Azure: Sharing Public IP Address between Resource Groups

Question

I have an IP Address in one of my resource group(for e.g test-resource-group). I wish to use this IP Address in AKS Created Resource Group(for e.g MC_xxxx_resource-group). The IP allocation for a service in AKS leads to error stating "IP Address is not in resource-group MC_xxxx_resource-group.

I wanted to know, as to what is the easiest mechanism that I can have Public Address created in one resource group be shared with another resource group??

Answer 1

I was able to resolve the issue with the following solution:

1. Go to the Resource Group which is created by k8s-cluster.
2. Go the SETTINGS -> ACCESS CONTROL -> ROLES ASSIGNMENT.
3. Check the System Created Contributor Role.
4. Go to the Resource Group against which the Public IP Address is Created(for.e.g test-resource-group)
5. Go the SETTINGS -> ACCESS CONTROL -> ROLES ASSIGNMENT -> ADD ROLE ASSIGNMENT
6. If the ROLE from Point 2 is not listed, type the initials of it and it should be displayed.
7. Select the role as NETWORKING CONTRIBUTOR for it.

In the above fashion, you can use the Public IP Address created in some another resource group for your k8s cluster.

Happy Coding :)

Answer 2

The best way is to export the template and deploy from script.

1.Login to your Azure portal and hover to the resource group where the IP resides in. Now, under the Automation blade click on export template.

2.Choose Deploy in the Export template blade.

3.Click TEMPLATE > Edit parameters to open the parameters.json file in the online editor.

4.To edit the parameter of the public IP name, change the property under parameters > value from the source public IP name to the name of your target public IP, ensure the name is in quotes:

{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
    "publicIPAddresses_myVM1pubIP_name": {
    "value": "<target-publicip-name>"
      }
     }
    }

5.Click Save in the editor.

6.Click TEMPLATE > Edit template to open the template.json file in the online editor.

7.To edit the target region where the public IP will be moved, change the location property under resources:

"resources": [
    {
    "type": "Microsoft.Network/publicIPAddresses",
    "apiVersion": "2019-06-01",
    "name": "[parameters('publicIPAddresses_myPubIP_name')]",
    "location": "<target-region>",
    "sku": {
        "name": "Basic",
        "tier": "Regional"
    },
    "properties": {
        "provisioningState": "Succeeded",
        "resourceGuid": "7549a8f1-80c2-481a-a073-018f5b0b69be",
        "ipAddress": "52.177.6.204",
        "publicIPAddressVersion": "IPv4",
        "publicIPAllocationMethod": "Dynamic",
        "idleTimeoutInMinutes": 4,
        "ipTags": []
       }
       }
     ]

8.Click Save in the online editor.

9.Click BASICS > Subscription to choose the subscription where the target public IP will be deployed. Set the target Resource group and Location.

10. Check the box under TERMS AND CONDITIONS and Click the Purchase button to deploy the target public IP.

Reference Doc: https://learn.microsoft.com/en-us/azure/virtual-network/move-across-regions-publicip-portal