Skip to content

V0.21.0 merge#247

Merged
jchancellor-ms merged 21 commits into
mainfrom
v0.21.0-merge
Jun 6, 2026
Merged

V0.21.0 merge#247
jchancellor-ms merged 21 commits into
mainfrom
v0.21.0-merge

Conversation

@jchancellor-ms
Copy link
Copy Markdown
Contributor

@jchancellor-ms jchancellor-ms commented Jun 5, 2026
edited
Loading

Description

merge branch to allow for testing of multiple submitted PRs

Type of Change

  • Non-module change (e.g. CI/CD, documentation, etc.)
  • Azure Verified Module updates:
    • Bugfix containing backwards compatible bug fixes
      • Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description.
      • The bug was found by the module author, and no one has opened an issue to report it yet.
    • Feature update backwards compatible feature updates.
    • Breaking changes.
    • Update to documentation

Checklist

  • I'm sure there are no other open Pull Requests for the same update/change
  • My corresponding pipelines / checks run clean and green without any errors or warnings
  • I did run all pre-commit checks

jchancellor-ms and others added 13 commits April 26, 2024 07:41
@jchancellor-ms
gallery app and azapi fixes
84093fd
@jchancellor-ms
azapi and gallery app fixes
7fa5f0a
@jchancellor-ms
interface spec updates
d9e541e
@jchancellor-ms
lock and doc fixes
df036cf
@jchancellor-ms
test region updates
685ab30
@jchancellor-ms
version updates
7454e5b
@jchancellor-ms
role_assignments aad_check default to false
6ad2320
@jchancellor-ms
example and dependency updates
363b896
@jchancellor-ms
sku_selector azapi version fix
7ba193a
@BasVeenendaal
fix(vm): relax random provider constraint for cross-module compatibil…
7685cce 
…ity (#245)

* fix(vm): relax random provider constraint for cross-module compatibility

* Potential fix for pull request finding

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: Bas Veenendaal <bas@novygate.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@MO2k4
fix: accept gzipped base64 payloads in custom_data validation (#238)
9849786 
* fix: accept gzipped base64 payloads in custom_data validation (#207)

* test: add example for gzipped and plaintext custom_data (#207)

---------

Co-authored-by: Martin Oehlert <453360+MO2k4@users.noreply.github.com>
@Rickmarges
fix: Set disk zone to null when creating ZRS disk (#237)
810a61b 
* Set disk zone to null when creating ZRS disk

ZRS disks can't be created with an availablity zone. When a VM is created with the zone variable set to anything other than `null`, this value is also used for creating disk leading to errors.

* Add zonal vm with ZRS disk example
@lonegunmanb
feat: add os_managed_disk_id support for attaching existing managed d…
f28c7e3 
…isk as OS disk (#234)

* feat: add os_managed_disk_id support for attaching existing managed disk as OS disk

Add support for the os_managed_disk_id parameter on both azurerm_linux_virtual_machine
and azurerm_windows_virtual_machine resources, allowing users to create VMs from
existing managed disks (Attach mode).

Changes:
- variables.tf: Add os_managed_disk_id variable with format validation and mutual
  exclusivity check against source_image_resource_id
- locals.tf: Add os_disk_is_imported local for readability
- locals.auth.tf: Skip credential generation when os_managed_disk_id is set
  (admin_username=null, no random password/SSH key generation)
- main.linux_vm.tf: Add os_managed_disk_id, conditionally null out ConflictsWith
  fields (admin_password, computer_name, custom_data, provision_vm_agent, patch_mode,
  patch_assessment_mode, bypass_platform_safety_checks, reboot_setting), update
  source_image_reference and admin_ssh_key conditions
- main.windows_vm.tf: Same as Linux plus Windows-specific ConflictsWith fields
  (enable_automatic_updates, hotpatching_enabled)

Provider behavior reference (azurerm_linux/windows_virtual_machine):
- os_managed_disk_id ExactlyOneOf: admin_username, source_image_id, source_image_reference
- ConflictsWith (shared): admin_password, computer_name, custom_data,
  provision_vm_agent, patch_mode, patch_assessment_mode,
  bypass_platform_safety_checks_on_user_schedule_enabled, reboot_setting
- ConflictsWith (Windows): hotpatching_enabled, enable_automatic_updates
- When set, Provider uses CreateOption=Attach and skips OsProfile

Closes #230

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* chore: run pre-commit to sync docs and mapotf ordering

* fix: harden os_managed_disk_id attach mode and add example

- Fix admin_password_linux/windows locals to return null when
  os_disk_is_imported, preventing random_password[0] resolution errors
- Fix password_secret_count and ssh_secret_count to return 0 when
  os_disk_is_imported, skipping unnecessary Key Vault secret creation
- Add lifecycle precondition to prevent os_managed_disk_id and
  os_disk.diff_disk_settings from being set simultaneously
- Add examples/linux_os_managed_disk/ for e2e test coverage of the
  attach-from-managed-disk path
- Update source_image_reference variable description to mention
  os_managed_disk_id mutual exclusivity
- Run pre-commit to sync docs and formatting

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: add os_disk_attach_mode variable for plan-time determinism

When os_managed_disk_id is set from a computed resource attribute (e.g.,
azurerm_managed_disk.example.id), Terraform cannot determine the null
check at plan time, causing 'count depends on resource attributes that
cannot be determined' errors.

Add os_disk_attach_mode (bool, default false) that users must set to
true alongside os_managed_disk_id. This ensures count expressions are
deterministic during planning.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: guard SSH key and credential name locals for attach mode

- Add os_disk_is_imported check to admin_ssh_key local to skip SSH key
  generation when tls_private_key.this is empty in attach mode
- Add os_disk_is_imported check to admin_ssh_key_secret_value local
- Use coalesce(admin_username, 'imported') in credential secret names
  to prevent null string interpolation errors when admin_username is
  null in attach mode

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: null out os_disk.storage_account_type in attach mode

The AzureRM Provider enforces ConflictsWith between
os_disk.storage_account_type and os_managed_disk_id. When attaching
an existing managed disk, storage_account_type must be null since
the disk type is already determined by the existing disk.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@microsoft-github-policy-service microsoft-github-policy-service Bot added the Needs: Triage 🔍 Maintainers need to triage still label Jun 5, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Needs: Triage 🔍 Maintainers need to triage still

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@jchancellor-ms @BasVeenendaal @MO2k4 @Rickmarges @lonegunmanb