[JIRA] (JENKINS-61934) Impossible to use custom image from an other subscription

[cpottiers@gmail.com (JIRA)]

Cyril Pottiers created an issue

Jenkins / JENKINS-61934 Impossible to use custom image from an other subscription Issue Type: Improvement Assignee: Azure DevOps Components: azure-vm-agents-plugin Created: 2020-04-16 15:49 Environment: Jenkins ver. 2.222.1 Plugin azure-vm-agent 1.4.1 Priority: Minor Reporter: Cyril Pottiers We have an entreprise subscription (subA) where we manage all our images templates. Jenkins is deployed in subB and we configure the plugin to use the custom image in subA ( /subscriptions/subA/resourceGroups/rg-templates/providers/Microsoft.Compute/images/template-jenkins-slave) We have an exception during the slave construction : com.microsoft.azure.CloudException: Status code 403, {"error":{"code":"AuthorizationFailed","message":"The client 'xxxxx' with object id 'xxx' does not have authorization to perform action 'Microsoft.Compute/images/read' over scope '/subscriptions/subB/resourceGroups/rg-templates/providers/Microsoft.Compute/images/template-jenkins-slave' or the scope is invalid. If access was recently granted, please refresh your credentials."}}: The client 'xxx' with object id 'xxx' does not have authorization to perform action 'Microsoft.Compute/images/read' over scope '/subscriptions/subB/resourceGroups/rg-templates/providers/Microsoft.Compute/images/template-jenkins-slave' or the scope is invalid. If access was recently granted, please refresh your credentials. The plugin try to get the custom image from subB and not subA ...   note : with az CLI, we can create a VM in subB that fetches a custom image from subA Add Comment

This message was sent by Atlassian Jira (v7.13.12#713012-sha1:6e07c38)