Is your feature request related to a problem? Please describe.
We have multiple customer cases, where we need to deploy VMs based on ARM/Bicep templates with image references. These images are located in a Azure Compute Library in another tenant and have a specific, second service principal they use to authenticate.
The docs doesn't mention this scenario, only using CLI and PowerShell to realize cross-tenant access. Also, the parameters aux-tenants and aux-subs from az deployment group are not available in az deployment sub.

Describe the solution you'd like
We need a solution where we can specify a second service principal and tenant to authenticate against the compute gallery. The reference to the image is already in resource id format. This has to be provided either as a parameter in Bicep(maybe with scopes) or as a azure cli parameter.

Describe alternatives you've considered
Afaik there are no alternatives available, if you want to use IaC with ARM or Bicep