cube-dedicated-infra-sp
Firewall
Make sure that your firewall rules allow inbound and outbound traffic
When you are reaching out Cube Cloud support please provide following information:
- Virtual Network ID: You can find it at
Virtual Networks
> Virtual Network Name >Overview
>JSON view
>Resource ID
on Azure Portal. - Virtual Network Address Spaces: You can find it at
Virtual Networks
> Virtual Network Name >Overview
>JSON view
>properties
>addressSpace
on Azure Portal. - Tenant ID: You can find it in
Azure Active Directory
>Properties
>Tenant ID
section of Azure Portal.
We support all general purpose regions
Did you find this page useful?