In Azure Active Directory (Azure AD), a tenant is representative of an organization. It is a dedicated instance of the Azure AD service that an organization receives and owns when it signs up for a Microsoft cloud service such as Azure, Microsoft Intune, or Office 365. Each Azure AD tenant is distinct and separate from other Azure AD tenants
• An Azure tenant can have multiple subscriptions
• Each subscription can use the same Azure AD
Pros
• Multiple Subscriptions allow a company to easy view billing for each Subscription and limit who can access the Microsoft Azure services associated with that subscription
• Overcome any Azure limits and constraints
• Development and project team agility
Cons
• Complex
• Increased Management and costs
• Network circuits
• Edge gateway devices
• IP Address space
• Routing and firewall configurations
• Monitoring, patching and anti-virus for VMs
• Storage / Backup vaults
Single Subscription Model:
Single subscription under 1 Azure AD Tenant. You can segregate all servers and resources using VNets, Subnets, Firewalls, RBAC on Resource Groups.
Multiple Subscription Model:
Azure Active Directory (Azure AD), a tenant is representative of an organization. It is a dedicated instance of the Azure AD service that an organization receives and owns when it signs up for a Microsoft cloud service such as Azure, Microsoft Intune, or Office 365. Each Azure AD tenant is distinct and separate from other Azure AD tenants
• An Azure tenant can have multiple subscriptions
• Each subscription can use the same Azure AD
Pros
• Easier Cost Control. Project based billing via Tags and Resource groups
• Centralized Operations
• Reuse of Shared infrastructure (Networking)
Cons
• Azure Limits and Constraints
• Less agility for development & project teams
• Requires more granular permission model (RBAC)
