Pattern: Unencrypted managed disk
Issue: -
Manage disks should be encrypted at rest. When specifying the encryption_settings block, the enabled attribute should be set to true.
Resolution: Enable encryption on managed disks.
Example of incorrect code:
resource "azurerm_managed_disk" "bad_example" {
encryption_settings {
enabled = false
}
}Example of correct code:
resource "azurerm_managed_disk" "good_example" {
encryption_settings {
enabled = true
}
}