我正在尝试使用Tenant-1中可用的Shared Image Galley在Tenant-2中创建VM。
下面是我正在使用的代码。
provider "azurerm" {
subscription_id = "${var.subscription_id}"
client_id = "${var.client_id}"
client_secret = "${var.client_secret}"
tenant_id = "${var.tenant_id}"
}
用于获取SIG资源的提供程序
provider "azurerm" {
alias = "sig-resources-id"
subscription_id = "${var.sig_subscription_id}"
client_id = "${var.sig_client_id}"
client_secret = "${var.sig_client_secret}"
tenant_id = "${var.sig_tenant_id}"
}
我从Tenant-1获得映像ID,并在azurerm_virtual_machine中使用它在Tenant-2中创建VM。
错误:compute.VirtualMachinesClient#CreateOrUpdate:发送请求失败:StatusCode = 403-原始错误:Code =“ LinkedAuthorizationFailed”消息=“客户端有权执行操作'Microsoft.Compute / galleries / images / versions / read在范围'/subscriptions/subscription-ID-of-tenant-2/resourceGroups/mygroup/providers/Microsoft.Compute/virtualMachines/sigvm-01'上,但是当前租户“无权访问链接的订阅”。 “
非常感谢您的帮助。
答案 0 :(得分:0)
这似乎在https://github.com/terraform-providers/terraform-provider-azurerm/pull/4290
中已解决根据此修复程序,请将以下属性auxiliary_tenant_ids = [""]添加到Tenant-1
provider "azurerm" {
subscription_id = "${var.subscription_id}"
client_id = "${var.client_id}"
client_secret = "${var.client_secret}"
tenant_id = "${var.tenant_id}"
auxiliary_tenant_ids = ["${var.sig_tenant_id}"]
}
希望这会有所帮助!