search
HomePlatformPricing
githubEdit

Cross-Tenant Resource Sharing

Allow multiple Tenants access to the same resources

Cross-tenant access enables you to share access to resources and services between two DuploCloud Tenants. You can configure the DuploCloud Portal to support various types of Cross-tenant access.

Configure Cross-tenant access to:

circle-info

These features are currently only available for AWS.

hashtag
Prerequisites

Before you can use Cross-tenant access, you must do the following:

  • In the Security Group associated with each tenant, add a Security Group rule to allow the required port access between the tenants that need cross-tenant access.

  • When accessing a resource in a tenant, include the full application namespace in the URL using this format: 

https://NAMESPACE.duploservices-TENANT_NAME:PORT

hashtag
Granting General (Non-IAM Restricted) Access Between Tenants

When you grant general (non-IAM restricted) access between tenants, you allow one DuploCloud tenant full access to another tenant’s workspace or namespace. Security Groups in your underlying cloud platform define any restrictions.

To grant Cross-tenant access only to specific services restricted by IAM policies, see the next section.

  1. In the DuploCloud Portal, navigate to Administrator -> Tenants.

  2. Select the Tenant whose resources you want to share from the NAME column.

  3. Click the Security tab.

  4. Click Add. The Add Tenant Security pane displays.

    Add Tenant Security pane

  5. From the Source Type list box, select Tenant.

  6. From the Tenants list box, select the Tenant that will share resources.

  7. From the Protocol list box, select the protocol to use for sharing.

  8. In the Port Range field, specify the range of ports to which you want to grant access.

  9. Add a user-friendly Description of this sharing rule.

  10. Click Add.

hashtag
Granting Cross-Tenant Access to Specific IAM-Restricted Services

To allow access or create a share between Tenants for specific IAM-restricted services, perform this procedure using the Tenant Grants tab. Tenants sharing resources must reside within the same region in the AWS Portal.

To establish general non-IAM restricted Cross-tenant access, see the previous section.

You can share access to the following Services between Tenants:

To configure cross-tenant access:

  1. In the DuploCloud portal, navigate to Administrator -> Tenants.

  2. From the NAME column, select the tenant that currently has access to the restricted resource you want to share.

  3. Click the Grants tab. Select Allow Other Tenants to access TENANT_NAME, where TENANT_NAME is the Tenant you selected.

    Grants tab with Allow Other Tenants to access TENANT_NAME option

  4. Click Add. The Grant Cross-Tenant Access pane displays.

    Grant Cross-Tenant Access pane

  5. From the Requesting Tenant list box, select the Tenant with which access will be shared.

  6. From the Access to Area list box, select the restricted policy-based resource you want to share.

  7. Click Create. Your cross-tenant access share is now created.

hashtag
Viewing Cross-Tenant Grants to Restricted Policy-Based Resources

  1. In the DuploCloud portal, navigate to Administrator -> Tenants.

  2. From the NAME column, select the tenant whose cross-tenant grants you want to view.

  3. Click the Grants tab. Select Allow Other Tenants to access TENANT_NAME, where TENANT_NAME is the Tenant you selected.

  4. The resources that TENANT_NAME can access are displayed.

Grants tab on the Tenant page
PreviousDatabase Access for UsersNextEncryption

Last updated

Was this helpful?