resolve comments

2022-06-28 17:23:27 +08:00
parent aae3e0fbec
commit 191572bc6b
8 changed files with 47 additions and 53 deletions
--- a/quickstart/201-vm-disk-encryption-extension/main.tf
+++ b/quickstart/201-vm-disk-encryption-extension/main.tf
@ -39,7 +39,7 @@ resource "azurerm_key_vault_access_policy" "service-principal" {
 resource "azurerm_key_vault_key" "example" {
  name         = "examplekey"
  key_vault_id = azurerm_key_vault.example.id
-  key_type     = "RSA"
+  key_type     = "RSA-HSM"
  key_size     = 2048

  key_opts = [
@ -120,15 +120,13 @@ resource "azurerm_virtual_machine_extension" "example" {
  auto_upgrade_minor_version = false
  virtual_machine_id         = azurerm_linux_virtual_machine.example.id

-  settings = <<SETTINGS
-{
-  "EncryptionOperation": "EnableEncryption",
-  "KeyEncryptionAlgorithm": "RSA-OAEP",
-  "KeyVaultURL": "${azurerm_key_vault.example.vault_uri}",
-  "KeyVaultResourceId": "${azurerm_key_vault.example.id}",
-  "KeyEncryptionKeyURL": "${azurerm_key_vault_key.example.id}",
-  "KekVaultResourceId": "${azurerm_key_vault.example.id}",
-  "VolumeType": "All"
-}
-SETTINGS
+  settings = jsonencode({
+    "EncryptionOperation"    = "EnableEncryption"
+    "KeyEncryptionAlgorithm" = "RSA-OAEP"
+    "KeyVaultURL"            = azurerm_key_vault.example.vault_uri
+    "KeyVaultResourceId"     = azurerm_key_vault.example.id
+    "KeyEncryptionKeyURL"    = azurerm_key_vault_key.example.id
+    "KekVaultResourceId"     = azurerm_key_vault.example.id
+    "VolumeType"             = "All"
+  })
 }
--- a/quickstart/201-vm-disk-encryption-extension/providers.tf
+++ b/quickstart/201-vm-disk-encryption-extension/providers.tf
--- a/quickstart/201-vm-disk-encryption-extension/readme.md
+++ b/quickstart/201-vm-disk-encryption-extension/readme.md
@ -19,8 +19,8 @@ This template deploys an Azure virtual machine with disk encryption extension.
 | Name | Description |
 |-|-|
 | `location` | (Required) Azure Region in which to deploy these resources.|
+| `name_prefix` | (Required) Prefix of the resource name.|
 | `vm_public_key` | (Required) Public key of the Virtual Machine.|
-| `name_prefix` | (Optional) Prefix of the resource name. Value defaults to: tftest|

 ## Example

--- a/quickstart/201-vm-disk-encryption-extension/variables.tf
+++ b/quickstart/201-vm-disk-encryption-extension/variables.tf
@ -3,13 +3,12 @@ variable "location" {
  description = "Location where resources will be created"
 }

+variable "name_prefix" {
+  type        = string
+  description = "Prefix of the resource name"
+}
+
 variable "vm_public_key" {
  type        = string
  description = "Public key of the Virtual Machine"
 }
-
-variable "name_prefix" {
-  type        = string
-  default     = "tftest"
-  description = "Prefix of the resource name"
-}