Error downloading an Azure Local Marketplace Gallery image

Question

Error downloading an Azure Local Marketplace Gallery image

Jan Claes 80

When using a BICEP file to download the latest image with parameters:

offer: office-365
publisher: microsoftwindowsdesktop
sku: win11-24h2-avd-m365

We get the following error:

{
  "error": {
    "code": "GenerateTokenFromEdgeMarketplaceServiceFailed",
    "message": "Failed to generate SAS token for the URN: microsoftwindowsdesktop:office-365. Status code: NotFound, Error details: {\"error\":{\"code\":\"NotFound\",\"message\":\"Resource not found.\",\"details\":[{\"code\":\"ResourceNotFound\",\"message\":\"Requested resource not found.\"}]}}"
  }
}

The BICEP file:

targetScope = 'resourceGroup'

param customLocationName string
param sku string
param skuVersion string

resource customlocation 'Microsoft.ExtendedLocation/customLocations@2021-08-31-preview' existing = {
  name: customLocationName
}

resource localimage 'Microsoft.AzureStackHCI/marketplaceGalleryImages@2025-06-01-preview' = {
  extendedLocation: {
    name: customlocation.id
    type: 'CustomLocation'
  }
  location: 'westeurope'
  name: sku
  properties: {
    identifier: {
      offer: 'office-365'
      publisher: 'microsoftwindowsdesktop'
      sku: sku
    }
    osType: 'Windows'
    version: {
      name: skuVersion
    }
    hyperVGeneration: 'V2'
  }
}

1 answer

Your answer

Answer 1

Alex Burlachenko 19,530 Volunteer Moderator

hey Jan Claes,

this error is not a generic bicep issue, it is the marketplace backend telling u that the URN microsoftwindowsdesktop:office-365:win11-24h2-avd-m365 simply does not exist or is not available in the context Azure Local is using. The key point is that Azure Local marketplaceGalleryImages does not use the full public Azure Marketplace catalog the same way Azure VMs do. Only a subset of images is replicated and supported for Azure Local and Azure Stack HCI scenarios. If the offer sku combo is valid for Azure VM but not published to Azure Local, the edge marketplace service returns NotFound and token generation fails.

Look is whether that exact URN is available in ur region for Azure Local. Do not assume that because it works for az vm image list it will work for Microsoft.AzureStackHCI marketplaceGalleryImages. Use Azure CLI to list images for Azure Local specifically, for example:

az stack-hci-vm image list --location westeurope

or in the Azure portal under Azure Local marketplace gallery images to see the exact publisher offer sku version values that are actually supported.

Is that the skuVersion u pass matches a version that exists for Azure Local. In many cases version latest is not supported for Azure Local and u must provide an explicit version string that exists in the local catalog.

is region mismatch? In ur bicep u hardcoded location westeurope. Azure Local images are region scoped and tied to the customLocation. Make sure the customLocation and the image location align with a region where that image is actually published for Azure Local. If the image is not replicated to westeurope for Azure Local, u will get NotFound even though it exists in global Azure.

And check the exact offer name. For many Windows 11 AVD M365 images the offer is actually windows-11 or windows-11-avd rather than office-365. The offer office-365 is commonly used in VM context but not always in Azure Local context. If the backend cannot resolve the URN exactly as publisher:offer:sku, SAS generation fails.

Actually this is almost always one of three things like the URN is valid for Azure VM but not Azure Local, the version does not exist in Azure Local, or the region does not have that image replicated. The fix is to list and use only the images explicitly available for Azure Local in that region and custom location rather than reusing a public Azure VM URN.

rgds,

Alex

Jan Claes 80 Reputation points

2026-02-18T12:43:06.3566667+00:00
We run the pipeline each week, and this is the pattern of last month:

21/01: "26100.7462.251209" => "26100.7623.260113" - FAILED

28/01: "26100.7462.251209" => "26100.7623.260113" - SUCCEEDED to upgrade to "26100.7623.260113"

04/02: N/A

11/02: N/A

18/02: "26100.7623.260113" => "26100.7840.260210" - FAILED
Jan Claes 80 Reputation points

2026-02-18T15:30:28.0366667+00:00
When following this article: https://learn.microsoft.com/en-us/azure/azure-local/manage/virtual-machine-image-azure-marketplace?view=azloc-2510&tabs=azurecli#create-vm-image-from-marketplace-image

az stack-hci-vm image create --resource-group "rg-xxxx" --custom-location "/subscriptions/$subId/resourceGroups/rg-xxxx/providers/Microsoft.ExtendedLocation/customLocations/$custLoc" --name "win11-24h2-avd-m365-test" --os-type "Windows" --offer "office-365" --publisher "microsoftwindowsdesktop" --sku "win11-24h2-avd-m365"

It also give the same error:

(GenerateTokenFromEdgeMarketplaceServiceFailed) Failed to generate SAS token for the URN: microsoftwindowsdesktop:office-365. Status code: NotFound, Error details: {"error":{"code":"NotFound","message":"Resource not found.","details":[{"code":"ResourceNotFound","message":"Requested resource not found."}]}}

Code: GenerateTokenFromEdgeMarketplaceServiceFailed

Message: Failed to generate SAS token for the URN: microsoftwindowsdesktop:office-365. Status code: NotFound, Error details: {"error":{"code":"NotFound","message":"Resource not found.","details":[{"code":"ResourceNotFound","message":"Requested resource not found."}]}}
Jilakara Hemalatha 10,200 Reputation points Microsoft External Staff Moderator

2026-02-19T17:03:48.4733333+00:00

Thanks for sharing the details

The weekly pattern you’re seeing happens because Azure Local Edge Marketplace image replication is asynchronous. A new build can appear in the public Azure Marketplace first, but until that exact publisher/offer/sku/version is replicated to Azure Local in your region

For Azure Local, the pipeline should only use images and versions explicitly listed under:

az stack-hci-vm image list --location <region>

Using only these available versions will help avoid these intermittent failures.
Jan Claes 80 Reputation points

2026-02-20T16:10:36.01+00:00
The command:

az stack-hci-vm image list

only lists the marketplace images already deployed in the subscription, not the ones available in the Edge marketplace. Also the parameter --location does not exists.
Ankit Yadav 12,205 Reputation points Microsoft External Staff Moderator

2026-02-23T05:54:01.5566667+00:00

Thank you for providing the requested information. Our team is working on to debug the issue in depth and we'll share you the suggestions soon to fix the issue.
Jilakara Hemalatha 10,200 Reputation points Microsoft External Staff Moderator

2026-02-24T08:26:33.99+00:00

Hi Jan Claes,

Thank you for your patience while we engaged the Azure Local Product Group regarding this behavior.

Based on their analysis, this issue is related to how the Azure Local Marketplace resolves image versions when the deployment requests the “latest” version dynamically. For certain releases of the Windows 11 24H2 AVD M365 image, the backend version lookup may intermittently fail, which results in the error:

GenerateTokenFromEdgeMarketplaceServiceFailed / ResourceNotFound

To avoid this condition, the Product Group recommends explicitly specifying the exact image version as part of the URN instead of relying on automatic version resolution.

For example, please use a fully qualified version such as: microsoftwindowsdesktop:office-365:win11-24h2-avd-m365:26100.7623.260113

Additionally, they have observed that newer 25H2-based images are behaving more consistently. If feasible for your environment, using the 25H2 image stream may provide a smoother experience going forward.
Jan Claes 80 Reputation points

2026-02-24T09:20:37.78+00:00

We have a triggered pipeline for downloading the image. How can we check if a newer version is available in the Azure Local Marketplace? How can we easily check if a new version is available (AZ CLI or PS)?
Jilakara Hemalatha 10,200 Reputation points Microsoft External Staff Moderator

2026-02-25T18:18:00.4333333+00:00

Regarding your query on checking for newer versions of an image in the Azure Local Marketplace, currently there isn’t a direct method to list the latest “supported” versions in Azure Local Marketplace itself.

Since the images originate from the Azure Marketplace, you can use the Azure CLI or PowerShell to identify the latest available version before triggering your pipeline:

az vm image list --location $locationName --publisher $publisherName --offer $offerName --sku $imagesku --all --output table

You can check the available image versions using the Azure VM Image List in the portal, without needing to use the CLI
Jilakara Hemalatha 10,200 Reputation points Microsoft External Staff Moderator

2026-02-27T08:25:34.6533333+00:00

Hello Jan,

Just checking if above provided information was helpful! Please let me know if you have any queries.
Jan Claes 80 Reputation points

2026-03-02T09:38:22.7666667+00:00

Hi @Jilakara Hemalatha

The command list the available SKUs in the public Marketplace, not in the Edge.

What I noticed is that the portal is showing when a new update is available.

Is there a way we can check when an update is available, this way we can run the pipeline and the new version will be downloaded.
Jilakara Hemalatha 10,200 Reputation points Microsoft External Staff Moderator

2026-03-02T15:23:57.1566667+00:00

You are correct that the CLI command (az vm image list) only checks the image versions available in the public Azure Marketplace and does not reflect what is currently available or updated in the Azure Local (Edge) Marketplace.

At present, there is no direct programmatic method (CLI/PowerShell/API) to detect when a new image update becomes available specifically in Azure Local.

Recommended workaround: You can periodically check the latest image version in Azure Marketplace (portal) and compare it with the version currently used in your Azure Local environment. If a newer version is identified, you can then trigger your pipeline to download and update the image.

Currently, this manual/version-comparison approach is the supported method until a native update-check capability is introduced.

Share via

Error downloading an Azure Local Marketplace Gallery image

1 answer

Your answer