Hi,
I am trying to do VNET Peering between two different tenants.
I am using azure service principle to do it, the user has all the appropriate permissions (Owner/Network Contributor).
From az cli with the command “az network vnet peering create”
its working well.
From terraform, i am getting the following error:
**unexpected status 403 (403 Forbidden) with error: LinkedAuthorizationFailed: The client has permission to perform action ‘Microsoft.Network/virtualNetworks/peer/action’ on scope ‘VNET_RESOURCE_ID/virtualNetworkPeerings/AUDC-Domain-services-To-umptest-vnet-eu’, however the current tenant **** is not authorized to access linked subscription **.
in my terraform code I have two providers defined with the subscription and tenant for each resource of vnet I am creating.
this is the terraform code:
resource "azurerm_virtual_network_peering" "peering1" {
name = "PEERING1"
resource_group_name = var.resource_group
virtual_network_name = var.vnet_name
remote_virtual_network_id = "/subscriptions/${var.remote_subscription}/resourceGroups/${var.remote_rg}/providers/Microsoft.Network/virtualNetworks/${var.remote_vnet}"
allow_virtual_network_access = true
provider = azurerm.primary
}
resource "azurerm_virtual_network_peering" "peering2" {
name = "peering2"
resource_group_name = var.remote_rg
virtual_network_name = var.remote_vnet
remote_virtual_network_id = var.vnet_id
allow_virtual_network_access = true
provider = azurerm.secondary
}