Multiple tailnets support for isolated machine-to-machine communication

mlzc · February 7, 2023, 3:07pm

At Sourcegraph, we are building a single-tenant Cloud solution. Some of our customers are running their code host within a private network environment, and we are looking to utilize tailscale to securely connect Cloud instances with each customer private code host.

Given our single-tenant approach, we cannot use shared tailnet with ACL to acommandate all customers. We would like the ability to have arbitrary number of tailnets under the same account.

According to the docs, this is currently impossible and everything is tied to a specific IDP (e.g. GSuite). Is this something on tailscale roadmap? Happy to chat more and provide context.

dgivens · February 8, 2023, 1:46pm

I’m just spitballing, but perhaps you have the customer provide an pre-authorized key and you use it on your side. They would have control over the access on their end, so that may or may not be what you want in a managed product.

Topic		Replies	Views
Setting up multiple tailnets under the same Idp (Azure AD) SUPPORT QUESTIONS	0	285	October 4, 2022
Remote Management Policy	1	325	December 13, 2022
Preventing access to other Tailscale Networks?	0	522	June 17, 2022
Creating multiple subnetwork like networking	1	447	July 25, 2022
ACL tag question ACL (Access Control Lists)	3	890	October 15, 2020

Multiple tailnets support for isolated machine-to-machine communication

Related Topics