Microsoft.Azure.Management give access to Virtual Machines

Question

I use Microsoft.Azure.Management to manage Virtual Machines for my tenant, using clientId, clientSecret and tenantId. If another tenant wants to give me access to manage his Virtual Machines, is it possible to connect to his Virtual Machines using this way, changing only the tenantId?

Is it possible to give access to Virtual Machines using Microsoft authorization? And what flow would it be?

Or which way is the best for my needs?

using Microsoft.Azure.Management.Fluent;
using Microsoft.Azure.Management.ResourceManager.Fluent.Authentication;
//...

var creds = new AzureCredentialsFactory().FromServicePrincipal(clientId, clientSecret, tenantId, AzureEnvironment.AzureGlobalCloud);

IAzure azure = Azure.Authenticate(creds).WithDefaultSubscription();

var machines = azure.VirtualMachines.List().ToList();

score 1 · Answer 1 · answered May 29 '20 at 09:44

If another tenant wants to give me access to manage his Virtual Machines, is it possible to connect to his Virtual Machines using this way, changing only the tenantId?

Simply changing the tenant id will not work as the Service Principal (SP) you created to access VMs reside in the original tenant. Somehow you will need that SP to be linked to the other tenant.

Please see this answer for more details: Grant service principal access to application in other tenant.

Microsoft.Azure.Management give access to Virtual Machines

1 Answers1