Create and use shared images for virtual machine scale sets with the Azure CLI 2.0
When you create a scale set, you specify an image to be used when the VM instances are deployed. A Shared Image Gallery simplifies custom image sharing across your organization. Custom images are like marketplace images, but you create them yourself. Custom images can be used to bootstrap configurations such as preloading applications, application configurations, and other OS configurations.
The Shared Image Gallery lets you share your images with others. Choose which images you want to share, which regions you want to make them available in, and who you want to share them with.
Create an image gallery
An image gallery is the primary resource used for enabling image sharing.
Allowed characters for Gallery name are uppercase or lowercase letters, digits, dots, and periods. The gallery name cannot contain dashes. Gallery names must be unique within your subscription.
Create an image gallery using az sig create. The following example creates a resource group named gallery named myGalleryRG in East US, and a gallery named myGallery.
az group create --name myGalleryRG --location eastus az sig create --resource-group myGalleryRG --gallery-name myGallery
Share the gallery
You can share images across subscriptions using Role-Based Access Control (RBAC). You can share images at the gallery, image definition or image version level. Any user that has read permissions to an image version, even across subscriptions, will be able to deploy a VM using the image version.
We recommend that you share with other users at the gallery level. To get the object ID of your gallery, use az sig show.
az sig show \ --resource-group myGalleryRG \ --gallery-name myGallery \ --query id
Use the object ID as a scope, along with an email address and az role assignment create to give a user access to the shared image gallery. Replace
<gallery iD> with your own information.
az role assignment create \ --role "Reader" \ --assignee <email address> \ --scope <gallery ID>
For more information about how to share resources using RBAC, see Manage access using RBAC and Azure CLI.