Add AzAPI provider sample code for AVD and Cosmos DB articles#483
Open
stemaMSFT wants to merge 14 commits into
Open
Add AzAPI provider sample code for AVD and Cosmos DB articles#483stemaMSFT wants to merge 14 commits into
stemaMSFT wants to merge 14 commits into
Conversation
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Remove jsondecode() wrappers (azapi v2.0+ returns native objects) - Use azapi_resource_action for Cosmos DB listKeys - Consolidate duplicate resource group in AVD sample - Remove dead random_string.rando code - Fix past-date default in rfc3339 variable Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- AVD: Add default value for rfc3339 variable so terraform plan works without -var flags (required by Terratest CI) - Cosmos ACI: Replace azure-vote-front:cosmosdb with aci-helloworld (the :cosmosdb tag was removed from MCR, also broken in upstream) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
AVD: - Make AD-dependent resources (VNet peering, RBAC) conditional via enable_ad_integration variable (default: false). CI environment lacks pre-existing AD infrastructure (same limitation as original azurerm sample). - Add lifecycle ignore_changes on azapi_update_resource blocks to pass the Terratest idempotent plan check. Cosmos DB + ACI: - Add ignore_body_changes on Cosmos DB and ACI resources to handle API response normalization that causes plan drift. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Make storage RBAC role assignment conditional (afstorage.tf) - Make domain_join extension conditional on enable_ad_integration - Fix output for AVD_user_groupname with conditional index - Add ignore_body_changes to VNet (subnet drift from nsg_assoc) - Add ignore_body_changes to NIC (allocated IP), VM (adminPassword, osDisk, networkProfile), extensions (protectedSettings) - Add ignore_body_changes for ACI ipAddress drift - Remove stale depends_on from domain_join/vmext_dsc Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
ignore_body_changes was removed in recent AzAPI versions. Use the
universal Terraform lifecycle { ignore_changes = [body] } instead,
which works across all provider versions.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Azure refuses to delete the NSG while NICs still reference the associated subnet. Adding depends_on ensures destroy order: VMs -> NICs -> nsg_assoc -> NSG -> VNet. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
AzAPI provider lacks the built-in retry logic that azurerm has for NicReservedForAnotherVm (180s platform lock after VM deletion). With 2 VMs, parallel NIC deletions both hit the reservation. Using 1 VM avoids the race while still demonstrating the pattern. Also fixes gallery destroy ordering (image before gallery via parent_id). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- NIC: retry on NicReservedForAnotherVm (180s Azure platform lock) - NSG: retry on InUseNetworkSecurityGroupCannotBeDeleted - Gallery: retry on CannotDeleteResource - Revert rdsh_count from 1 back to 2 (retry handles the race) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…10-22h2-avd The 20h2-evd multi-session image has been removed from Azure Marketplace. Updated to win10-22h2-avd (Windows 10 22H2 multi-session) which is the current supported SKU for AVD deployments. Also updated SIG image definition to use win10-22h2-avd-m365. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- VM size: Standard_DS2_v2 -> Standard_D2s_v5 (capacity-constrained in eastus) - Registration token: use timeadd(timestamp(), '23h') instead of hardcoded 2099 date that exceeds the 30-day max window Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
CI subscription has 0 quota for DSv5 family. Revert VM size to Standard_DS2_v2 (DSv2 family has quota). Add retry block on VM resource for transient SkuNotAvailable/capacity errors. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add AzAPI provider equivalents for existing azurerm Terraform samples, enabling dual-provider documentation on Microsoft Learn.
New samples
quickstart/101-azure-virtual-desktop-azapi/quickstart/101-cosmos-db-azure-container-instance-azapi/Design decisions
azurerm_resource_groupkept as azurerm (base infrastructure)azapi_resource_actionwithlistKeys(not available from GET)jsonencode)Validation
terraform init -backend=falsepasses in both foldersterraform validatepasses in both foldersLinked PR