/terraform-azure-mcaf-diskencryptionset

Terraform module for a disk encryption set

Primary LanguageHCLApache License 2.0Apache-2.0

terraform-azure-mcaf-diskencryptionset

Terraform module for a disk encryption set

Requirements

Name Version
terraform >= 1.8
azurerm >= 4.5, < 5.0

Providers

Name Version
azurerm >= 4.5, < 5.0

Modules

No modules.

Resources

Name Type
azurerm_disk_encryption_set.this resource
azurerm_role_assignment.this resource

Inputs

Name Description Type Default Required
key_vault_key_id The Key Vault Key ID used for encryption. string n/a yes
key_vault_resource_id The resource ID of the Key Vault to associate with the disk encryption set. string n/a yes
location Azure region where the resource should be deployed. string n/a yes
name The name of the disk encryption set. string n/a yes
resource_group_name The name of the resource group in which to create the disk encryption set. string n/a yes
auto_key_rotation_enabled Whether or not auto key rotation is enabled for the encryption set, defaults to true. bool true no
encryption_type The type of encryption to be used. Allowed Values are'EncryptionAtRestWithCustomerKey', 'EncryptionAtRestWithPlatformAndCustomerKeys' and 'ConfidentialVmEncryptedWithCustomerKey'. string "EncryptionAtRestWithCustomerKey" no
federated_client_id Multi-tenant application client id to access key vault in a different tenant. string null no
managed_hsm_key_id The Managed HSM Key ID used for encryption. string null no
managed_identities Controls the Managed Identity configuration on this resource. The following properties can be specified:

- system_assigned - (Optional) Specifies if the System Assigned Managed Identity should be enabled.
- user_assigned_resource_ids - (Optional) Specifies a list of User Assigned Managed Identity resource IDs to be assigned to this resource.

Example Input:
hcl
managed_identities = {
  system_assigned = true
}
 
object({
    system_assigned            = optional(bool, false)
    user_assigned_resource_ids = optional(set(string), [])
  })
 {} no
tags (Optional) Tags of the resource. map(string) null no

Outputs

Name Description
resource This is the full output for the resource.
resource_id The ID of the disk encryption set.

License

Copyright: Schuberg Philis

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.