PublicAccessNotPermitted error during Azure image builder process

In this blog I would like to share a small but very annoying error I ran into, during my Image builder process with Azure pipelines.

Using Azure pipelines, we can load, create and manage a variety of Windows and Linux images, which then can be distributed with multiple Azure regions for many purposes.
More information about Azure image builder process, can be found at the next link: Learn about Azure Image Builder — Azure Virtual Machines | Microsoft Docs

The issue

I based on the next Microsoft article to manage and create a Windows image and customized it as needed.
I went over all the steps, not missing a single thing, but always got the same error during my pipeline release process:

When I have opened the link to the log, I have seen the next detailed error:

<Error>
<Code>PublicAccessNotPermitted</Code>
<Message>Public access is not permitted on this storage account.

I have checked the permissions configuration on the image’s storage account, and everything was configured correctly.
Part of the image builder process, which taks place in the background, is the creation of a staging resource group in the subscription.
This resource group is used for the image build. It will be in this format: IT_<DestinationResourceGroup>_<TemplateName>

I have noticed that even the storage permissions on the storage account created in that resource group, are also configured as needed.

To get more details about the provisioning process, I have looked at the activity log of the newly created resource group, created by the image builder process.
Right away I was able to see that was an error at the log.

When I opened the log, I got the next message:

Means that the error was generated because the VM SKU wasn’t available at West Europe region!

• Another option for log inspection, is entering the storage located at the IT_<DestinationResourceGroup>_<TemplateName> newly created resource group.
  Check the container tab at the storage blob and select the packerlogs container.

Enter the folder and download the customiztion.log

When you open the log you will be to see the reason for the building failure:

Solving the issue

To verify that it was the issue causing the error, I have tried to create a Windows VM manually in West Europe.
When I was trying to select the VM size, I saw that the Standard_DS1_v2 wasn’t available in this region and appeared as grayed out:

I have then changed the VM size at the Azure pipeline that I have configured from the originally configured Standard_DS1_v2 size:

To other VM size available at West Europe region, in this example Standard_D2as_v5:

The other option of course, is to select another region where the Standard_DS1_v2 size is available.

After running the pipeline again with a different VM size, I have managed to complete the image builder successfully:

I would like to thank Shachaf Goldstein | LinkedIn for the assistance solving this annoying issue :-)