question

JosephHarrison-0333 avatar image
0 Votes"
JosephHarrison-0333 asked ·

How to control Shared Image Gallery replication

In my tenant, I created a Shared Image Gallery. I chose a region where I wanted the gallery. Now I am getting billed for storage in all US regions because all images (and all image versions) are being replicated to all US datacenters. I tried to remove the replication to datacenters that I definitely am not interested in, but I get this error:

Failed to update replication for image version '3.0.0'. Error: The client has permission to perform action 'microsoft.compute/images/read' on scope '[image]', however the current tenant '[tenant id]' is not authorized to access linked subscription '[subscription id]'.

I was able to delete versions 1.0.0 and 2.0.0 of this image. The error arose when I tried to get rid of particular replicas of version 3.0.0.

azure-lab-services-base-images
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

2 Answers

kobulloc-MSFT avatar image
0 Votes"
kobulloc-MSFT answered ·

For Shared Image Galleries, things do get a bit more complicated when multiple tenants are involved. The error you are seeing indicates that you need to sign in with credentials that are authorized to access the linked subscription. For your scenario, it should be as straight forward as changing credentials and repeating the action however this error is more commonly found when attempting to peer VNets and the following thread may offer additional insights when dealing with multiple logins:

https://github.com/MicrosoftDocs/azure-docs/issues/22099#issuecomment-512035524


· Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JosephHarrison-0333 avatar image
0 Votes"
JosephHarrison-0333 answered ·

In my case there are no multiple logins. I only have and use a single account to manage my Azure tenant. So everything is created with the same account if that's what you are referring to. Note also that I was able to get rid of two older versions of the same image. It's when I try to delete replicas of the current version that I get the error. My lab is in the South Central US zone, the gallery has location Central US, and all my lab machines have RDP addresses like "eastus.cloudapp.azure.com" so I assume they are in the East US zone.

· Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.