One of my colleagues has created a Shared Image Gallery in their Subscription, and has provided me with:
- Client ID (
$t1ClientId) - Client Secret (
$t1ClientSecret) - Tenant ID (
$t1TenantId) - Subscription ID (
$t1SubscriptionId) - Resource Group Name (
$t1SigResourceGroup) - Gallery Name (
$t1GalleryName)
I have:
- Tenant ID (
$t2TenantId) - Subscription ID (
$t2SubscriptionId) - Resource Group Name (
$t2SigResourceGroup) [Created] - Gallery Name (
$t2GalleryName) [Created]
I have followed the steps (after “Give Tenant 2 access”) in https://docs.microsoft.com/en-us/azure/virtual-machines/linux/share-images-across-tenants#give-tenant-2-access, and my colleague has done the steps before “Give Tenant 2 access”.
Initally, I just want to import their image into my Azure Subscription, into a Shared Image Gallery.
I’ve created a Packer json file, as follows:
{
"variables": {
"t1ClientId": "",
"t1ClientSecret": "",
"t2TenantId": "",
"t1SubscriptionId": "",
"t2SubscriptionId": "",
"t1SigResourceGroup": "",
"t2SigResourceGroup": "",
"t1GalleryName": "",
"t2GalleryName": "",
"commonImageName": ""
},
"sensitive-variables": [
"t1SubscriptionId",
"t1ClientSecret",
"t2SubscriptionId"
],
"builders": [
{
"type": "azure-arm",
"client_id": "{{user `t1ClientId`}}",
"client_secret": "{{user `t1ClientSecret`}}",
"tenant_id": "{{user `t2TenantId`}}",
"subscription_id": "{{user `t2SubscriptionId`}}",
"managed_image_resource_group_name": "{{user `t2SigResourceGroup`}}",
"managed_image_name": "{{user `commonImageName`}}",
"os_type": "Linux",
"shared_image_gallery": {
"subscription": "{{user `t1SubscriptionId`}}",
"resource_group": "{{user `t1SigResourceGroup`}}",
"gallery_name": "{{user `t1GalleryName`}}",
"image_name": "{{user `commonImageName`}}"
},
"location": "westeurope",
"vm_size": "Standard_DS2_v2",
"shared_image_gallery_destination": {
"resource_group": "{{user `t2SigResourceGroup`}}",
"gallery_name": "{{user `t2GalleryName`}}",
"image_name": "{{user `commonImageName`}}",
"image_version": "1.0.0",
"replication_regions": [
"westeurope"
]
}
}
],
"provisioners": [
{
"execute_command": "chmod +x {{ .Path }}; {{ .Vars }} sudo -E sh '{{ .Path }}'",
"inline": [
"/usr/sbin/waagent -force -deprovision+user && export HISTSIZE=0 && sync"
],
"inline_shebang": "/bin/sh -x",
"type": "shell"
}
]
}
If I do this with the tenant details for T1Client, I get:
azure-arm: output will be in this color.
==> azure-arm: Running builder ...
==> azure-arm: Getting tokens using client secret
==> azure-arm: Getting tokens using client secret
azure-arm: Creating Azure Resource Manager (ARM) client ...
Build 'azure-arm' errored: Cannot locate the managed image resource group $t2SigResourceGroup
==> Some builds didn't complete successfully and had errors:
--> azure-arm: Cannot locate the managed image resource group $t2SigResourceGroup.
==> Builds finished but no artifacts were created.
If I do this with the App Registration details I created in T2 (ClientId and ClientSecret), I get:
azure-arm: output will be in this color.
==> azure-arm: Running builder ...
==> azure-arm: Getting tokens using client secret
==> azure-arm: Getting tokens using client secret
azure-arm: Creating Azure Resource Manager (ARM) client ...
Build 'azure-arm' errored: the Shared Gallery Image to which to publish the managed image version to does not exist in the resource group $t2SigResourceGroup
==> Some builds didn't complete successfully and had errors:
--> azure-arm: the Shared Gallery Image to which to publish the managed image version to does not exist in the resource group $t2SigResourceGroup
==> Builds finished but no artifacts were created.
The Shared Gallery Image and Resource Group both exist. Can anyone give me any pointers?