![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Azure ExpressRoute
An Azure service that provides private connections between Azure datacenters and infrastructure, either on premises or in a colocation environment.
340 questions
Hello @rufi ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
I understand that you would like to know about the requirements and considerations for sharing ExpressRoute circuit between different tenants.
As mentioned in the Azure ExpressRoute FAQ, ExpressRoute authorizations can span subscription, tenant, and enrollment boundaries with no extra configuration required.
And the steps provided on how to share Azure ExpressRoute between different subscriptions are the same steps which needs to be applied to share Azure ExpressRoute between different tenants.
The circuit owner can create authorizations that can be redeemed by 'circuit users'. Circuit users are owners of virtual network gateways that aren't within the same subscription as the ExpressRoute circuit. Circuit users can redeem authorizations (one authorization per virtual network).
The circuit owner creates an authorization, and the circuit user will use the resource ID of the ExpressRoute circuit and the authorization key from the circuit owner to create a connection between the ExpressRoute circuit and their ExpressRoute gateway.
The only considerations are the ones already mentioned in the public article:
- Connecting virtual networks between Azure sovereign clouds and Public Azure cloud is not supported. You can only link virtual networks from different subscriptions in the same cloud.
- Connectivity and bandwidth charges for the dedicated circuit will be applied to the ExpressRoute circuit owner. All virtual networks share the same bandwidth.
- An authorization is valid for only one connection.
- The circuit owner has the power to modify and revoke authorizations at any time. Revoking an authorization result in all link connections being deleted from the subscription whose access was revoked.
- You can link up to 10 virtual networks to a standard ExpressRoute circuit. All virtual networks must be in the same geopolitical region when using a standard ExpressRoute circuit.
- A single virtual network can be linked to up to 16 ExpressRoute circuits.
- If you enable the ExpressRoute premium add-on, you can link virtual networks outside of the geopolitical region of the ExpressRoute circuit. The premium add-on also allows you to connect more than 10 virtual networks to your ExpressRoute circuit depending on the bandwidth chosen.
Kindly let us know if the above helps or you need further assistance on this issue.
Please don’t forget to "Accept the answer" wherever the information provided helps you, this can be beneficial to other community members.