How to make sure you always have the latest OS image in your Azure deployment scripts

When working with customer deployments, one of the top situations that can arise during the evaluation to production rollout phase is an erroneous and seemingly sudden error New-AzureVM : ForbiddenError: You don't have permission to use this image. As you might suspect with the topic at hand, this means the image that you have been working with (assuming you haven't changed anything there) has become no longer accessible, which is simply that it is no longer valid. This is because images get updated from time to time and the version information changes to match the update (updates are approximately monthly). Therefore, you need to be sure you always have the latest version information before attempting your deployment.

Here's a convenient and simple step for anyone doing deployments in Azure through powershell. There is ample information on MSDN and on TechNet that helps describe the why, when and how's of the Azure Host update process. This post is more about the How, for recurring deployments, you can make sure your scripts are looking for the most recent update.

In powershell:

#Get the latest set of images on the VM for the region you want to deploy to

Get-AzureVMImage | where-object { $_.Label -like "Windows*" } | where { $_.Location.Split(";") -contains "West US"} | Sort-Object -Property PublishedDate | Format-List PublishedDate, Label, ImageName

Now you can select the ImageName or Label you want to work with and be certain you have the latest version when deploying your VMs.

For more information, see this MSDN article and this TechNet blog.

Note: Cloud service and worker role updates can be managed by following the configuration file modification steps outlined in this MSDN article .