Azure
diff --git a/‎examples/linux_zonal_vm_with_zrs_disk/.gitkeep‎ b/‎examples/linux_zonal_vm_with_zrs_disk/.gitkeep‎
diff --git a/‎examples/linux_zonal_vm_with_zrs_disk/README.md‎
Lines changed: 335 additions & 0 deletions b/‎examples/linux_zonal_vm_with_zrs_disk/README.md‎
Lines changed: 335 additions & 0 deletions
diff --git a/‎examples/linux_zonal_vm_with_zrs_disk/_footer.md‎
Lines changed: 4 additions & 0 deletions b/‎examples/linux_zonal_vm_with_zrs_disk/_footer.md‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎examples/linux_zonal_vm_with_zrs_disk/_header.md‎
Lines changed: 17 additions & 0 deletions b/‎examples/linux_zonal_vm_with_zrs_disk/_header.md‎
Lines changed: 17 additions & 0 deletions
diff --git a/‎examples/linux_zonal_vm_with_zrs_disk/features.tf‎
Lines changed: 7 additions & 0 deletions b/‎examples/linux_zonal_vm_with_zrs_disk/features.tf‎
Lines changed: 7 additions & 0 deletions
@@ -0,0 +1,335 @@
+<!-- BEGIN_TF_DOCS -->
+<!-- Code generated by terraform-docs. DO NOT EDIT. -->
+# Default
+
+This example demonstrates the creation of a simple Ubuntu VM with the following features:
+
+    - a single private IPv4 address
+    - an auto-generated SSH key for an admin user named azureuser
+    - password authentication disabled
+    - a single default OS 128gb OS disk
+    - deploys into a randomly selected region
+    - bound to a single randomly selected availablity zone
+    - a single ZRS data disk of 128gb
+
+It includes the following resources in addition to the VM resource:
+
+    - A Vnet with two subnets
+    - A keyvault for storing the login secrets
+    - An optional subnet, public ip, and bastion which can be enabled by uncommenting the bastion resources when running the example.
+
+```hcl
+terraform {
+  required_version = ">= 1.9, < 2.0"
+
+  required_providers {
+    azapi = {
+      source  = "azure/azapi"
+      version = "~> 2.0"
+    }
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = ">= 3.116, < 5.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3.7"
+    }
+  }
+}
+
+# tflint-ignore: terraform_module_provider_declaration, terraform_output_separate, terraform_variable_separate
+provider "azurerm" {
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+    key_vault {
+      purge_soft_delete_on_destroy = true
+    }
+  }
+}
+
+module "naming" {
+  source  = "Azure/naming/azurerm"
+  version = "0.4.2"
+}
+
+module "regions" {
+  source  = "Azure/avm-utl-regions/azurerm"
+  version = "0.5.0"
+
+  availability_zones_filter = true
+}
+
+locals {
+  #deployment_region = module.regions.regions[random_integer.region_index.result].name
+  deployment_region = "canadacentral" #temporarily pinning on single region
+  tags = {
+    scenario = "Default"
+  }
+}
+
+resource "random_integer" "region_index" {
+  max = length(module.regions.regions_by_name) - 1
+  min = 0
+}
+
+resource "random_integer" "zone_index" {
+  max = length(module.regions.regions_by_name[local.deployment_region].zones)
+  min = 1
+}
+
+resource "azurerm_resource_group" "this_rg" {
+  location = local.deployment_region
+  name     = module.naming.resource_group.name_unique
+  tags     = local.tags
+}
+
+module "vm_sku" {
+  source  = "Azure/avm-utl-sku-finder/azapi"
+  version = "0.3.0"
+
+  location      = azurerm_resource_group.this_rg.location
+  cache_results = true
+  vm_filters = {
+    min_vcpus                      = 2
+    max_vcpus                      = 2
+    encryption_at_host_supported   = true
+    accelerated_networking_enabled = true
+    premium_io_supported           = true
+    location_zone                  = random_integer.zone_index.result
+  }
+
+  depends_on = [random_integer.zone_index]
+}
+
+module "natgateway" {
+  source  = "Azure/avm-res-network-natgateway/azurerm"
+  version = "0.2.1"
+
+  location            = azurerm_resource_group.this_rg.location
+  name                = module.naming.nat_gateway.name_unique
+  resource_group_name = azurerm_resource_group.this_rg.name
+  enable_telemetry    = true
+  public_ips = {
+    public_ip_1 = {
+      name = "nat_gw_pip1"
+    }
+  }
+}
+
+module "vnet" {
+  source  = "Azure/avm-res-network-virtualnetwork/azurerm"
+  version = "=0.8.1"
+
+  address_space       = ["10.0.0.0/16"]
+  location            = azurerm_resource_group.this_rg.location
+  resource_group_name = azurerm_resource_group.this_rg.name
+  name                = module.naming.virtual_network.name_unique
+  subnets = {
+    vm_subnet_1 = {
+      name             = "${module.naming.subnet.name_unique}-1"
+      address_prefixes = ["10.0.1.0/24"]
+      nat_gateway = {
+        id = module.natgateway.resource_id
+      }
+    }
+    vm_subnet_2 = {
+      name             = "${module.naming.subnet.name_unique}-2"
+      address_prefixes = ["10.0.2.0/24"]
+      nat_gateway = {
+        id = module.natgateway.resource_id
+      }
+    }
+    AzureBastionSubnet = {
+      name             = "AzureBastionSubnet"
+      address_prefixes = ["10.0.3.0/24"]
+    }
+  }
+}
+
+/* Uncomment this section if you would like to include a bastion resource with this example.
+resource "azurerm_public_ip" "bastionpip" {
+  name                = module.naming.public_ip.name_unique
+  location            = azurerm_resource_group.this_rg.location
+  resource_group_name = azurerm_resource_group.this_rg.name
+  allocation_method   = "Static"
+  sku                 = "Standard"
+}
+
+resource "azurerm_bastion_host" "bastion" {
+  name                = module.naming.bastion_host.name_unique
+  location            = azurerm_resource_group.this_rg.location
+  resource_group_name = azurerm_resource_group.this_rg.name
+
+  ip_configuration {
+    name                 = "${module.naming.bastion_host.name_unique}-ipconf"
+    subnet_id            = module.vnet.subnets["AzureBastionSubnet"].resource_id
+    public_ip_address_id = azurerm_public_ip.bastionpip.id
+  }
+}
+*/
+
+data "azurerm_client_config" "current" {}
+
+module "avm_res_keyvault_vault" {
+  source  = "Azure/avm-res-keyvault-vault/azurerm"
+  version = "=0.10.0"
+
+  location            = azurerm_resource_group.this_rg.location
+  name                = "${module.naming.key_vault.name_unique}-linux-default"
+  resource_group_name = azurerm_resource_group.this_rg.name
+  tenant_id           = data.azurerm_client_config.current.tenant_id
+  network_acls = {
+    default_action = "Allow"
+  }
+  role_assignments = {
+    deployment_user_secrets = {
+      role_definition_id_or_name = "Key Vault Secrets Officer"
+      principal_id               = data.azurerm_client_config.current.object_id
+    }
+  }
+  tags = local.tags
+  wait_for_rbac_before_secret_operations = {
+    create = "60s"
+  }
+}
+
+module "testvm" {
+  source = "../../"
+
+  location = azurerm_resource_group.this_rg.location
+  name     = module.naming.virtual_machine.name_unique
+  network_interfaces = {
+    network_interface_1 = {
+      name = module.naming.network_interface.name_unique
+      ip_configurations = {
+        ip_configuration_1 = {
+          name                          = "${module.naming.network_interface.name_unique}-ipconfig1"
+          private_ip_subnet_resource_id = module.vnet.subnets["vm_subnet_1"].resource_id
+        }
+      }
+    }
+  }
+  resource_group_name = azurerm_resource_group.this_rg.name
+  zone                = random_integer.zone_index.result
+  account_credentials = {
+    key_vault_configuration = {
+      resource_id = module.avm_res_keyvault_vault.resource_id
+    }
+  }
+  enable_telemetry = var.enable_telemetry
+  os_type          = "Linux"
+  sku_size         = module.vm_sku.sku
+  source_image_reference = {
+    publisher = "Canonical"
+    offer     = "0001-com-ubuntu-server-focal"
+    sku       = "20_04-lts-gen2"
+    version   = "latest"
+  }
+  tags = local.tags
+
+  depends_on = [
+    module.avm_res_keyvault_vault
+  ]
+}
+```
+
+<!-- markdownlint-disable MD033 -->
+## Requirements
+
+The following requirements are needed by this module:
+
+- <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) (>= 1.9, < 2.0)
+
+- <a name="requirement_azapi"></a> [azapi](#requirement\_azapi) (~> 2.0)
+
+- <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) (>= 3.116, < 5.0)
+
+- <a name="requirement_random"></a> [random](#requirement\_random) (~> 3.7)
+
+## Resources
+
+The following resources are used by this module:
+
+- [azapi_update_resource.allow_drop_unencrypted_vnet](https://registry.terraform.io/providers/azure/azapi/latest/docs/resources/update_resource) (resource)
+- [azurerm_resource_group.this_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) (resource)
+- [random_integer.region_index](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/integer) (resource)
+- [random_integer.zone_index](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/integer) (resource)
+- [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) (data source)
+
+<!-- markdownlint-disable MD013 -->
+## Required Inputs
+
+No required inputs.
+
+## Optional Inputs
+
+The following input variables are optional (have default values):
+
+### <a name="input_enable_telemetry"></a> [enable\_telemetry](#input\_enable\_telemetry)
+
+Description: This variable controls whether or not telemetry is enabled for the module.
+For more information see https://aka.ms/avm/telemetryinfo.
+If it is set to false, then no telemetry will be collected.
+
+Type: `bool`
+
+Default: `true`
+
+## Outputs
+
+No outputs.
+
+## Modules
+
+The following Modules are called:
+
+### <a name="module_avm_res_keyvault_vault"></a> [avm\_res\_keyvault\_vault](#module\_avm\_res\_keyvault\_vault)
+
+Source: Azure/avm-res-keyvault-vault/azurerm
+
+Version: =0.10.0
+
+### <a name="module_naming"></a> [naming](#module\_naming)
+
+Source: Azure/naming/azurerm
+
+Version: 0.4.2
+
+### <a name="module_natgateway"></a> [natgateway](#module\_natgateway)
+
+Source: Azure/avm-res-network-natgateway/azurerm
+
+Version: 0.2.1
+
+### <a name="module_regions"></a> [regions](#module\_regions)
+
+Source: Azure/avm-utl-regions/azurerm
+
+Version: 0.5.0
+
+### <a name="module_testvm"></a> [testvm](#module\_testvm)
+
+Source: ../../
+
+Version:
+
+### <a name="module_vm_sku"></a> [vm\_sku](#module\_vm\_sku)
+
+Source: Azure/avm-utl-sku-finder/azapi
+
+Version: 0.3.0
+
+### <a name="module_vnet"></a> [vnet](#module\_vnet)
+
+Source: Azure/avm-res-network-virtualnetwork/azurerm
+
+Version: =0.8.1
+
+<!-- markdownlint-disable-next-line MD041 -->
+## Data Collection
+
+The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at <https://go.microsoft.com/fwlink/?LinkID=824704>. You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
+<!-- END_TF_DOCS -->
@@ -0,0 +1,4 @@
+<!-- markdownlint-disable-next-line MD041 -->
+## Data Collection
+
+The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at <https://go.microsoft.com/fwlink/?LinkID=824704>. You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
@@ -0,0 +1,17 @@
+# Default
+
+This example demonstrates the creation of a simple Ubuntu VM with the following features:
+
+    - a single private IPv4 address
+    - an auto-generated SSH key for an admin user named azureuser
+    - password authentication disabled
+    - a single default OS 128gb OS disk
+    - deploys into a randomly selected region
+    - bound to a single randomly selected availablity zone
+    - a single ZRS data disk of 128gb
+
+It includes the following resources in addition to the VM resource:
+
+    - A Vnet with two subnets
+    - A keyvault for storing the login secrets
+    - An optional subnet, public ip, and bastion which can be enabled by uncommenting the bastion resources when running the example.
@@ -0,0 +1,7 @@
+resource "azapi_update_resource" "allow_drop_unencrypted_vnet" {
+  resource_id = "/subscriptions/${data.azurerm_client_config.current.subscription_id}/providers/Microsoft.Features/featureProviders/Microsoft.Compute/subscriptionFeatureRegistrations/EncryptionAtHost"
+  type        = "Microsoft.Features/featureProviders/subscriptionFeatureRegistrations@2021-07-01"
+  body = {
+    properties = {}
+  }
+}