A Azure Compute Gallery (formerly known as Shared Image Gallery) simplifies custom image sharing across your organization. Custom images are like marketplace images, but you create them yourself. Images can be created from a VM, VHD, snapshot, managed image, or another image version.
The Azure Compute Gallery lets you share your custom VM images with others in your organization, within or across regions, within an Azure AD tenant, or publicly using a community gallery (preview). Choose which images you want to share, which regions you want to make them available in, and who you want to share them with. You can create multiple galleries so that you can logically group images. Many new features like ARM64, Accelerated Networking and TrustedVM are only supported through Azure Compute Gallery and not available for managed images.
The Azure Compute Gallery feature has multiple resource types:
This is a resource that can be used to create an image version in a gallery. An image source can be an existing Azure VM that is either generalized or specialized, a managed image, a snapshot, or an image version in another gallery.
Like the Azure Marketplace, a gallery is a repository for managing and sharing images and VM applications, but you control who has access.
Image definitions are created within a gallery and carry information about the image and requirements for using it internally. This includes whether the image is Windows or Linux, release notes, and minimum and maximum memory requirements. It is a definition of a type of image.
An image version is what you use to create a VM when using a gallery. You can have multiple versions of an image as needed for your environment. Like a managed image, when you use an image version to create a VM, the image version is used to create new disks for the VM. Image versions can be used multiple times.
Before you begin
To complete this article, you must have an existing Azure Compute Gallery, and a source for your image available in Azure. Image sources can be:
Other image versions either in the same gallery or another gallery in the same subscription.
If the image will contain data disks, the data disk size cannot be more than 1 TB.
Image definition names can be made up of uppercase or lowercase letters, digits, dots, dashes and periods. For more information about the values you can specify for an image definition, see Image definitions.
Allowed characters for the image version are numbers and periods. Numbers must be within the range of a 32-bit integer. Format: MajorVersion.MinorVersion.Patch.
When working through this article, replace the resource names where needed.
For generalized images, see the OS specific guidance before capturing the image:
To share images in the community gallery, you need to register for the preview at https://aka.ms/communitygallery-preview. Creating VMs and scale sets from images shared the community gallery is open to all Azure users.
Information from your image definitions will be publicly available, like what you provide for Publish, Offer, and SKU.
If you will be sharing your images using a community gallery (preview), make sure that you create your gallery, image definitions, and image versions in the same region.
When users search for community gallery images, only the latest version of an image is shown.
Create an image
Choose an option below for creating your image definition and image version:
For Publisher, type a unique name like myPublisher.
For Offer, type a unique name like myOffer.
For SKU, type a unique name like mySKU.
At the bottom of the page, select Review + create.
After the image definition passes validation, select Create.
When the deployment is finished, select Go to resource.
In the page for your image definition, on the Get started tab, select Create a version.
In Region, select the region where you want the image created. In some cases, the source must be in the same region where the image is created. If you aren't seeing your source listed in later drop-downs, try changing the region for the image. You can always replicate the image to other regions later.
For Version number, type a number like 1.0.0. The image version name should follow major.minor.patch format using integers.
In Source, select the type of file you are using for your source from the drop-down. See the table below for specific details for each source type.
Disks or snapshots
- For OS disk select the disk or snapshot from the drop-down. - To add a data disk, type the LUN number and then select the data disk from the drop-down.
- Select the Source gallery from the drop-down. - Select the correct image definition from the drop-down. - Select the existing image version that you want to use from the drop-down.
Select the Source image from the drop-down. The managed image must be in the same region that you chose in Instance details.
VHD in a storage account
Select Browse to choose the storage account for the VHD.
In Exclude from latest, leave the default value of No unless you don't want this version used when creating a VM using latest instead of a version number.
For End of life date, select a date from the calendar for when you think this version should stop being used.
In the Replication tab, select the storage type from the drop-down.
Set the Default replica count, you can override this for each region you add.
You need to replicate to the source region, so the first replica in the list will be in the region where you created the image. You can add more replicas by selecting the region from the drop-down and adjusting the replica count as necessary.
When you are done, select Review + create. Azure will validate the configuration.
When image version passes validation, select Create.
When the deployment is finished, select Go to resource.
It can take a while to replicate the image to all of the target regions.
Image definitions create a logical grouping for images. They are used to manage information about the image versions that are created within them.
Create an image definition in a gallery using az sig image-definition create. Make sure your image definition is the right type. If you have generalized the VM (using waagent -deprovision for Linux, or Sysprep for Windows) then you should create a generalized image definition using --os-state generalized. If you want to use the VM without removing existing user accounts, create a specialized image definition using --os-state specialized.
For more information about the parameters you can specify for an image definition, see Image definitions.
In this example, the image definition is named myImageDefinition, and is for a specialized Linux OS image. To create a definition for images using a Windows OS, use --os-type Windows.
az sig image-definition create \
--resource-group myGalleryRG \
--gallery-name myGallery \
--gallery-image-definition myImageDefinition \
--publisher myPublisher \
--offer myOffer \
--sku mySKU \
--os-type Linux \
For image definitions that will contain images descended from third-party marketplace images, the plan information must match exactly the plan information from the third-party image. Include the plan information in the image definition by adding --plan-name, --plan-product, and --plan-publisher when you create the image definition.
The syntax for creating the image will change, depending on what you are using as your source. You can mix the source types, as long as you only have one OS source. You can also have different sources for each data disk.
VM using the VM ID
--managed-image <Resource ID of the VM>
Managed image or another image version
--managed-image <Resource ID of the managed image or image version
Snapshot or managed disk
--os-snapshot <Resource ID of the snapshot or managed disk>
In the example below, we are creating an image from a VM. The version of our image is 1.0.0 and we are going to create 2 replicas in the West Central US region, 1 replica in the South Central US region and 1 replica in the East US 2 region using zone-redundant storage. The replication regions must include the region the source VM is located.
It is a best practice to stop\deallocate the VM before creating an image.
Replace the value of --managed-image in this example with the ID of your VM.
You need to wait for the image version to completely finish being built and replicated before you can use the same managed image to create another image version.
You can also store your image in Premium storage by adding --storage-account-type premium_lrs, or Zone Redundant Storage by adding --storage-account-type standard_zrs when you create the image version.
Image definitions create a logical grouping for images. When making your image definition, make sure it has all of the correct information. If you generalized the source VM, then you should create an image definition using -OsState generalized. If you didn't generalized the source, create an image definition using -OsState specialized.
For more information about the values you can specify for an image definition, see Image definitions.
For image definitions that will contain images descended from third-party images, the plan information must match exactly the plan information from the third-party image. Include the plan information in the image definition by adding -PurchasePlanName, -PurchasePlanProduct, and -PurchasePlanPublisher when you create the image definition.
In the example below, we are creating an image version from a VM. It is a best practice to stop\deallocate the VM before creating an image using Stop-AzVM.
In this example, the image version is 1.0.0 and it's replicated to both West Central US and South Central US datacenters. When choosing target regions for replication, remember that you also have to include the source region as a target for replication.
Create an image version using the REST API. In this example, we are creating an image version from a VM. To use another source, pass in the resource ID for source (for example, pass in the ID of the OS disk snapshot).
# Set some variables
tenantID="<tenant ID for the source image>"
subID="<subscription ID where the image will be creted>"
sourceImageID="<resource ID of the source image>"
# Log in to the tenant where the source image is available
az login --tenant $tenantID
# Log back in to the subscription where the image will be created and ensure subscription context is set
az account set --subscription $subID
# Create the image
az sig image-version create `
--gallery-image-definition myImageDef `
--gallery-image-version 1.0.0 `
--gallery-name myGallery `
--resource-group myResourceGroup `
# Set variables
$targetSubID = "<subscription ID for the target>"
$sourceTenantID = "<tenant ID where for the source image>"
$sourceImageID = "<resource ID of the source image>"
#Login to the subscription where the new image will be created
Connect-AzAccount -UseDeviceAuthentication -Subscription $targetSubID
# Login to the tenant where the source image is published
Connect-AzAccount -Tenant $sourceTenantID -UseDeviceAuthentication
# Set the context of the subscription where the new image will be created
Set-AzContext -Subscription $targetSubID
# Create the image version from another image version in a different tenant
-ResourceGroupName myResourceGroup -GalleryName myGallery \
-GalleryImageDefinitionName myImageDef \
-Location "West US 2" \
-Name 1.0.0 \