New AzVm using shared gallery image not working

[joezuchora]

Description

Was asked to copy this issue over to here. [#25261]

25261

@MicahMcKittrick-MSFT @jdhuntington MicahMcKittrick-MSFT

Steps to reproduce

Can you provide a bit more detail on the variable $imageversion.id? I've followed the guide and am at the last step of trying to create a VM in a different subscription but under the same tenant and am receiving the following error: New-AzVm : The image subscription doesn't match the current subscription.

Environment data

Name                           Value
----                           -----
PSVersion                      5.1.17763.316
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.17763.316
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

Module versions

Script     1.3.0      Az.Accounts                         {Disable-AzDataCollection, Disable-AzContextAutosave, Enable-AzDataCollection, Enable-AzContextAutosave...}
Script     1.0.1      Az.Aks                              {Get-AzAks, New-AzAks, Remove-AzAks, Import-AzAksCredential...}
Script     1.0.0      Az.AnalysisServices                 {Resume-AzAnalysisServicesServer, Suspend-AzAnalysisServicesServer, Get-AzAnalysisServicesServer, Remove-AzAnalysisServicesServer...}
Script     1.0.0      Az.ApiManagement                    {Add-AzApiManagementRegion, Get-AzApiManagementSsoToken, New-AzApiManagementCustomHostnameConfiguration, New-AzApiManagementSystemCertificate...}
Script     1.0.0      Az.ApplicationInsights              {Get-AzApplicationInsights, New-AzApplicationInsights, Remove-AzApplicationInsights, Set-AzApplicationInsightsPricingPlan...}
Script     1.1.0      Az.Automation                       {Get-AzAutomationHybridWorkerGroup, Remove-AzAutomationHybridWorkerGroup, Get-AzAutomationJobOutputRecord, Import-AzAutomationDscNodeConfiguration...}
Script     1.0.0      Az.Batch                            {Remove-AzBatchAccount, Get-AzBatchAccount, Get-AzBatchAccountKeys, New-AzBatchAccount...}
Script     1.0.0      Az.Billing                          {Get-AzBillingInvoice, Get-AzBillingPeriod, Get-AzEnrollmentAccount, Get-AzConsumptionBudget...}
Script     1.0.1      Az.Cdn                              {Get-AzCdnProfile, Get-AzCdnProfileSsoUrl, New-AzCdnProfile, Remove-AzCdnProfile...}
Script     1.0.0      Az.CognitiveServices                {Get-AzCognitiveServicesAccount, Get-AzCognitiveServicesAccountKey, Get-AzCognitiveServicesAccountSkus, Get-AzCognitiveServicesAccountType...}
Script     1.3.0      Az.Compute                          {Remove-AzAvailabilitySet, Get-AzAvailabilitySet, New-AzAvailabilitySet, Update-AzAvailabilitySet...}
Script     1.0.0      Az.ContainerInstance                {New-AzContainerGroup, Get-AzContainerGroup, Remove-AzContainerGroup, Get-AzContainerInstanceLog}
Script     1.0.1      Az.ContainerRegistry                {New-AzContainerRegistry, Get-AzContainerRegistry, Update-AzContainerRegistry, Remove-AzContainerRegistry...}
Script     1.0.1      Az.DataFactory                      {Set-AzDataFactoryV2, Update-AzDataFactoryV2, Get-AzDataFactoryV2, Remove-AzDataFactoryV2...}
Script     1.0.0      Az.DataLakeAnalytics                {Get-AzDataLakeAnalyticsDataSource, New-AzDataLakeAnalyticsCatalogCredential, Remove-AzDataLakeAnalyticsCatalogCredential, Set-AzDataLakeAnalyticsCatalogCredential...}
Script     1.0.2      Az.DataLakeStore                    {Get-AzDataLakeStoreTrustedIdProvider, Remove-AzDataLakeStoreTrustedIdProvider, Remove-AzDataLakeStoreFirewallRule, Set-AzDataLakeStoreTrustedIdProvider...}
Script     1.0.0      Az.DevTestLabs                      {Get-AzDtlAllowedVMSizesPolicy, Get-AzDtlAutoShutdownPolicy, Get-AzDtlAutoStartPolicy, Get-AzDtlVMsPerLabPolicy...}
Script     1.0.0      Az.Dns                              {Get-AzDnsRecordSet, New-AzDnsRecordConfig, Remove-AzDnsRecordSet, Set-AzDnsRecordSet...}
Script     1.1.0      Az.EventGrid                        {New-AzEventGridTopic, Get-AzEventGridTopic, Set-AzEventGridTopic, New-AzEventGridTopicKey...}
Script     1.0.0      Az.EventHub                         {New-AzEventHubNamespace, Get-AzEventHubNamespace, Set-AzEventHubNamespace, Remove-AzEventHubNamespace...}
Script     1.0.0      Az.HDInsight                        {Get-AzHDInsightJob, New-AzHDInsightSqoopJobDefinition, Wait-AzHDInsightJob, New-AzHDInsightStreamingMapReduceJobDefinition...}
Script     1.0.2      Az.IotHub                           {Add-AzIotHubKey, Get-AzIotHubEventHubConsumerGroup, Get-AzIotHubConnectionString, Get-AzIotHubJob...}
Script     1.0.1      Az.KeyVault                         {Add-AzKeyVaultCertificate, Update-AzKeyVaultCertificate, Stop-AzKeyVaultCertificateOperation, Get-AzKeyVaultCertificateOperation...}
Script     1.1.0      Az.LogicApp                         {Get-AzIntegrationAccountAgreement, Get-AzIntegrationAccountCallbackUrl, Get-AzIntegrationAccountCertificate, Get-AzIntegrationAccount...}
Script     1.0.0      Az.MachineLearning                  {Move-AzMlCommitmentAssociation, Get-AzMlCommitmentAssociation, Get-AzMlCommitmentPlanUsageHistory, Remove-AzMlCommitmentPlan...}
Script     1.0.0      Az.MarketplaceOrdering              {Get-AzMarketplaceTerms, Set-AzMarketplaceTerms}
Script     1.0.0      Az.Media                            {Sync-AzMediaServiceStorageKeys, Set-AzMediaServiceKey, Get-AzMediaServiceKeys, Get-AzMediaServiceNameAvailability...}
Script     1.0.0      Az.Monitor                          {Get-AzMetricDefinition, Get-AzMetric, Remove-AzLogProfile, Get-AzLogProfile...}
Script     1.1.0      Az.Network                          {Add-AzApplicationGatewayAuthenticationCertificate, Get-AzApplicationGatewayAuthenticationCertificate, New-AzApplicationGatewayAuthenticationCertificate, Remove-AzApplicationGatewayAuthenticatio...
Script     1.0.0      Az.NotificationHubs                 {Get-AzNotificationHub, Get-AzNotificationHubAuthorizationRules, Get-AzNotificationHubListKeys, Get-AzNotificationHubPNSCredentials...}
Script     1.0.0      Az.OperationalInsights              {New-AzOperationalInsightsAzureActivityLogDataSource, New-AzOperationalInsightsCustomLogDataSource, Disable-AzOperationalInsightsLinuxCustomLogCollection, Disable-AzOperationalInsightsIISLogColl...
Script     1.0.0      Az.PolicyInsights                   {Get-AzPolicyEvent, Get-AzPolicyState, Get-AzPolicyStateSummary, Get-AzPolicyRemediation...}
Script     1.0.0      Az.PowerBIEmbedded                  {Remove-AzPowerBIWorkspaceCollection, Get-AzPowerBIWorkspaceCollection, Get-AzPowerBIWorkspaceCollectionAccessKeys, Get-AzPowerBIWorkspace...}
Script     1.0.0      Az.RecoveryServices                 {Get-AzRecoveryServicesBackupProperty, Get-AzRecoveryServicesVault, Get-AzRecoveryServicesVaultSettingsFile, New-AzRecoveryServicesVault...}
Script     1.0.0      Az.RedisCache                       {Remove-AzRedisCachePatchSchedule, New-AzRedisCacheScheduleEntry, Get-AzRedisCachePatchSchedule, New-AzRedisCachePatchSchedule...}
Script     1.0.0      Az.Relay                            {New-AzRelayNamespace, Get-AzRelayNamespace, Set-AzRelayNamespace, Remove-AzRelayNamespace...}
Script     1.1.2      Az.Resources                        {Get-AzProviderOperation, Remove-AzRoleAssignment, Get-AzRoleAssignment, New-AzRoleAssignment...}
Script     1.0.0      Az.ServiceBus                       {New-AzServiceBusNamespace, Get-AzServiceBusNamespace, Set-AzServiceBusNamespace, Remove-AzServiceBusNamespace...}
Script     1.0.1      Az.ServiceFabric                    {Add-AzServiceFabricApplicationCertificate, Add-AzServiceFabricClientCertificate, Add-AzServiceFabricClusterCertificate, Add-AzServiceFabricNode...}
Script     1.0.2      Az.SignalR                          {New-AzSignalR, Get-AzSignalR, Get-AzSignalRKey, New-AzSignalRKey...}
Script     1.2.0      Az.Sql                              {Get-AzSqlDatabaseTransparentDataEncryption, Get-AzSqlDatabaseTransparentDataEncryptionActivity, Set-AzSqlDatabaseTransparentDataEncryption, Get-AzSqlDatabaseUpgradeHint...}
Script     1.0.2      Az.Storage                          {Get-AzStorageAccount, Get-AzStorageAccountKey, New-AzStorageAccount, New-AzStorageAccountKey...}
Script     1.0.0      Az.StreamAnalytics                  {Get-AzStreamAnalyticsFunction, Get-AzStreamAnalyticsDefaultFunctionDefinition, New-AzStreamAnalyticsFunction, Remove-AzStreamAnalyticsFunction...}
Script     1.0.1      Az.TrafficManager                   {Add-AzTrafficManagerCustomHeaderToEndpoint, Remove-AzTrafficManagerCustomHeaderFromEndpoint, Add-AzTrafficManagerCustomHeaderToProfile, Remove-AzTrafficManagerCustomHeaderFromProfile...}
Script     1.1.0      Az.Websites                         {Get-AzAppServicePlan, Set-AzAppServicePlan, New-AzAppServicePlan, Remove-AzAppServicePlan...}

Debug output

ResourceGroupName : rgImgGal
PublishingProfile :
TargetRegions[0] :
Name : East US
RegionalReplicaCount : 1
TargetRegions[1] :
Name : West Europe
RegionalReplicaCount : 1
TargetRegions[2] :
Name : North Central US
RegionalReplicaCount : 1
Source :
ManagedImage :
Id : /subscriptions/45d2de74-1c6c-4a8b-bfec-0962dfd2d0b1/resourceGroups/rgImgGal/providers/Microsoft.Compute/images/OS450v2Gold
ReplicaCount : 1
ExcludeFromLatest : False
PublishedDate : 2/24/2019 4:28:15 PM
EndOfLifeDate : 1/1/2020 12:00:00 AM
ProvisioningState : Succeeded
StorageProfile :
OsDiskImage :
SizeInGB : 127
HostCaching : None
ReplicationStatus :
AggregatedState : Completed
Summary[0] :
Region : eastus
State : Completed
Progress : 100
Summary[1] :
Region : westeurope
State : Completed
Progress : 100
Summary[2] :
Region : northcentralus
State : Completed
Progress : 100
Id : /subscriptions/45d2de74-1c6c-4a8b-bfec-0962dfd2d0b1/resourceGroups/rgImgGal/providers/Microsoft.Compute/galleries/OneStreamCloudImageGallery/images/OSImage/versions/4.5.0
Name : 4.5.0
Type : Microsoft.Compute/galleries/images/versions
Location : eastus
Tags : {}

Error output

[mimckitt]

Adding @hyonholee @axayjo @cynthn who were working on the issue opened against the doc.

We can continue here.

[joezuchora]

Hi all - has anyone been able to create a VM from a shared image gallery in a different subscription using Az? I've recently updated my Az modules and still no luck being able to leverage this functionality.

[cynthn]

I've done it several times. But, I am the owner of multiple subscriptions in my tenant. If you aren't the owner of both subscriptions, you might not have the correct permissions.

Have you tried granting yourself permission directly to the Gallery?

[joezuchora]

Hello, yes I am an owner on both.

Also, for what it's worth I'm getting the same error: New-AzVm : The image subscription doesn't match the current subscription. Are you using a template, CLI or Az?

[cynthn]

I've created VMs across subscriptions using both CLI and the Az version of PowerShell. I've never done it with a template.

What syntax are you using to create the VM? Maybe drop using a variable and just put directly use the ID of the image version.

You can use $imageVersions = Get-AzResource -ResourceType Microsoft.Compute/galleries/images/versions and then $imageVersions.Id to see the different IDs of the image versions in the subscription where your gallery is located.

Swtich over to subscription 2 and try to create a VM using the full ID. Here is what that might look like (I changed location to EastUS because it looks like you replicated there):

New-AzVm -ResourceGroupName "myResourceGroup" -Name "myVMfromImage" -Image "/subscriptions/<this part is the subscription ID of the sub where the gallery was created>/resourceGroups/PortalGalleryRG/providers/Microsoft.Compute/galleries/PortalGallery/images/portalDefininition/versions/1.0.0" -Location "EastUS" -VirtualNetworkName "myImageVnet" -SubnetName "myImageSubnet" -SecurityGroupName "myImageNSG" -PublicIpAddressName "myImagePIP" ` -OpenPorts 3389

[ValenAko]

I hate to do "me too"'s, but I am running up against (I think) exactly the same problem.
2 subscriptions, in the same Azure tenant. Logged in as the "Global Admin"/"Account owner" so I think RBAC is not an issue? Shared Gallery is created in Southeast Asia (subscription 1), and an image version is stored in Southeast Asia, and replicated to East US 2. When trying to create an new VM with New-AzVM with Subscription 2 current in the Az context, getting error "New-AzVM : The image subscription doesn't match the current subscription". I think this doesnt currently work? Ummm, sorry, but isnt this the whole reason to have shared galleries? (no sarcasm meant/implied :-))

Anyone had any luck with this?

Thanks in Advance -

[cynthn]

@ValenAko Thanks for the feedback! Just to make sure, have you followed the part of the article that shows you how to register your subscription for the feature? Have you done it for both subscriptions? And, is PowerShell up-to-date?

I'm actually thinking you might need to register each subscription for the feature, and that may be the issue (which would need to be clarified in the docs). Can you check and get back to me? Thanks!

[joezuchora]

I can confirm that for both of the subscriptions under my test tenant have been set using the following:

Register-AzProviderFeature -FeatureName GalleryPreview -ProviderNamespace Microsoft.Compute Register-AzResourceProvider -ProviderNamespace Microsoft.Compute

I also have Az 1.7 installed.

[axayjo]

Adding @vanbasten2323 to take a look into this.

[axayjo]

Adding @hyonholee from Azure PowerShell team as well.

[ValenAko]

Yes, I ensured that I ran both commands on both subscriptions. I have also verified that Get-AzProviderFeature has a Registered status.

Sorry, I dont know how to get version information for the az cmdlets.

PS C:> Get-AzProviderFeature

FeatureName ProviderName RegistrationState

---

GalleryPreview Microsoft.Compute Registered

PS C:> $PSVersionTable

Name Value

---

PSVersion 5.1.17763.316 PSEdition Desktop PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...} BuildVersion 10.0.17763.316 CLRVersion 4.0.30319.42000 WSManStackVersion 3.0 PSRemotingProtocolVersion 2.3 SerializationVersion 1.1.0.1

On Wed, Apr 17, 2019 at 12:59 AM Cynthia Nottingham < notifications@github.com> wrote:

@ValenAko https://github.com/ValenAko Thanks for the feedback! Just to make sure, have you followed the part of the article that shows you how to register your subscription for the feature? Have you done it for both subscriptions? And, is PowerShell up-to-date?

I'm actually thinking you might need to register each subscription for the feature, and that may be the issue (which would need to be clarified in the docs). Can you check and get back to me? Thanks!

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/Azure/azure-powershell/issues/8670#issuecomment-483757636, or mute the thread https://github.com/notifications/unsubscribe-auth/AvYPFH5BIdeu_axKi-XyF0QyMXvQWRNRks5vhgFdgaJpZM4bbZ4W .

[ValenAko]

Figured out how to give you version info -

PS C:> Get-InstalledModule -Name Az -AllVersions | select Name,Version

Name Version

---

Az 1.5.0 Az 1.7.0

On Wed, Apr 17, 2019 at 8:14 AM Akshay Joshi notifications@github.com wrote:

Adding @hyonholee https://github.com/hyonholee from Azure PowerShell team as well.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/Azure/azure-powershell/issues/8670#issuecomment-483888716, or mute the thread https://github.com/notifications/unsubscribe-auth/AvYPFLeKnWij_YrTTNP6PMoMDazdUVEHks5vhmdIgaJpZM4bbZ4W .

[joezuchora]

Figured out how to give you version info - PS C:> Get-InstalledModule -Name Az -AllVersions | select Name,Version Name Version ---- ------- Az 1.5.0 Az 1.7.0 … On Wed, Apr 17, 2019 at 8:14 AM Akshay Joshi @.***> wrote: Adding @hyonholee https://github.com/hyonholee from Azure PowerShell team as well. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#8670 (comment)>, or mute the thread https://github.com/notifications/unsubscribe-auth/AvYPFLeKnWij_YrTTNP6PMoMDazdUVEHks5vhmdIgaJpZM4bbZ4W .

Very helpful, thank you for sharing. Turns out I actually had 1.7 installed.

[ValenAko]

Is there a workaround for this? I understand it is still in preview and hence no promises made, but its kinda useless at the moment if I cant share with another subscription in the same tenant.

The portal doesnt show the gallery either - so Im not sure its only a powershell issue?

On Wed, Apr 17, 2019 at 8:18 PM jzuchora87 notifications@github.com wrote:

Figured out how to give you version info - PS C:> Get-InstalledModule -Name Az -AllVersions | select Name,Version Name Version ---- ------- Az 1.5.0 Az 1.7.0 … <#m3423317084890092408> On Wed, Apr 17, 2019 at 8:14 AM Akshay Joshi @.***> wrote: Adding @hyonholee https://github.com/hyonholee https://github.com/hyonholee from Azure PowerShell team as well. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#8670 (comment) https://github.com/Azure/azure-powershell/issues/8670#issuecomment-483888716>, or mute the thread https://github.com/notifications/unsubscribe-auth/AvYPFLeKnWij_YrTTNP6PMoMDazdUVEHks5vhmdIgaJpZM4bbZ4W .

Very helpful, thank you for sharing. Turns out I actually had 1.7 installed.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/Azure/azure-powershell/issues/8670#issuecomment-484057662, or mute the thread https://github.com/notifications/unsubscribe-auth/AvYPFHRA6rbr87saDzODvlNgadFDUXn0ks5vhxESgaJpZM4bbZ4W .

[ValenAko]

Sorry to be a pain, but how did we do this (copying an image from one subscription to another within the same tenant) before Image Sharing? If I cannot share the image, then I'm fine with copying it over to the other subscription in my tenant.

Thank you for any guidance.

[joezuchora]

Sorry to be a pain, but how did we do this (copying an image from one subscription to another within the same tenant) before Image Sharing? If I cannot share the image, then I'm fine with copying it over to the other subscription in my tenant.

Thank you for any guidance.

We use AzCopy but you can also use Azure PowerShell -- Start-AzureStorageBlobCopy

[joezuchora]

For anyone still watching this thread, I have installed Az 2.0 and am still having the same issue -- New-AzVm : The image subscription doesn't match the current subscription..

I've attached my code below. Any ideas?

---

Register preview resource provider for both subs

$subs = @("45d2de74-1c6c-4a8b-bfec-0962dfd2d0b1", "2c553b2e-098a-4214-9f25-1a038dc7111a")

foreach ($sub in $subs){

Select-AzSubscription -SubscriptionId $sub Register-AzProviderFeature -FeatureName GalleryPreview -ProviderNamespace Microsoft.Compute Register-AzResourceProvider -ProviderNamespace Microsoft.Compute

$status = (Get-AzProviderFeature -FeatureName GalleryPreview -ProviderNamespace Microsoft.Compute).RegistrationState

While($status -eq "Registering"){

  Start-Sleep 60 
  $status = (Get-AzProviderFeature -FeatureName GalleryPreview -ProviderNamespace Microsoft.Compute).RegistrationState
  $status

} }

Select Cloud Dev/Test

Select-AzSubscription -Subscriptionid 45d2de74-1c6c-4a8b-bfec-0962dfd2d0b1

Create test Resource Group

$resourceGroup = New-AzResourceGroup -Name "rgImgGal" -Location "East US"

Create new gallery in cloud test

$gallery = New-AzGallery -GalleryName 'CloudImageGallery' -ResourceGroupName $resourceGroup.ResourceGroupName -Location $resourceGroup.Location -Description 'Shared Image Gallery.'

New Image Definiton

$galleryImage = New-AzGalleryImageDefinition -GalleryName $gallery.Name -ResourceGroupName $resourceGroup.ResourceGroupName -Location $gallery.Location -Name 'OSImage' -OsState generalized -OsType Windows -Publisher 'OS' -Offer 'myOffer' ` -Sku 'OS504'

Create image

$urlOfCapturedImageVhd = "https://removed.blob.core.windows.net/copiedvhds/OS503v1Gold.vhd" # Get uri from an env where it was already copied to;Must be in the same subscription $imageConfig = New-AzureRmImageConfig -Location $resourceGroup.Location $imageConfig = Set-AzureRmImageOsDisk -Image $imageConfig -OsType Windows -OsState Generalized -BlobUri $urlOfCapturedImageVhd $image = New-AzureRmImage -ImageName 'OS503v1Gold' -ResourceGroupName $resourceGroup.ResourceGroupName -Image $imageConfig

Get the managed image

$managedImage = Get-AzImage -ImageName 'OS503v1Gold' -ResourceGroupName $resourceGroup.ResourceGroupName

Replicate to our 12 regions

$region1 = @{Name='Canada Central';ReplicaCount=1} $region2 = @{Name='Canada East';ReplicaCount=1} $region3 = @{Name='Central US';ReplicaCount=1} $region4 = @{Name='East US';ReplicaCount=1} $region5 = @{Name='East US 2';ReplicaCount=1} $region6 = @{Name='North Central US';ReplicaCount=1} $region7 = @{Name='North Europe';ReplicaCount=1} $region8 = @{Name='South Central US';ReplicaCount=1} $region9 = @{Name='West Central US';ReplicaCount=1} $region10 = @{Name='West Europe';ReplicaCount=1} $region11 = @{Name='West US';ReplicaCount=1} $region12 = @{Name='West US 2';ReplicaCount=1}

$targetRegions = @($region1,$region2,$region3,$region4,$region5,$region6, $region7, $region8, $region9, $region10, $region11, $region12)

Testing just replication to East US and West Europe right now

$targetRegions = @($region4, $region10)

Create new version

$job = $imageVersion = New-AzGalleryImageVersion -GalleryImageDefinitionName $galleryImage.Name -GalleryImageVersionName '5.0.3' -GalleryName $gallery.Name -ResourceGroupName $resourceGroup.ResourceGroupName -Location $resourceGroup.Location -TargetRegion $targetRegions -Source $managedImage.Id.ToString() -PublishingProfileEndOfLifeDate '2020-01-01'

$imageVersion = Get-AzGalleryImageVersion -ExpandReplicationStatus -ResourceGroupName "rgImgGal" -GalleryName "CloudImageGallery" -GalleryImageDefinitionName "OSImage" -Name "5.0.3"

----------------------------------------------------

Create test vm in a random other env / subscription

Select Standard Customer Test

Select-AzSubscription -SubscriptionId 2c553b2e-098a-4214-9f25-1a038dc7111a

Print Image Version

$imageVersion.Id

Image Id: /subscriptions/45d2de74-1c6c-4a8b-bfec-0962dfd2d0b1/resourceGroups/rgImgGal/providers/Microsoft.Compute/galleries/CloudImageGallery/images/OSImage/versions/5.0.3

Create test Resource Group

$resourceGroup = New-AzResourceGroup -Name "rgImgGal-Customer" -Location "West Europe"

Create VM using image version

New-AzVm -ResourceGroupName $resourceGroup.ResourceGroupName -Name "vmTstGalImg" -Image $imageVersion.Id -Location "West Europe" -VirtualNetworkName "myImageVnet" -SubnetName "myImageSubnet" -SecurityGroupName "myImageNSG" -PublicIpAddressName "myImagePIP" -OpenPorts 3389 -Debug

[vanbasten2323]

Hi @jzuchora87 , I can reproduce this error. We have told Azure Powershell team to fix this issue as soon as possible. We'll provide a workaround for you for the moment.

[ValenAko]

Hi @jzuchora87 - this issue has been open for a very long time, and occasionally has some amount of activity in this thread. Most of the rest of the time, the echo in the vacant room is deafening :-) I do hope they give it some amount of CPU cycles in the near future. A shared gallery that cannot be shared doesnt exactly ring the bell for usefulness...

[vanbasten2323]

Hi @ValenAko and @jzuchora87, you can try the below Powershell to create a VM from a gallery image that is created in another subscription. I tried it and it works for me.

$imageId = "/subscriptions/97f78232-382b-46a7-8a72-964d692c0000/resourceGroups/wRg/providers/Microsoft.Compute/galleries/galleryForus/images/GalleryImageForusWindows/versions/1.0.0";
$rgname = Get-ComputeTestResourceName;

# Common
$loc = Get-ComputeVMLocation;
New-AzResourceGroup -Name $rgname -Location $loc -Force;

# Create a VM first
$vmsize = 'Standard_D2_v2';
$vmname = 'vm' + $rgname;
$p = New-AzVMConfig -VMName $vmname -VMSize $vmsize;

# NRP
$subnet = New-AzVirtualNetworkSubnetConfig -Name ('subnet' + $rgname) -AddressPrefix "10.0.0.0/24";
$vnet = New-AzVirtualNetwork -Force -Name ('vnet' + $rgname) -ResourceGroupName $rgname -Location $loc -AddressPrefix "10.0.0.0/16" -Subnet $subnet;
$vnet = Get-AzVirtualNetwork -Name ('vnet' + $rgname) -ResourceGroupName $rgname;
$subnetId = $vnet.Subnets[0].Id;
$pubip = New-AzPublicIpAddress -Force -Name ('pubip' + $rgname) -ResourceGroupName $rgname -Location $loc -AllocationMethod Dynamic -DomainNameLabel ('pubip' + $rgname);
$pubip = Get-AzPublicIpAddress -Name ('pubip' + $rgname) -ResourceGroupName $rgname;
$nic = New-AzNetworkInterface -Force -Name ('nic' + $rgname) -ResourceGroupName $rgname -Location $loc -SubnetId $subnetId -PublicIpAddressId $pubip.Id;
$nic = Get-AzNetworkInterface -Name ('nic' + $rgname) -ResourceGroupName $rgname;
$nicId = $nic.Id;
$p = Add-AzVMNetworkInterface -VM $p -Id $nicId -Primary;

# OS & Image
$user = "Foo12";
$password = $PLACEHOLDER;
$securePassword = ConvertTo-SecureString $password -AsPlainText -Force;
$cred = New-Object System.Management.Automation.PSCredential ($user, $securePassword);
$computerName = 'test';
$p = Set-AzVMOperatingSystem -VM $p -Windows -ComputerName $computerName -Credential $cred;

$p = Set-AzVMSourceImage -VM $p -Id $imageId;

# Virtual Machine
New-AzVM -ResourceGroupName $rgname -Location $loc -VM $p;

Add @markcowl , @praries880 to get more attention to fix the issue.

[markcowl]

@dcaro Can we get to an agreement about the Compute team fixing things in both parameter sets? If the functionality works in the 'complex object' parameter set, the same logic should be easy to move into the simple parameter set as well.

[dcaro]

Has been fixed in Az 3.1.0