Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

storage_account_type should not be needed for ephemeral OS disks #25276

Open
1 task done
nathanweeks opened this issue Mar 17, 2024 · 0 comments
Open
1 task done

storage_account_type should not be needed for ephemeral OS disks #25276

nathanweeks opened this issue Mar 17, 2024 · 0 comments
Labels
service/virtual-machine service/vmss Virtual Machine Scale Sets v/3.x

Comments

@nathanweeks
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.6.4

AzureRM Provider Version

3.96.0

Affected Resource(s)/Data Source(s)

azurerm_linux_virtual_machine, azurerm_windows_virtual_machine, azurerm_linux_virtual_machine_scale_set, azurerm_windows_virtual_machine_scale_set

Terraform Configuration Files

# https://raw.githubusercontent.com/hashicorp/terraform-provider-azurerm/v3.96.0/examples/virtual-machines/linux/ephemeral-os-disk/main.tf
# with variables.tf merged and storage_account_type line commented-out
#########################################
# Copyright (c) HashiCorp, Inc.                                                     
# SPDX-License-Identifier: MPL-2.0
                                                                                                       
provider "azurerm" {                                                       
  features {}                                                                       
}

variable "prefix" {
  description = "The prefix which should be used for all resources in this example"
}

variable "location" {
  description = "The Azure Region in which all resources in this example should be created."
}                                                                      
                                                                                    
resource "azurerm_resource_group" "main" {                                          
  name     = "${var.prefix}-resources"                                              
  location = var.location                                                           
}                                                                                   
                                                                                    
resource "azurerm_virtual_network" "main" {                                         
  name                = "${var.prefix}-network"                                     
  address_space       = ["10.0.0.0/16"]                                             
  location            = azurerm_resource_group.main.location                        
  resource_group_name = azurerm_resource_group.main.name                            
}                                                                                   
                                                                                    
resource "azurerm_subnet" "internal" {                                              
  name                 = "internal"                                                 
  resource_group_name  = azurerm_resource_group.main.name                           
  virtual_network_name = azurerm_virtual_network.main.name                          
  address_prefixes     = ["10.0.2.0/24"]                                            
}

resource "azurerm_network_interface" "main" {                                       
  name                = "${var.prefix}-nic"                                         
  resource_group_name = azurerm_resource_group.main.name                            
  location            = azurerm_resource_group.main.location                        
                                                                                    
  ip_configuration {                                                                
    name                          = "internal"                                      
    subnet_id                     = azurerm_subnet.internal.id                      
    private_ip_address_allocation = "Dynamic"                                       
  }                                                                                 
}                                                                                   
                                                                                    
resource "azurerm_linux_virtual_machine" "main" {                                   
  name                            = "${var.prefix}-vm"                              
  resource_group_name             = azurerm_resource_group.main.name                
  location                        = azurerm_resource_group.main.location            
  size                            = "Standard_F2s_v2"                               
  admin_username                  = "adminuser"                                     
  admin_password                  = "P@ssw0rd1234!"                                 
  disable_password_authentication = false                                           
  network_interface_ids = [                                                         
    azurerm_network_interface.main.id,                                              
  ]                                                                                 
                                                                                    
  source_image_reference {                                                          
    publisher = "Canonical"                                                         
    offer     = "0001-com-ubuntu-server-jammy"                                      
    sku       = "22_04-lts"                                                         
    version   = "latest"                                                            
  }

  os_disk {
## the following line is commented-out:                                                                      
#   storage_account_type = "Standard_LRS"                                           
    caching              = "ReadWrite"                                              
                                                                                    
    diff_disk_settings {                                                            
      option = "Local"                                                              
    }                                                                               
  }                                                                                 
}

Debug Output/Panic Output

│ Error: Missing required argument
│ 
│   on main.tf line 58, in resource "azurerm_linux_virtual_machine" "main":
│   58:   os_disk {
│ 
│ The argument "storage_account_type" is required, but no definition was found.

Expected Behaviour

Currently, when an ephemeral OS disk is defined for a VM or VM scale set, the os_disk storage_account_type property must still be defined even when an ephemeral OS disk is used (i.e., a diff_disk_settings block is defined in the os_disk block). In this case, storage_account_type is misleading at best, as there is no storage account backing an ephemeral OS disk as there (implicitly) is with a managed disk. Moreover, its presence could perhaps impart a false sense of security, as there is no data replication (e.g., LRS) with an ephemeral OS disk.

The example ARM template referenced by the azurerm docs for deploying a VM with an ephemeral OS disk omits the storageAccountType property:

terraform-provider-azurerm/website/docs/r/linux_virtual_machine.html.markdown

Line 303 in 7f80c0b

-> **NOTE:** `diff_disk_settings` can only be set when `caching` is set to `ReadOnly`. More information can be found [here](https://docs.microsoft.com/azure/virtual-machines/ephemeral-os-disks-deploy#vm-template-deployment)

If there is consensus for changing the current requirement that an storage_account_type assignment exist even for ephemeral OS disks, azurerm v3.x could make storage_account_type optional when diff_disk_settings is defined (for backwards compatibility), while v4.x could emit an error if storage_account_type is defined when diff_disk_settings is defined.

Actual Behaviour

No response

Steps to Reproduce

curl -LO https://raw.githubusercontent.com/hashicorp/terraform-provider-azurerm/v3.96.0/examples/virtual-machines/linux/ephemeral-os-disk/variables.tf
curl -L https://raw.githubusercontent.com/hashicorp/terraform-provider-azurerm/v3.96.0/examples/virtual-machines/linux/ephemeral-os-disk/main.tf | sed '/storage_account_type/s/^/#/' > main.tf
terraform init
terraform validate

### Important Factoids

_No response_

### References

_No response_
@github-actions github-actions bot added the v/3.x label Mar 17, 2024
@rcskosir rcskosir added service/virtual-machine service/vmss Virtual Machine Scale Sets labels Mar 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
service/virtual-machine service/vmss Virtual Machine Scale Sets v/3.x
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nathanweeks @rcskosir