OiO.lk Community platform!

Oio.lk is an excellent forum for developers, providing a wide range of resources, discussions, and support for those in the developer community. Join oio.lk today to connect with like-minded professionals, share insights, and stay updated on the latest trends and technologies in the development field.
  You need to log in or register to access the solved answers to this problem.
  • You have reached the maximum number of guest views allowed
  • Please register below to remove this limitation

How to find and obtain the SecretURL for disk_encryption_key block for resource "azurerm_managed_disk" in terraform

  • Thread starter Thread starter NickP
  • Start date Start date
N

NickP

Guest
I'm struggling to find and obtain the secretURL used for the disk encryption key encryption block for the azurerm_managed_disk resource block in terraform. Anyone know how to obtain this? The docs states this, but not sure how to get the secret of the key in the key vault.

secret_url - (Required) The URL to the Key Vault Secret used as the Disk Encryption Key. This can be found as id on the azurerm_key_vault_secret resource.

Code:
 data "azurerm_key_vault" "kv" {
  name = var.disk_encryption_key_vault_name
  resource_group_name = var.disk_encryption_key_rg
}

data "azurerm_key_vault_key" "encryption-kv" {
  name         = var.disk_encryption_key_name
  key_vault_id = data.azurerm_key_vault.kv.id
}

resource "azurerm_managed_disk" "data" {
      count                = var.data_disk_count
      name                 = "${var.vm_name}-DataDisk-${count.index + 1}"
      location             = var.location
      resource_group_name  = var.resource_group_name
      storage_account_type = var.data_disk_storage_account_type
      create_option        = "Empty"
      disk_size_gb         = var.data_disk_size_gb
      tags                 = var.tags
    
      encryption_settings {
        enabled = true
        disk_encryption_key {
          secret_url      = 
          source_vault_id = data.azurerm_key_vault_key.encryption-kv.key_vault_id
        }
        key_encryption_key {
          key_url         = "https://${data.azurerm_key_vault.kv.name}.vault.usgovcloudapi.net/keys/${var.disk_encryption_key_name}/${data.azurerm_key_vault_key.encryption-kv.version}"
          source_vault_id = data.azurerm_key_vault_key.encryption-kv.key_vault_id
        }
      }
    
    }
<p>I'm struggling to find and obtain the secretURL used for the disk encryption key encryption block for the azurerm_managed_disk resource block in terraform. Anyone know how to obtain this? The docs states this, but not sure how to get the secret of the key in the key vault.</p>
<blockquote>
<p>secret_url - (Required) The URL to the Key Vault Secret used as the
Disk Encryption Key. This can be found as id on the
azurerm_key_vault_secret resource.</p>
</blockquote>
<pre><code> data "azurerm_key_vault" "kv" {
name = var.disk_encryption_key_vault_name
resource_group_name = var.disk_encryption_key_rg
}

data "azurerm_key_vault_key" "encryption-kv" {
name = var.disk_encryption_key_name
key_vault_id = data.azurerm_key_vault.kv.id
}

resource "azurerm_managed_disk" "data" {
count = var.data_disk_count
name = "${var.vm_name}-DataDisk-${count.index + 1}"
location = var.location
resource_group_name = var.resource_group_name
storage_account_type = var.data_disk_storage_account_type
create_option = "Empty"
disk_size_gb = var.data_disk_size_gb
tags = var.tags

encryption_settings {
enabled = true
disk_encryption_key {
secret_url =
source_vault_id = data.azurerm_key_vault_key.encryption-kv.key_vault_id
}
key_encryption_key {
key_url = "https://${data.azurerm_key_vault.kv.name}.vault.usgovcloudapi.net/keys/${var.disk_encryption_key_name}/${data.azurerm_key_vault_key.encryption-kv.version}"
source_vault_id = data.azurerm_key_vault_key.encryption-kv.key_vault_id
}
}

}
</code></pre>
Continue reading...
 
Top