We got the 1.34 version released and I am getting the error I pasted initially. My Azure Shared Image galleries are in tenant-1 and I am trying to deploy a VM in tenant-2 using this SIG in tenant-1.
#### connecting to tenant -2 ########provider"azurerm" {subscription_id="${var.subscription_id}"client_id="${var.client_id}"client_secret="${var.client_secret}"tenant_id="${var.tenant_id}" }##### connecting to tenant -1 ######## Provider for fetching the SIG resourceprovider"azurerm" {alias="sig-resources-id"subscription_id="${var.sig_subscription_id}"client_id="${var.sig_client_id}"client_secret="${var.sig_client_secret}"tenant_id="${var.sig_tenant_id}" }
using alias I fetches the image ID from tenant-1 and use this ID to provision in tenant-2 and is not working.
Error: compute.VirtualMachinesClient#CreateOrUpdate: Failure sending request: StatusCode=403 -- Original Error: Code="LinkedAuthorizationFailed" Message="The client has permission to perform action 'Microsoft.Compute/galleries/images/versions/read'
on scope '/subscriptions/subscription-ID-of-tenant-2/resourceGroups/mygroup/providers/Microsoft.Compute/virtualMachines/sigvm-01', however the current tenant '<Tenant-2 ID>' is not authorized to access linked subscription '<subscription-ID-of-tenant-1>'."
ANY help is much appreciated.