question

JosephHarrison-0333 avatar image
0 Votes"
JosephHarrison-0333 asked azure-cxp-api edited

How to control Shared Image Gallery replication

In my tenant, I created a Shared Image Gallery. I chose a region where I wanted the gallery. Now I am getting billed for storage in all US regions because all images (and all image versions) are being replicated to all US datacenters. I tried to remove the replication to datacenters that I definitely am not interested in, but I get this error:

Failed to update replication for image version '3.0.0'. Error: The client has permission to perform action 'microsoft.compute/images/read' on scope '[image]', however the current tenant '[tenant id]' is not authorized to access linked subscription '[subscription id]'.

I was able to delete versions 1.0.0 and 2.0.0 of this image. The error arose when I tried to get rid of particular replicas of version 3.0.0.

azure-lab-services-base-images
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

2 Answers

kobulloc-MSFT avatar image
0 Votes"
kobulloc-MSFT answered kobulloc-MSFT edited

For Shared Image Galleries, things do get a bit more complicated when multiple tenants are involved. The error you are seeing indicates that you need to sign in with credentials that are authorized to access the linked subscription. For your scenario, it should be as straight forward as changing credentials and repeating the action however this error is more commonly found when attempting to peer VNets and the following thread may offer additional insights when dealing with multiple logins:

https://github.com/MicrosoftDocs/azure-docs/issues/22099#issuecomment-512035524


5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JosephHarrison-0333 avatar image
0 Votes"
JosephHarrison-0333 answered

In my case there are no multiple logins. I only have and use a single account to manage my Azure tenant. So everything is created with the same account if that's what you are referring to. Note also that I was able to get rid of two older versions of the same image. It's when I try to delete replicas of the current version that I get the error. My lab is in the South Central US zone, the gallery has location Central US, and all my lab machines have RDP addresses like "eastus.cloudapp.azure.com" so I assume they are in the East US zone.

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.