schubergphilis · Blankf · Dec 12, 2024 · Dec 12, 2024 · Dec 12, 2024
diff --git a/README.md b/README.md
@@ -136,9 +136,9 @@ No modules.
 | <a name="input_license_type"></a> [license\_type](#input\_license\_type) | (Optional) For Linux virtual machine specifies the BYOL Type for this Virtual Machine, possible values are `RHEL_BYOS` and `SLES_BYOS`. For Windows virtual machine specifies the type of on-premise license (also known as [Azure Hybrid Use Benefit](https://docs.microsoft.com/windows-server/get-started/azure-hybrid-benefit)) which should be used for this Virtual Machine, possible values are `None`, `Windows_Client` and `Windows_Server`. | `string` | `null` | no |
 | <a name="input_managed_identities"></a> [managed\_identities](#input\_managed\_identities) | An object that sets the managed identity configuration for the virtual machine being deployed. Be aware that capabilities such as the Azure Monitor Agent and Role Assignments require that a managed identity has been configured.<br><br>- `system_assigned`            = (Optional) Specifies whether the System Assigned Managed Identity should be enabled.  Defaults to false.<br>- `user_assigned_resource_ids` = (Optional) Specifies a set of User Assigned Managed Identity IDs to be assigned to this Virtual Machine.<br><br>Example Inputs:<pre>hcl<br>#default system managed identity<br>managed_identities = {<br>  system_assigned = true<br>}<br>#user assigned managed identity only<br>managed_identities           = {<br>  user_assigned_resource_ids = ["<azure resource ID of a user assigned managed identity>"]<br>}<br>#user assigned and system assigned managed identities<br>managed_identities  = {<br>  system_assigned            = true<br>  user_assigned_resource_ids = ["<azure resource ID of a user assigned managed identity>"]<br>}</pre> | <pre>object({<br>    system_assigned            = optional(bool, false)<br>    user_assigned_resource_ids = optional(set(string), [])<br>  })</pre> | `{}` | no |
 | <a name="input_max_bid_price"></a> [max\_bid\_price](#input\_max\_bid\_price) | (Optional) The maximum price you're willing to pay for this Virtual Machine, in US Dollars; which must be greater than the current spot price. If this bid price falls below the current spot price the Virtual Machine will be evicted using the `eviction_policy`. Defaults to `-1`, which means that the Virtual Machine should not be evicted for price reasons. This can only be configured when `priority` is set to `Spot`. | `number` | `-1` | no |
-| <a name="input_os_disk"></a> [os\_disk](#input\_os\_disk) | Required configuration values for the OS disk on the virtual machine.<br><br>- `caching`                          = (Required) - The type of caching which should be used for the internal OS disk.  Possible values are `None`, `ReadOnly`, and `ReadWrite`.<br>- `storage_account_type`             = (Required) - The Type of Storage Account which should back this the Internal OS Disk. Possible values are `Standard_LRS`, `Premium_LRS`, `Premium_LRS`, `StandardSSD_ZRS` and `Premium_ZRS`. Changing this forces a new resource to be created<br>- `disk_encryption_set_id`           = (Optional) - The Azure Resource ID of the Disk Encryption Set which should be used to Encrypt this OS Disk. Conflicts with secure\_vm\_disk\_encryption\_set\_id. The Disk Encryption Set must have the Reader Role Assignment scoped on the Key Vault - in addition to an Access Policy to the Key Vault<br>- `disk_size_gb`                     = (Optional) - The Size of the Internal OS Disk in GB, if you wish to vary from the size used in the image this Virtual Machine is sourced from.<br>- `name`                             = (Optional) - The name which should be used for the Internal OS Disk. Changing this forces a new resource to be created.<br>- `secure_vm_disk_encryption_set_id` = (Optional) - The Azure Resource ID of the Disk Encryption Set which should be used to Encrypt this OS Disk when the Virtual Machine is a Confidential VM. Conflicts with disk\_encryption\_set\_id. Changing this forces a new resource to be created.<br>- `security_encryption_type`         = (Optional) - Encryption Type when the Virtual Machine is a Confidential VM. Possible values are `VMGuestStateOnly` and `DiskWithVMGuestState`. Changing this forces a new resource to be created. `vtpm_enabled` must be set to true when security\_encryption\_type is specified. encryption\_at\_host\_enabled cannot be set to `true` when security\_encryption\_type is set to `DiskWithVMGuestState`<br>- `write_accelerator_enabled`        = (Optional) - Should Write Accelerator be Enabled for this OS Disk? Defaults to `false`. This requires that the storage\_account\_type is set to `Premium_LRS` and that caching is set to `None`<br>- `diff_disk_settings` - An optional object defining the diff disk settings<br>  - `option`    = (Required) - Specifies the Ephemeral Disk Settings for the OS Disk. At this time the only possible value is `Local`. Changing this forces a new resource to be created.<br>  - `placement` = (Optional) - Specifies where to store the Ephemeral Disk. Possible values are CacheDisk and ResourceDisk. Defaults to CacheDisk. Changing this forces a new resource to be created.<br><br>Example Inputs:<pre>hcl<br>#basic example:<br>os_disk = {<br>  caching              = "ReadWrite"<br>  storage_account_type = "Premium_LRS"<br>}<br><br>#increased disk size and write acceleration example<br>os_disk = {<br>  name                      = "sample os disk"<br>  caching                   = "None"<br>  storage_account_type      = "Premium_LRS"<br>  disk_size_gb              = 128<br>  write_accelerator_enabled = true<br>}</pre> | <pre>object({<br>    caching                          = string<br>    storage_account_type             = string<br>    disk_encryption_set_id           = optional(string)<br>    disk_size_gb                     = optional(number)<br>    name                             = optional(string)<br>    secure_vm_disk_encryption_set_id = optional(string)<br>    security_encryption_type         = optional(string)<br>    write_accelerator_enabled        = optional(bool, false)<br>    diff_disk_settings = optional(object({<br>      option    = string<br>      placement = optional(string, "CacheDisk")<br>    }), null)<br>  })</pre> | <pre>{<br>  "caching": "ReadWrite",<br>  "storage_account_type": "Premium_LRS"<br>}</pre> | no |
+| <a name="input_os_disk"></a> [os\_disk](#input\_os\_disk) | Required configuration values for the OS disk on the virtual machine.<br><br>- `caching`                          = (Required) - The type of caching which should be used for the internal OS disk.  Possible values are `None`, `ReadOnly`, and `ReadWrite`.<br>- `storage_account_type`             = (Required) - The Type of Storage Account which should back this the Internal OS Disk. Possible values are `Standard_LRS`, `Premium_LRS`, `Premium_LRS`, `StandardSSD_ZRS` and `Premium_ZRS`. Changing this forces a new resource to be created<br>- `disk_encryption_set_id`           = (Optional) - The Azure Resource ID of the Disk Encryption Set which should be used to Encrypt this OS Disk. Conflicts with secure\_vm\_disk\_encryption\_set\_id. The Disk Encryption Set must have the Reader Role Assignment scoped on the Key Vault - in addition to an Access Policy to the Key Vault<br>- `disk_size_gb`                     = (Optional) - The Size of the Internal OS Disk in GB, if you wish to vary from the size used in the image this Virtual Machine is sourced from.<br>- `name`                             = (Optional) - The name which should be used for the Internal OS Disk. Changing this forces a new resource to be created.<br>- `secure_vm_disk_encryption_set_id` = (Optional) - The Azure Resource ID of the Disk Encryption Set which should be used to Encrypt this OS Disk when the Virtual Machine is a Confidential VM. Conflicts with disk\_encryption\_set\_id. Changing this forces a new resource to be created.<br>- `security_encryption_type`         = (Optional) - Encryption Type when the Virtual Machine is a Confidential VM. Possible values are `VMGuestStateOnly` and `DiskWithVMGuestState`. Changing this forces a new resource to be created. `vtpm_enabled` must be set to true when security\_encryption\_type is specified. encryption\_at\_host\_enabled cannot be set to `true` when security\_encryption\_type is set to `DiskWithVMGuestState`<br>- `write_accelerator_enabled`        = (Optional) - Should Write Accelerator be Enabled for this OS Disk? Defaults to `false`. This requires that the storage\_account\_type is set to `Premium_LRS` and that caching is set to `None`<br>- `diff_disk_settings` - An optional object defining the diff disk settings<br>  - `option`    = (Required) - Specifies the Ephemeral Disk Settings for the OS Disk. At this time the only possible value is `Local`. Changing this forces a new resource to be created.<br>  - `placement` = (Optional) - Specifies where to store the Ephemeral Disk. Possible values are CacheDisk and ResourceDisk. Defaults to CacheDisk. Changing this forces a new resource to be created.<br><br>Example Inputs:<pre>hcl<br>#basic example:<br>os_disk = {<br>  caching              = "ReadWrite"<br>  storage_account_type = "Premium_LRS"<br>}<br><br>#increased disk size and write acceleration example<br>os_disk = {<br>  name                      = "sample os disk"<br>  caching                   = "None"<br>  storage_account_type      = "Premium_LRS"<br>  disk_size_gb              = 128<br>  write_accelerator_enabled = true<br>}</pre> | <pre>object({<br>    caching                          = string<br>    storage_account_type             = string<br>    disk_encryption_set_id           = optional(string)<br>    disk_size_gb                     = optional(number)<br>    name                             = optional(string)<br>    secure_vm_disk_encryption_set_id = optional(string)<br>    security_encryption_type         = optional(string)<br>    write_accelerator_enabled        = optional(bool, false)<br>    diff_disk_settings = optional(object({<br>      option    = string<br>      placement = optional(string, "CacheDisk")<br>    }), null)<br>  })</pre> | <pre>{<br>  "caching": "ReadWrite",<br>  "storage_account_type": "StandardSSD_ZRS"<br>}</pre> | no |
 | <a name="input_os_type"></a> [os\_type](#input\_os\_type) | The base OS type of the vm to be built.  Valid answers are Windows or Linux | `string` | `null` | no |
-| <a name="input_patch_assessment_mode"></a> [patch\_assessment\_mode](#input\_patch\_assessment\_mode) | (Optional) Specifies the mode of VM Guest Patching for the Virtual Machine. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`. | `string` | `"ImageDefault"` | no |
+| <a name="input_patch_assessment_mode"></a> [patch\_assessment\_mode](#input\_patch\_assessment\_mode) | (Optional) Specifies the mode of VM Guest Patching for the Virtual Machine. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `AutomaticByPlatform`. | `string` | `"AutomaticByPlatform"` | no |
 | <a name="input_patch_mode"></a> [patch\_mode](#input\_patch\_mode) | (Optional) Specifies the mode of in-guest patching to this Linux Virtual Machine. Possible values are `AutomaticByPlatform` and `ImageDefault`. Defaults to `ImageDefault`. For more information on patch modes please see the [product documentation](https://docs.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes). | `string` | `null` | no |
 | <a name="input_plan"></a> [plan](#input\_plan) | An object variable that defines the Marketplace image this virtual machine should be created from. If you use the plan block with one of Microsoft's marketplace images (e.g. publisher = "MicrosoftWindowsServer"). This may prevent the purchase of the offer. An example Azure API error: The Offer: 'WindowsServer' cannot be purchased by subscription: '12345678-12234-5678-9012-123456789012' as it is not to be sold in market: 'US'. Please choose a subscription which is associated with a different market.<br><br>- `name`      = (Required) Specifies the Name of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.<br>- `product`   = (Required) Specifies the Product of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.<br>- `publisher` = (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.<br><br>Example Input:<pre>hcl<br>plan = {<br>  name      = "17_04_02-payg-essentials"<br>  product   = "cisco-8000v"<br>  publisher = "cisco"<br>}</pre> | <pre>object({<br>    name      = string<br>    product   = string<br>    publisher = string<br>  })</pre> | `null` | no |
 | <a name="input_platform_fault_domain"></a> [platform\_fault\_domain](#input\_platform\_fault\_domain) | (Optional) Specifies the Platform Fault Domain in which this Virtual Machine should be created. Defaults to `null`, which means this will be automatically assigned to a fault domain that best maintains balance across the available fault domains. `virtual_machine_scale_set_id` is required with it. Changing this forces new Virtual Machine to be created. | `number` | `null` | no |

diff --git a/variables.tf b/variables.tf
@@ -516,7 +516,7 @@ variable "os_disk" {
   })
   default = {
     caching              = "ReadWrite"
-    storage_account_type = "Premium_LRS"
+    storage_account_type = "StandardSSD_ZRS"
   }
   description = <<OS_DISK
 Required configuration values for the OS disk on the virtual machine.
@@ -557,8 +557,8 @@ OS_DISK
 
 variable "patch_assessment_mode" {
   type        = string
-  default     = "ImageDefault"
-  description = "(Optional) Specifies the mode of VM Guest Patching for the Virtual Machine. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `ImageDefault`."
+  default     = "AutomaticByPlatform"
+  description = "(Optional) Specifies the mode of VM Guest Patching for the Virtual Machine. Possible values are `AutomaticByPlatform` or `ImageDefault`. Defaults to `AutomaticByPlatform`."
 }
 
 variable "patch_mode" {
@@ -951,4 +951,4 @@ variable "vtpm_enabled" {
   type        = bool
   default     = true
   description = "(Optional) Specifies whether vTPM should be enabled on the virtual machine. Changing this forces a new resource to be created, defaults to true."
-}
+}