Cross-Subscription Recovery Services Vault?

Hello friends,

I’m setting up Azure Recovery Services Vault (RSV) for my company.

We currently have 38 subscriptions with resources are spread across several Azure locations (mainly westus2, westus3, centus) - all under the same tenant.

My initial idea was to deploy a single RSV per azure location. However, during my Terraform tests, I’ve encountered problems that seem to indicate that VMs can only backup to RSVs in their own subscription. For example, I receive the following error when terraform apply on terraform that referenced an existing VM in a subscription different from my RSV

Error: creating/updating Azure Backup Protected VM “VM;iaasvmcontainerv2;dop-tst-uw2-temp-rg;rhel9test-ui” (Resource Group “mhs-shd-uw2-infr-backup-rg”): protecteditems.ProtectedItemsClient#CreateOrUpdate: Failure responding to request: StatusCode=400 – Original Error: autorest/azure: Service returned an error. Status=400 Code=“BMSUserErrorInvalidInput” Message=" The User input provided for the call is invalid. Please check the required inputs"

│ with azurerm_backup_protected_vm.rhel9test_ui_backup,
│ on line 338, in resource “azurerm_backup_protected_vm” “rhel9test_ui_backup”:
│ 338: resource “azurerm_backup_protected_vm” “rhel9test_ui_backup” {

Has anyone faced similar issues in a multi-subscription Azure environment? Would it be more practical to set up one RSV per subscription in each location? I’m looking for advice or experiences on the best way to structure this setup for efficiency and manageability.

Thanks in advance for any insights!