Management groups (MGs) are currently at the scope of a single tenant only. Customer(s) wish to use Management groups in a multi-tenanted scenarios and want management groups to span multiple AAD tenants. Otherwise they would have to replicate the MG(s) across each tenant and then apply the same Azure polices and RBAC roles multiple times to MGs in each tenant separately, which becomes a management/maintenance issue.
We are designing a feature that will allow Management groups to connect to subscriptions and management groups in different tenants. There is no timeline yet other than it is being planned for the 2nd half of 2019 to be worked on.
One question we do have is what services in Azure would you like to see supported in the cross tenant scenario? Azure Policy, Blueprints, RBAC Accesses, Security Monitoring, Deployments, etc…
Can I ask, has this progressed at all, or was it completely dependant on feedback? As a CSP Partner, with multiple customers, and thus tenants, which my company manages, I'm crying out for cross-tenant management groups. I would see huge value particularly in RBAC, Blueprint, and Policies. Security monitoring would be great as well. As for Deployments, how would that work exactly - does that mean we could perform, say, an ARM template deployment at the management group level? If so, then **** yeah, im all in for that too! Please let me know if progress is being made, and where i might be able to keep track of further developments? Thanks
McGill, Matthew H (CGI Federal) commented
I would expect cross-tenant management groups to be an extension of Azure delegated resource management. That way all of the cross-tenant management experiences possible via Azure Lighthouse would apply.
Azure Policy, Blueprints, RBAC Accesses, Security Monitoring, Deployments or services that generally fit into a share services CSP model. for means of domain and resource Tenant segregation commonly used within highly restricted industries. e.g. Banks
Policies, RBAC(IAM) and Blueprints are important. Additionally Cost Management would be a good add.