Upgrade to Windows Server 2025 #133

extras/terraform-azurerm-vnet-onprem/040-vm-adds.tf

@@ -9,9 +9,10 @@ resource "azurerm_windows_virtual_machine" "vm_adds" {
   admin_username             = data.azurerm_key_vault_secret.adminuser.value
   admin_password             = data.azurerm_key_vault_secret.adminpassword.value
   network_interface_ids      = [azurerm_network_interface.vm_adds_nic_01.id]
-  encryption_at_host_enabled = true
-  enable_automatic_updates   = true
+  patch_assessment_mode      = "AutomaticByPlatform"
   patch_mode                 = "AutomaticByPlatform"
+  provision_vm_agent         = true
+  encryption_at_host_enabled = true
   tags                       = var.tags
 
   os_disk {

extras/terraform-azurerm-vnet-onprem/050-vm-jumpbox-win.tf

@@ -7,8 +7,10 @@ resource "azurerm_windows_virtual_machine" "vm_jumpbox_win" {
   admin_username             = data.azurerm_key_vault_secret.adminuser.value
   admin_password             = data.azurerm_key_vault_secret.adminpassword.value
   network_interface_ids      = [azurerm_network_interface.vm_jumpbox_win_nic_01.id]
-  encryption_at_host_enabled = true
+  patch_assessment_mode      = "AutomaticByPlatform"
   patch_mode                 = "AutomaticByPlatform"
+  provision_vm_agent         = true
+  encryption_at_host_enabled = true
   tags                       = var.tags
 
   os_disk {

extras/terraform-azurerm-vnet-onprem/README.md

@@ -369,7 +369,7 @@ azurerm_network_interface.vm_adds_nic_01 (nic-adds2-1) | The configured subnet i
 
 This Windows Server VM is used as an [Active Directory Domain Services](https://learn.microsoft.com/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview) [Domain Controller](https://learn.microsoft.com/previous-versions/windows/it-pro/windows-server-2003/cc786438(v=ws.10)) and a DNS Server running in Active Directory-integrated mode.
 
-* Guest OS: Windows Server 2022 Datacenter Core
+* Guest OS: Windows Server 2025 Datacenter Azure Edition Core
 * By default the [Patch orchestration mode](https://learn.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes) is set to `AutomaticByPlatform`.
 * *admin_username* and *admin_password* are configured using the key vault secrets *adminuser* and *adminpassword*.
 * This resource has a dependency on *azurerm_automation_account.automation_account_01*.
@@ -401,7 +401,7 @@ azurerm_network_interface.vm_jumpbox_win_nic_01 (nic-jumpwin2-1) | The configure
 
 This Windows Server VM is used as a jumpbox for development and remote server administration.
 
-* Guest OS: Windows Server 2022 Datacenter.
+* Guest OS: Windows Server 2025 Datacenter Azure Edition.
 * By default the [patch orchestration mode](https://learn.microsoft.com/azure/virtual-machines/automatic-vm-guest-patching#patch-orchestration-modes) is set to `AutomaticByPlatform`.
 * *admin_username* and *admin_password* are configured using the key vault secrets *adminuser* and *adminpassword*.
 * This resource is configured using a [provisioner](https://www.terraform.io/docs/language/resources/provisioners/syntax.html) that runs [aadsc-register-node.ps1](./aadsc-register-node.ps1) which registers the node with *azurerm_automation_account.automation_account_01* and applies the configuration [JumpBoxConfig2](./JumpBoxConfig2.ps1).

extras/terraform-azurerm-vnet-onprem/variables.tf

@@ -109,7 +109,7 @@ variable "vm_adds_image_publisher" {
 variable "vm_adds_image_sku" {
   type        = string
   description = "The sku of the virtual machine image used to create the VM"
-  default     = "2022-datacenter-core-g2"
+  default     = "2025-datacenter-azure-edition-core"
 }
 
 variable "vm_adds_image_version" {
@@ -150,7 +150,7 @@ variable "vm_jumpbox_win_image_publisher" {
 variable "vm_jumpbox_win_image_sku" {
   type        = string
   description = "The sku of the virtual machine image used to create the VM"
-  default     = "2022-datacenter-g2"
+  default     = "2025-datacenter-azure-edition"
 }
 
 variable "vm_jumpbox_win_image_version" {

terraform-azurerm-vnet-app/030-vm-jumpbox-win.tf

@@ -26,6 +26,7 @@ resource "azurerm_windows_virtual_machine" "vm_jumpbox_win" {
   admin_password             = data.azurerm_key_vault_secret.adminpassword.value
   network_interface_ids      = [azurerm_network_interface.vm_jumpbox_win_nic_01.id]
   patch_assessment_mode      = "AutomaticByPlatform"
+  patch_mode                 = "AutomaticByPlatform"
   provision_vm_agent         = true
   encryption_at_host_enabled = true
   tags                       = var.tags

terraform-azurerm-vnet-app/README.md

@@ -341,7 +341,7 @@ azurerm_role_assignment . vm_jumpbox_win_storage_account_role_assignment | Assig
 
 This Windows Server VM is used as a jumpbox for development and remote server administration.
 
-* Guest OS: Windows Server 2022 Datacenter.
+* Guest OS: Windows Server 2025 Datacenter Azure Edition.
 * By default the [patch assessment mode](https://learn.microsoft.com/en-us/azure/update-manager/assessment-options) is set to `AutomaticByPlatform` and `provision_vm_agent` is set to `true` to enable use of [Azure Update Manager Update or Patch Orchestration](https://learn.microsoft.com/en-us/azure/update-manager/updates-maintenance-schedules#update-or-patch-orchestration).
 * *admin_username* and *admin_password* are configured using the key vault secrets *adminuser* and *adminpassword*.
 * A system assigned managed identity is configured by default for use in DevOps related identity and access management scenarios.

terraform-azurerm-vnet-app/variables.tf

@@ -190,7 +190,7 @@ variable "vm_jumpbox_win_image_publisher" {
 variable "vm_jumpbox_win_image_sku" {
   type        = string
   description = "The sku of the virtual machine image used to create the VM"
-  default     = "2022-datacenter-g2"
+  default     = "2025-datacenter-azure-edition"
 }
 
 variable "vm_jumpbox_win_image_version" {

terraform-azurerm-vnet-shared/050-vm-adds.tf

@@ -10,6 +10,7 @@ resource "azurerm_windows_virtual_machine" "vm_adds" {
   admin_password             = data.azurerm_key_vault_secret.adminpassword.value
   network_interface_ids      = [azurerm_network_interface.vm_adds_nic_01.id]
   patch_assessment_mode      = "AutomaticByPlatform"
+  patch_mode                 = "AutomaticByPlatform"
   provision_vm_agent         = true
   encryption_at_host_enabled = true
   tags                       = var.tags

terraform-azurerm-vnet-shared/README.md

@@ -250,7 +250,7 @@ azurerm_network_interface.vm_adds_nic_01 (nic‑adds1‑1) | The confi
 
 This Windows Server VM is used as an [Active Directory Domain Services](https://learn.microsoft.com/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview) [Domain Controller](https://learn.microsoft.com/previous-versions/windows/it-pro/windows-server-2003/cc786438(v=ws.10)) and a DNS Server running in Active Directory-integrated mode.
 
-* Guest OS: Windows Server 2022 Datacenter Core
+* Guest OS: Windows Server 2025 Datacenter Azure Edition Core
 * `encryption_at_host_enabled` is set to `true`
 * By default the [patch assessment mode](https://learn.microsoft.com/en-us/azure/update-manager/assessment-options) is set to `AutomaticByPlatform` and `provision_vm_agent` is set to `true` to enable use of [Azure Update Manager Update or Patch Orchestration](https://learn.microsoft.com/en-us/azure/update-manager/updates-maintenance-schedules#update-or-patch-orchestration).
 * *admin_username* and *admin_password* are configured using the key vault secrets *adminuser* and *adminpassword*.

terraform-azurerm-vnet-shared/variables.tf

@@ -119,7 +119,7 @@ variable "vm_adds_image_publisher" {
 variable "vm_adds_image_sku" {
   type        = string
   description = "The sku of the virtual machine image used to create the VM"
-  default     = "2022-datacenter-core-g2"
+  default     = "2025-datacenter-azure-edition-core"
 }
 
 variable "vm_adds_image_version" {