How Shared Image Gallery can be used for sharing accross tenants and subcriptions


I used RBAC share feature as noted in documentation but it does not seem to work as expected.

I have Azure AD 1 and Subcription 1 where shared image gallery is being hosted. I also have Azure AD 2 and Subscription 2 where I'd like to create VM from shared image gallery version. I gave user 1 in Azure AD 2 reader permission to Shared Image gallery which works fine and that user 1 can see all images in shared image gallery. Question is how do I create VM from image since the only option user 1 sees in subscription is Subscription 1 since it's logged to Azure AD 1. How do I deploy that image to Subscription 2 which is under Azure AD 2?

1 Reply

@Gregory Suvalian 




The user who is outside the organization need to accept the invitation : Have you done that in the role assignment process?  


User can see both subscriptions but he will need to be invited in AD2 to be able to manage resources in  Subscription 2.