azurerm vm failed to create when provisioning a 'specialized' shared gallery image Issue (azurerm_linux_virtual_machine)

[kaiyanqiu]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.0.2

AzureRM Provider Version

3.69.0

Affected Resource(s)/Data Source(s)

azurerm_linux_virtual_machine

Terraform Configuration Files

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.69.0"
    }
  }

  required_version = ">= 1.0.0"
}

provider "azurerm" {
  features {}
}

data "azurerm_shared_image" "example" {
  name                = "Specializednew"
  gallery_name        = "test0810"
  resource_group_name = "Linux"
}

# resource "azurerm_virtual_machine" "example2"{

# }

resource "azurerm_virtual_machine" "example1" {
  name                = "testspecialized"
  resource_group_name = "Linux"
  location            = "East US"
  vm_size                               = "Standard_D4s_v3"
  #  admin_username      = "azuretest"
  #  admin_password      = "xxxxxx"
  network_interface_ids = [
    "/subscriptions/xxxxxxxx/resourceGroups/Linux/providers/Microsoft.Network/networkInterfaces/azuetest907"
  ]
  #  source_image_id =  data.azurerm_shared_image.example.id
 storage_image_reference {
  id = data.azurerm_shared_image.example.id
  }
  storage_os_disk {
    name              = "myosdisk1"
    caching           = "ReadWrite"
    create_option     = "FromImage"
    managed_disk_type = "Standard_LRS"
  }
#   admin_username                  = "azureuser"   #"azureuser"
#  disable_password_authentication = false
#   computer_name                   = "xxxxxx002"   #"vmnvi-terraform"

#   os_disk {
#     name                 = "testosdisk"
#     caching              = "ReadWrite"
#     storage_account_type = "Standard_LRS"
     #create_option     = "FromImage"

#  source_image_id = "/subscriptions/xxxxxx/resourceGroups/rg-nvi-cmp-dev-infra/providers/Microsoft.Compute/galleries/NewGallery1.1/images/Definition1.1/versions/1.1.0" # data.azurerm_shared_image.example.id #
  # source_image_reference {   #source
  #   publisher = "almalinux"
  #   offer     = "almalinux"
  #   sku       = "9-gen2"
  #   version   = "latest"

  # }
  # plan {
  #   name = "9-gen2"
  #   publisher = "almalinux"
  #   product = "almalinux"

  # }

#   admin_ssh_key {
#     username   = "azureuser"
#     public_key = var.public-key
#   }
#     boot_diagnostics {
#     storage_account_uri = var.storage-account-uri
#   }

#   lifecycle {
#   prevent_destroy = false
#   ignore_changes = [
#      tags["CreatedDate"],
#     tags["CreatedBy"]
#    ]
#   }

#   tags = merge(
#       tomap({
#           Notes=var.tag_vm_notes
# }),
#       var.default_tags
#   )
# }

}

Debug Output/Panic Output

2023-08-14T11:18:29.976+0800 [DEBUG] provider.terraform-provider-azurerm_v3.69.0_x5.exe: AzureRM Request: 
PUT /subscriptions/xxxxxxxxx/resourceGroups/Linux/providers/Microsoft.Compute/virtualMachines/testvirtualmachine?api-version=2023-03-01 HTTP/1.1
Host: management.azure.com
User-Agent: Go/go1.20.5 (386-windows) go-autorest/v14.2.1 tombuildsstuff/kermit/v0.20230703.1101016 compute/2023-03-01 HashiCorp Terraform/1.0.2 (+https://www.terraform.io) Terraform Plugin SDK/2.10.1 terraform-provider-azurerm/3.69.0 pid-222c6c49-1b0a-5959-a213-6608f9eb8820
Content-Length: 1263
Content-Type: application/json; charset=utf-8
X-Ms-Correlation-Request-Id: 3225e485-9729-ab97-cd00-f01be6dc85ef
Accept-Encoding: gzip

{"identity":{"type":"None"},"location":"eastus","properties":{"additionalCapabilities":{},"applicationProfile":{"galleryApplications":[]},"diagnosticsProfile":{"bootDiagnostics":{"enabled":false,"storageUri":""}},"extensionsTimeBudget":"PT1H30M","hardwareProfile":{"vmSize":"Standard_D4s_v3"},"networkProfile":{"networkInterfaces":[{"id":"/subscriptions/8f49f33b-3329-408a-b4ef-1e585b567fc1/resourceGroups/Linux/providers/Microsoft.Network/networkInterfaces/azuetest907","properties":{"primary":true}}]},"osProfile":{"computerName":"chaichaicmpnviprvdv002","adminUsername":"azuretest","adminPassword":"Cherry199172","linuxConfiguration":{"disablePasswordAuthentication":false,"ssh":{"publicKeys":[]},"provisionVMAgent":true,"patchSettings":{"patchMode":"ImageDefault","assessmentMode":"ImageDefault"}},"secrets":[],"allowExtensionOperations":true},"priority":"Regular","storageProfile":{"imageReference":{"id":"/subscriptions/8f49f33b-3329-408a-b4ef-1e585b567fc1/resourceGroups/Linux/providers/Microsoft.Compute/galleries/test0810/images/Specializednew"},"osDisk":{"osType":"Linux","name":"testosdisk","caching":"ReadWrite","writeAcceleratorEnabled":false,"createOption":"FromImage","managedDisk":{"storageAccountType":"Standard_LRS"}},"dataDisks":[]}},"tags":{}}: timestamp=2023-08-14T11:18:29.976+0800
2023-08-14T11:18:34.018+0800 [TRACE] dag/walk: vertex "meta.count-boundary (EachMode fixup)" is waiting for "azurerm_linux_virtual_machine.example1"
2023-08-14T11:18:34.018+0800 [TRACE] dag/walk: vertex "provider[\"registry.terraform.io/hashicorp/azurerm\"] (close)" is waiting for "azurerm_linux_virtual_machine.example1"
2023-08-14T11:18:34.019+0800 [TRACE] dag/walk: vertex "root" is waiting for "provider[\"registry.terraform.io/hashicorp/azurerm\"] (close)"
2023-08-14T11:18:34.280+0800 [DEBUG] provider.terraform-provider-azurerm_v3.69.0_x5.exe: AzureRM Response for https://management.azure.com/subscriptions/xxxxxxxxxxx/resourceGroups/Linux/providers/Microsoft.Compute/virtualMachines/testvirtualmachine?api-version=2023-03-01: 
HTTP/2.0 400 Bad Request
Content-Length: 140
Cache-Control: no-cache
Content-Type: application/json; charset=utf-8
Date: Mon, 14 Aug 2023 03:18:33 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-HTTPAPI/2.0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Ms-Correlation-Request-Id: 3225e485-9729-ab97-cd00-f01be6dc85ef
X-Ms-Ratelimit-Remaining-Resource: Microsoft.Compute/PutVM3Min;239,Microsoft.Compute/PutVM30Min;1199
X-Ms-Ratelimit-Remaining-Subscription-Writes: 1199
X-Ms-Request-Id: d738cac4-93b3-4f93-997a-76d99741ca7b
X-Ms-Routing-Request-Id: KOREASOUTH:20230814T031833Z:c8190d8d-9f06-46ad-b81b-e60d4fb79341

{
  "error": {
    "code": "InvalidParameter",
    "message": "Parameter 'osProfile' is not allowed.",
    "target": "osProfile"
  }
}: timestamp=2023-08-14T11:18:34.279+0800
2023-08-14T11:18:34.280+0800 [DEBUG] provider.terraform-provider-azurerm_v3.69.0_x5.exe: Unlocking "azurerm_virtual_machine.testvirtualmachine": timestamp=2023-08-14T11:18:34.280+0800
2023-08-14T11:18:34.280+0800 [DEBUG] provider.terraform-provider-azurerm_v3.69.0_x5.exe: Unlocked "azurerm_virtual_machine.testvirtualmachine": timestamp=2023-08-14T11:18:34.280+0800
2023-08-14T11:18:34.281+0800 [TRACE] provider.terraform-provider-azurerm_v3.69.0_x5.exe: Called downstream: tf_provider_addr=provider tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/terraform-plugin-sdk/v2@v2.26.1/helper/schema/resource.go:838 @module=sdk.helper_schema tf_req_id=3a2ab1cb-387c-63be-c179-b7de0b55b886 tf_resource_type=azurerm_linux_virtual_machine timestamp=2023-08-14T11:18:34.280+0800
2023-08-14T11:18:34.281+0800 [TRACE] provider.terraform-provider-azurerm_v3.69.0_x5.exe: Received downstream response: @module=sdk.proto tf_req_duration_ms=5040 tf_req_id=3a2ab1cb-387c-63be-c179-b7de0b55b886 tf_resource_type=azurerm_linux_virtual_machine tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/terraform-plugin-go@v0.14.3/tfprotov5/internal/tf5serverlogging/downstream_request.go:37 diagnostic_error_count=1 diagnostic_warning_count=0 tf_proto_version=5.3 tf_provider_addr=provider timestamp=2023-08-14T11:18:34.281+0800
2023-08-14T11:18:34.281+0800 [ERROR] provider.terraform-provider-azurerm_v3.69.0_x5.exe: Response contains error diagnostic: @caller=github.com/hashicorp/terraform-plugin-go@v0.14.3/tfprotov5/internal/diag/diagnostics.go:55 @module=sdk.proto diagnostic_severity=ERROR diagnostic_summary="creating Linux Virtual Machine: (Name "testvirtualmachine" / Resource Group "Linux"): compute.VirtualMachinesClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="InvalidParameter" Message="Parameter 'osProfile' is not allowed." Target="osProfile"" tf_proto_version=5.3 tf_resource_type=azurerm_linux_virtual_machine diagnostic_detail= tf_provider_addr=provider tf_req_id=3a2ab1cb-387c-63be-c179-b7de0b55b886 tf_rpc=ApplyResourceChange timestamp=2023-08-14T11:18:34.281+0800
2023-08-14T11:18:34.2

Expected Behaviour

From the resource: azurerm_virtual_machine is able to provision generalized shared gallery image successfully, but for resource: azurerm_linux_virtual_machine is unable to provision generalized shared gallery image. According to GitHub: https://github.com/hashicorp/terraform-provider-azurerm/issues/7772, would like to confirm whether this is a product limitation, if so, will it have a fix roll out in the future.

Actual Behaviour

For resource: azurerm_linux_virtual_machine is unable to provision generalized shared gallery image.

Steps to Reproduce

terraform { required_providers { azurerm = { source = "hashicorp/azurerm" version = "~> 3.69.0" } }

required_version = ">= 1.0.0" }

provider "azurerm" { features {} }

data "azurerm_shared_image" "example" { name = "Specializednew" gallery_name = "test0810" resource_group_name = "Linux" }

resource "azurerm_virtual_machine" "example2"{

}

resource "azurerm_virtual_machine" "example1" { name = "testspecialized" resource_group_name = "Linux" location = "East US" vm_size = "Standard_D4s_v3"

admin_username = "azuretest"

admin_password = "xxxxxxx"

network_interface_ids = [ "/subscriptions/xxxxxxxx/resourceGroups/Linux/providers/Microsoft.Network/networkInterfaces/azuetest907" ]

source_image_id = data.azurerm_shared_image.example.id

storage_image_reference { id = data.azurerm_shared_image.example.id } storage_os_disk { name = "myosdisk1" caching = "ReadWrite" create_option = "FromImage" managed_disk_type = "Standard_LRS" }

admin_username = "azureuser" #"azureuser"

disable_password_authentication = false

computer_name = "xxxxxx002" #"vmnvi-terraform"

os_disk {

name = "testosdisk"

caching = "ReadWrite"

storage_account_type = "Standard_LRS"

 #create_option     = "FromImage"

source_image_id = "/subscriptions/xxxxxx/resourceGroups/rg-nvi-cmp-dev-infra/providers/Microsoft.Compute/galleries/NewGallery1.1/images/Definition1.1/versions/1.1.0" # data.azurerm_shared_image.example.id

source_image_reference { #source

publisher = "almalinux"

offer = "almalinux"

sku = "9-gen2"

version = "latest"

}

plan {

name = "9-gen2"

publisher = "almalinux"

product = "almalinux"

}

admin_ssh_key {

username = "azureuser"

public_key = var.public-key

}

boot_diagnostics {

storage_account_uri = var.storage-account-uri

}

lifecycle {

prevent_destroy = false

ignore_changes = [

tags["CreatedDate"],

tags["CreatedBy"]

]

}

tags = merge(

tomap({

Notes=var.tag_vm_notes

}),

var.default_tags

)

}

}

Important Factoids

No response

References

https://github.com/hashicorp/terraform-provider-azurerm/issues/7772 From VM documentation, Computer names of specialized virtual machines are missing or blank in Azure - Virtual Machines | Microsoft Learn, when creating virtual machine with specialized image, the request cannot include 'OsProfile'.

[myc2h6o]

@kaiyanqiu thanks for opening the issue! Unfortunately currently due to design trade-off in resources azurerm_linux_virtual_machine and azurerm_windows_virtual_machine we are not able to simply mark the os_profile as Optional according to what has been discussed in #7524. And similar to #8195, when using an existing OS Disk to create the VM resource, os_profile can also not be provided and not returned from the API. While this needs more consideration for how to properly implement these features in the current structure, while we are making further decision of how to implement this, I'd suggest using a Generalized image as a workaround.

[ohthehugemanatee]

In the meantime, I suggest a line in the doco for azurerm_linux_virtual_machine that specialized VM images are not supported yet. Took me much too long to find this Issue based on a rather obscure error message.

[swinster]

+1 for azurerm_windows_virtual_machine (to add documentation stating that a Specialised image is NOT supported). A lot of time is wasted trying to understand what this error means, as the parameter/block is not explicitly referenced as part of these resources.