What does the LinkedAuthorizationFailed mean in PowerShell?

I'm trying to add virtual network rules in a cosmos db using PowerShell. The VNETS exist in different tenants. I done the same for Storage accounts and it worked fine. I am getting the following error. Could someone give me some pointers as to where i'm going wrong? is it possible to do this in a cosmos db database?

Set-AzureRmResource : LinkedAuthorizationFailed : The client has permission to perform action 'Microsoft.Network/virtualNetworks/subnets/joinViaServiceEndpoint/action' on scope '/subscriptions/Subscription ID of Cosmos DB/resourceGroups/nbspreprd3/providers/Microsoft.DocumentDb/databaseAccounts/nbspreprd3-config-document-db', however the current tenant '' is not authorized to access linked subscription ''. At line:8 char:5 + Set-AzureRmResource -ResourceType $ResourceType -ResourceGroupNam ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : CloseError: (:) [Set-AzureRmResource], ErrorResponseMessageException + FullyQualifiedErrorId : LinkedAuthorizationFailed,Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.SetAzureResourceCmdlet

This is the PowerShell Script

$ResourceGroupName = "*******"
$accountname = "*******" 
$ResourceType = "Microsoft.DocumentDb/databaseAccounts" 
$cosmosAccount = Get-AzureRMResource -ResourceType $ResourceType -ResourceGroupName $resourceGroupName -Name $accountName
$VnrID1 = "/subscriptions/*******/resourceGroups/build-agents/providers/Microsoft.Network/virtualNetworks/build-agents-vnet/subnets/build-2-subnet"
$VnrID2 = "/subscriptions/*******/resourceGroups/build-agents/providers/Microsoft.Network/virtualNetworks/build-agents-vnet/subnets/build-3-subnet"
$VnrID3 = "/subscriptions/*******/resourceGroups/build-agents/providers/Microsoft.Network/virtualNetworks/build-agents-vnet/subnets/=build1-subnet"


function setCosmosRule {

    Param($ResourceGroupName, $accountname, $ResourceType, $cosmosAccount, $VnrID1)

    $vnetrules = $cosmosAccount.Properties.virtualNetworkRules
$existsCosmos =($cosmosAccount.Properties.virtualNetworkRules | Where-Object {$_.id -eq $VnrID1} | Measure-Object).Count -ne 0
if(-not($existsCosmos)){

    $ourObject = New-Object -TypeName psobject 
    $ourObject | Add-Member -MemberType NoteProperty -Name id -Value $VnrID1
    $ourObject | Add-Member -MemberType NoteProperty -Name ignoreMissingVNetServiceEndpoint -Value True

    $newVnetRules = $vnetrules, $ourObject
    $cosmosAccount.Properties.virtualNetworkRules = $newVnetRules
    $CosmosDBProperties = $cosmosAccount.Properties
    Set-AzureRmResource -ResourceType $ResourceType -ResourceGroupName $ResourceGroupName -ResourceName $accountname  -Properties $cosmosDBProperties -Force 
}


}

Any pointers and tips are much appreciated

Thankyou