You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please vote on this issue by adding a 馃憤 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment
Description
I'm setting up replication of VMs across regions as a BCDR (business continuity / disaster recovery) measure. This is done using resource azurerm_site_recovery_replicated_vm.
However, my VM disks are encrypted using a CMK (customer managed key) and so when I try to replicate using TFE I get an error as below
This seems to be broken somewhat, as when trying to import (note this resource was created outside of terraform) an azurerm_site_recovery_replicated_vm resource with a managed disk that has platform managed keys, then the target_disk_encryption and target_disk_encryption_set_id are unknown and export as empty variable. This shouldn't be a problem as they're supposedly optional, however when a plan is run and these properties are left out, it errors with "attributes target_disk_encryption and target_disk_encryption_set_id are required."
Either I'm missing something obvious, which is highly likely, or this is broken.
Yes, I know I need to log a new issue about this, but I'm mid project, and don't have time to pull the relevant files together. Once completed I'll officially open an issue.
Community Note
Description
I'm setting up replication of VMs across regions as a BCDR (business continuity / disaster recovery) measure. This is done using resource azurerm_site_recovery_replicated_vm.
However, my VM disks are encrypted using a CMK (customer managed key) and so when I try to replicate using TFE I get an error as below
Error: Error creating replicated vm vm-replication (vault rv-iiq-sb-eastus-001): Code="150353" Message="Azure virtual machine disk is encrypted at rest with customer managed keys, but target disk encryption set is not provided."
Per article at https://docs.microsoft.com/en-us/azure/site-recovery/azure-to-azure-how-to-enable-replication-cmk-disks#customize-target-resources [docs.microsoft.com] it looks like we should be able to specify target disk encryption sets.
However, I don't see that option in the TFE resource settings
New or Affected Resource(s)
Potential Terraform Configuration
References
The text was updated successfully, but these errors were encountered: