question

TeddyDubois29 avatar image
2 Votes"
TeddyDubois29 asked SatishBoddu-MSFT commented

IOT Hub - Subscription move to another tenant


Hello,

I have a practical project to move Azure subscriptions to another Azure AD tenant but I can't find any documentation about IoT Hub support of such move.

I see this question was asked recently but the answer doesn't give me any good arguments why it is not recommended.
"Due to the fact, an IoT Hub has a public endpoint and specific credentials and specific routes to services, it seems complicated to move an IoT Hub to another tenant"
Others Azure services check the same boxes but can be moved. What makes IoT Hub not supported ?

source: https://docs.microsoft.com/en-us/answers/questions/328016/transfer-ownership-of-iothub-to-another-subscripti.html

Thank you,
Teddy

azure-iot-hubazure-ad-tenant
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

SatishBoddu-MSFT avatar image
0 Votes"
SatishBoddu-MSFT answered SatishBoddu-MSFT commented

Hello @TeddyDubois29 This is a great question!.

Updated: 5/13/2021:

Move to a different Tenant\Directory[Transferring Ownership]:

Please refer to **Transfer an Azure subscription to a different Azure AD directory**

All resources in the subscription will move
Keep in mind changing tenant destroys all AAD RBAC assignments + managed identities.
All RBAC role assignments on the IoT hub will be lost, the managed identity will break, and correspondingly routing using managed identity will also break.

That said, Yes, the Referenced Thread in your initial question aligns with the underlying complexities. The referenced thread also gives a workaround solution to the complex situation.

If you need further help in this matter please make sure to contact Microsoft Support Team before you do the ownership transfer or you can also do it by yourself. If you need any help regarding this, then please comment in the below section.

With-In the same Tenant\Directory[Region to Region, Subscription to Subscription]

I hope you have already come across this article on How to clone an Azure IoT hub to another region, which I highly recommend you to go through & provide your feedback.

To clone a hub, you need a subscription with administrative access to the original hub. You can put the new hub in a new resource group and region, in the same subscription as the original hub, or even in a new subscription. You just can't use the same name because the hub name has to be globally unique.

93317-image.png

The related post which you have mentioned: Is similar to the below article's step-by-step stages where we re-create the IoT Hub in target region\subscription and re-provision all devices with the help of Azure DPS.

93443-image.png


We are happy to help you with additional queries if you have any, please comment in the below section for further in this matter.

If the response is helpful, please click "Accept Answer" and upvote it.




image.png (26.4 KiB)
image.png (17.3 KiB)
· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @SatishBoddu-MSFT ,

thank you for those useful links.

To answer my original question as my customer will definitely ask me the same: by providing manual cloning procedure, do you mean that IoT Hub does not support a subscription move to another tenant ?

Kind regards,
Teddy

0 Votes 0 ·

Hello @TeddyDubois29, Do you mean to say, "a simple button click and automatically the IoT Hub is created in another subscription"?

0 Votes 0 ·

Hello @SatishBoddu-MSFT ,

I mean the Subscription transfer to another tenant: to transfer a subscription to another tenant, we can open the subscription information from Azure Portal and click on "Change Directory".

Source: https://docs.microsoft.com/en-us/azure/role-based-access-control/transfer-subscription#list-azure-sql-databases-with-azure-ad-authentication

Does IOT Hub support this action ?

Kind regards,
Teddy

0 Votes 0 ·
Show more comments