diff --git a/README.md b/README.md index 62ce62a..4089a13 100644 --- a/README.md +++ b/README.md @@ -124,6 +124,7 @@ The following providers are used by this module: The following resources are used by this module: +- [azapi_resource_action.this](https://registry.terraform.io/providers/azure/azapi/latest/docs/resources/resource_action) (resource) - [azurerm_backup_protected_vm.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/backup_protected_vm) (resource) - [azurerm_key_vault_secret.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) (resource) - [azurerm_linux_virtual_machine.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) (resource) @@ -139,6 +140,7 @@ The following resources are used by this module: - [azapi_client_config.current](https://registry.terraform.io/providers/azure/azapi/latest/docs/data-sources/client_config) (data source) - [azapi_resource.virtual_machine_image](https://registry.terraform.io/providers/azure/azapi/latest/docs/data-sources/resource) (data source) - [azapi_resource_list.virtual_machine_images](https://registry.terraform.io/providers/azure/azapi/latest/docs/data-sources/resource_list) (data source) +- [azurerm_managed_disk.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/managed_disk) (data source) ## Required Inputs @@ -463,6 +465,8 @@ Description: Should the Windows VM be patched without requiring a reboot? [more **NOTE**: Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a [Azure generation 2 VM](https://learn.microsoft.com/en-gb/azure/virtual-machines/generation-2#generation-2-vm-sizes). +**CAUTION**: The setting `bypass_platform_safety_checks_on_user_schedule_enabled` is set to `true` by default. To enable hotpatching, change it to `false`. + Type: `bool` Default: `false` diff --git a/r-vm.tf b/r-vm.tf index 224afc5..94691d3 100644 --- a/r-vm.tf +++ b/r-vm.tf @@ -209,3 +209,18 @@ resource "azurerm_windows_virtual_machine" "this" { ] } } + +data "azurerm_managed_disk" "this" { + name = local.virtual_machine.os_disk[0].name + resource_group_name = var.resource_group_name +} + +resource "azapi_resource_action" "this" { + type = "Microsoft.Compute/disks@2024-03-02" + resource_id = data.azurerm_managed_disk.this.id + method = "PATCH" + + body = { + tags = var.tags + } +} diff --git a/tests/examples/mocks/azurerm_managed_disk.tfmock.hcl b/tests/examples/mocks/azurerm_managed_disk.tfmock.hcl new file mode 100644 index 0000000..ae8b5b6 --- /dev/null +++ b/tests/examples/mocks/azurerm_managed_disk.tfmock.hcl @@ -0,0 +1,5 @@ +mock_data "azurerm_managed_disk" { + defaults = { + id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/RG-MOCK/providers/Microsoft.Compute/disks/DISK-MOCK" + } +} diff --git a/tests/local/mocks/azurerm_managed_disk.tfmock.hcl b/tests/local/mocks/azurerm_managed_disk.tfmock.hcl new file mode 100644 index 0000000..ae8b5b6 --- /dev/null +++ b/tests/local/mocks/azurerm_managed_disk.tfmock.hcl @@ -0,0 +1,5 @@ +mock_data "azurerm_managed_disk" { + defaults = { + id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/RG-MOCK/providers/Microsoft.Compute/disks/DISK-MOCK" + } +} diff --git a/variables.tf b/variables.tf index 6e61a12..d2f0c5b 100644 --- a/variables.tf +++ b/variables.tf @@ -275,6 +275,8 @@ variable "hotpatching_enabled" { Should the Windows VM be patched without requiring a reboot? [more infos](https://learn.microsoft.com/windows-server/get-started/hotpatch) **NOTE**: Hotpatching can only be enabled if the `patch_mode` is set to `AutomaticByPlatform`, the `provision_vm_agent` is set to `true`, your `source_image_reference` references a hotpatching enabled image, and the VM's `size` is set to a [Azure generation 2 VM](https://learn.microsoft.com/en-gb/azure/virtual-machines/generation-2#generation-2-vm-sizes). + + **CAUTION**: The setting `bypass_platform_safety_checks_on_user_schedule_enabled` is set to `true` by default. To enable hotpatching, change it to `false`. EOT type = bool