How to control Shared Image Gallery replication

Joseph Harrison 46 Reputation points
2020-05-13T10:42:51.47+00:00

In my tenant, I created a Shared Image Gallery. I chose a region where I wanted the gallery. Now I am getting billed for storage in all US regions because all images (and all image versions) are being replicated to all US datacenters. I tried to remove the replication to datacenters that I definitely am not interested in, but I get this error:

Failed to update replication for image version '3.0.0'. Error: The client has permission to perform action 'microsoft.compute/images/read' on scope '[image]', however the current tenant '[tenant id]' is not authorized to access linked subscription '[subscription id]'.

I was able to delete versions 1.0.0 and 2.0.0 of this image. The error arose when I tried to get rid of particular replicas of version 3.0.0.

Azure Lab Services
Azure Lab Services
An Azure service that is used to set up labs for classrooms, trials, development and testing, and other scenarios.
288 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. kobulloc-MSFT 26,131 Reputation points Microsoft Employee
    2020-05-14T06:22:14.033+00:00

    For Shared Image Galleries, things do get a bit more complicated when multiple tenants are involved. The error you are seeing indicates that you need to sign in with credentials that are authorized to access the linked subscription. For your scenario, it should be as straight forward as changing credentials and repeating the action however this error is more commonly found when attempting to peer VNets and the following thread may offer additional insights when dealing with multiple logins:

    https://github.com/MicrosoftDocs/azure-docs/issues/22099#issuecomment-512035524

    0 comments No comments

  2. Joseph Harrison 46 Reputation points
    2020-05-14T22:05:19.943+00:00

    In my case there are no multiple logins. I only have and use a single account to manage my Azure tenant. So everything is created with the same account if that's what you are referring to. Note also that I was able to get rid of two older versions of the same image. It's when I try to delete replicas of the current version that I get the error. My lab is in the South Central US zone, the gallery has location Central US, and all my lab machines have RDP addresses like "eastus.cloudapp.azure.com" so I assume they are in the East US zone.

    0 comments No comments