Tips-Of-Mine/terraform
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

resolve comments

Browse Source
This commit is contained in:
Yichun Ma
2022-06-28 17:23:27 +08:00
parent aae3e0fbec
commit 191572bc6b
8 changed files with 47 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
quickstart/201-vmss-disk-encryption-extension/main.tf
View File

@ -39,7 +39,7 @@ resource "azurerm_key_vault_access_policy" "service-principal" {
resource "azurerm_key_vault_key" "example" {
name = "examplekey"
key_vault_id = azurerm_key_vault.example.id
key_type = "RSA"
key_type = "RSA-HSM"
key_size = 3072
key_opts = [
@ -114,15 +114,13 @@ resource "azurerm_virtual_machine_scale_set_extension" "example" {
auto_upgrade_minor_version = false
virtual_machine_scale_set_id = azurerm_windows_virtual_machine_scale_set.example.id
settings = <<SETTINGS
{
"EncryptionOperation": "EnableEncryption",
"KeyEncryptionAlgorithm": "RSA-OAEP",
"KeyVaultURL": "${azurerm_key_vault.example.vault_uri}",
"KeyVaultResourceId": "${azurerm_key_vault.example.id}",
"KeyEncryptionKeyURL": "${azurerm_key_vault_key.example.id}",
"KekVaultResourceId": "${azurerm_key_vault.example.id}",
"VolumeType": "All"
}
SETTINGS
settings = jsonencode({
"EncryptionOperation" = "EnableEncryption"
"KeyEncryptionAlgorithm" = "RSA-OAEP"
"KeyVaultURL" = azurerm_key_vault.example.vault_uri
"KeyVaultResourceId" = azurerm_key_vault.example.id
"KeyEncryptionKeyURL" = azurerm_key_vault_key.example.id
"KekVaultResourceId" = azurerm_key_vault.example.id
"VolumeType" = "All"
})
}