Multi-tenant deployment in Azure Shared Gallery

Hi All

I am trying to create a VM in Tenant-2 with Shared Image Galley available in Tenant-1.

Below is the code I am using.

### TENANT - 2  ####
provider "azurerm" {
  subscription_id = "${var.subscription_id}"
  client_id       = "${var.client_id}"
  client_secret   = "${var.client_secret}"
  tenant_id       = "${var.tenant_id}"
}

#### TENANT - 1  #### Provider for fetching the SIG resource
provider "azurerm" {
  alias           = "sig-resources-id"
  subscription_id = "${var.sig_subscription_id}"
  client_id       = "${var.sig_client_id}"
  client_secret   = "${var.sig_client_secret}"
  tenant_id       = "${var.sig_tenant_id}"
}

From Tenant-1, I am getting the Image ID and use this in azurerm_virtual_machine for VM creation in Tenant-2

Error: compute.VirtualMachinesClient#CreateOrUpdate: Failure sending request: StatusCode=403 -- Original Error: Code="LinkedAuthorizationFailed" Message="The client has permission to perform action 'Microsoft.Compute/galleries/images/versions/read' on scope  '/subscriptions/subscription-ID-of-tenant-2/resourceGroups/mygroup/providers/Microsoft.Compute/virtualMachines/sigvm-01', however the current tenant '<Tenant-2 ID>' is not authorized to access linked subscription '<subscription-ID-of-tenant-1>'."

ANY help is much appreciated.

Hi @nicethomaslearngit

Were you able to resolve the above issue ?