skip: update CI 243

auto_policy_testing/green/vm/extension_linux.tf

@@ -45,7 +45,7 @@ resource "azurerm_virtual_machine_extension" "lin3" {
 
 resource "azurerm_virtual_machine_extension" "lin4" {
     name                              =     "AzureDiskEncryption"
-    virtual_machine_id                =     azurerm_linux_virtual_machine.this.id
+    virtual_machine_id                =     azurerm_linux_virtual_machine.this1.id
     publisher                         =     "Microsoft.Azure.Security"
     type                              =     "AzureDiskEncryptionForLinux"
     type_handler_version              =     "1.1"
@@ -63,7 +63,7 @@ resource "azurerm_virtual_machine_extension" "lin4" {
     }
     SETTINGS
 
-    depends_on = [azurerm_virtual_machine_extension.lin3]
+    depends_on = [azurerm_linux_virtual_machine.this1]
 }
 
 resource "azurerm_virtual_machine_scale_set_extension" "linvmss1" {

auto_policy_testing/green/vm/locks.tf

@@ -4,6 +4,6 @@ resource "azurerm_management_lock" "lin-lock" {
   lock_level = "CanNotDelete"
   notes      = "Locked because it's needed by policy"
 
-  depends_on = [azurerm_virtual_machine_extension.lin4]
+  depends_on = [azurerm_virtual_machine_extension.lin3]
 
 }

auto_policy_testing/green/vm/outputs.tf

@@ -2,7 +2,7 @@ output "vm" {
   value = {
     ecc-azure-116-cis_vm_endpoint_protection = azurerm_windows_virtual_machine.this.id,
     ecc-azure-132-vm_wo_del_lock = azurerm_linux_virtual_machine.this.id,
-    ecc-azure-197-asb_vm_disk_encryption_on = azurerm_windows_virtual_machine.this.id,
+    ecc-azure-197-asb_vm_disk_encryption_on = azurerm_linux_virtual_machine.this1.id,
     ecc-azure-275-asb_vm_backup = azurerm_windows_virtual_machine.this.id,
     ecc-azure-337-vm_antimalware_auto_updates = azurerm_windows_virtual_machine.this.id,
     ecc-azure-353-vmss_auto_image_patching = azurerm_linux_virtual_machine_scale_set.this.id,

auto_policy_testing/green/vm/vm_encrypted.tf

@@ -0,0 +1,38 @@
+resource "azurerm_linux_virtual_machine" "this1" {
+  name                            = "${module.naming.resource_prefix.vm}g1lin"
+  location                        = data.terraform_remote_state.common.outputs.location
+  resource_group_name             = data.terraform_remote_state.common.outputs.resource_group
+  size                            = "Standard_D2s_v3"
+  disable_password_authentication = true
+  admin_username                  = random_string.this.result
+  allow_extension_operations      = true
+
+  admin_ssh_key {
+    username   = random_string.this.result
+    public_key = tls_private_key.this.public_key_openssh
+  }
+
+  network_interface_ids = [
+    azurerm_network_interface.nic4.id
+  ]
+
+  os_disk {
+    caching              = "ReadWrite"
+    storage_account_type = "Standard_LRS"
+    disk_size_gb         = 64
+  }
+
+  source_image_reference {
+    publisher = "Canonical"
+    offer     = "UbuntuServer"
+    sku       = "16.04-LTS"
+    version   = "latest"
+  }
+
+  identity {
+    type = "SystemAssigned"
+  }
+
+  tags = module.naming.default_tags
+
+}

auto_policy_testing/green/vm/vnet.tf

@@ -37,5 +37,19 @@ resource "azurerm_network_interface" "nic3" {
     private_ip_address_allocation = "Dynamic"
   }
 
+  tags = module.naming.default_tags
+}
+
+resource "azurerm_network_interface" "nic4" {
+  name                = "${module.naming.resource_prefix.networkinterface}-vm4"
+  location            = data.terraform_remote_state.common.outputs.location
+  resource_group_name = data.terraform_remote_state.common.outputs.resource_group
+
+  ip_configuration {
+    name                          = "conf4-vm-green"
+    subnet_id                     = data.terraform_remote_state.common.outputs.subnet_id
+    private_ip_address_allocation = "Dynamic"
+  }
+
   tags = module.naming.default_tags
 }