Skip to content

Disk encryption and backup disk encryption #94

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 10 commits into from
Closed

Disk encryption and backup disk encryption #94

wants to merge 10 commits into from

Conversation

@shemau
Copy link
Contributor

@shemau shemau commented Mar 22, 2023

Description

#49 Clarification around disk encryption and backup disk encryption requirements.

Adding documentation to the README.md and improving the descriptions of the key_protect_key_crn and backup_encryption_key_crn.

Include some validation on the backup_encryption_key_crn. This is unlikely to catch much. It does not catch when the value is null and key_protect_key_crn is substituted. It does not catch when the key is created as part of the root module, since the key is not known until apply time.

We can not validate this inside the module, because if the module validates and fails, it becomes impossible to run plan or destroy against the state file. These actions would be required to destroy and recreate the key and/or KP instance.

Types of changes in this PR

No release required

  • Examples or tests (addition or updates of examples or tests)
  • Documentation update
  • CI-related update (pipeline, etc.)
  • Other changes that don't affect Terraform code

Release required

  • Bug fix (patch release (x.x.X): Change that fixes an issue and is compatible with earlier versions)
  • New feature (minor release (x.X.x): Change that adds functionality and is compatible with earlier versions)
  • Breaking change (major release (X.x.x): Change that is likely incompatible with previous versions)
Release notes content

Add validation to backup_encryption_key_crn to validate backup keys are from us-south/us-east/eu-de.

Checklist for reviewers

  • If relevant, a test for the change is included or updated with this PR.
  • If relevant, documentation for the change is included or updated with this PR.

Merge actions for mergers

  • Merge by using "Squash and merge".

  • Use a relevant conventional commit message that is based on the PR contents and any release notes provided by the PR author.

    The commit message determines whether a new version of the module is needed, and if so, which semver increment to use (major, minor, or patch).
@shemau shemau requested a review from jojustin March 22, 2023 15:39
@shemau shemau changed the title Backup Disk encryption and backup disk encryption Mar 22, 2023
jojustin
jojustin previously approved these changes Mar 28, 2023
View reviewed changes
daniel-butler-irl
daniel-butler-irl reviewed Apr 24, 2023
View reviewed changes
daniel-butler-irl
daniel-butler-irl reviewed Apr 24, 2023
View reviewed changes
@ocofaigh
Copy link
Contributor

ocofaigh commented May 11, 2023

@shemau I have taken your updates and mostly added them to #186
Please take a look. I'm going to close this PR
@ocofaigh ocofaigh closed this May 11, 2023
@ocofaigh ocofaigh deleted the backup branch May 11, 2023 17:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

5 participants

@shemau @ocofaigh @jojustin @daniel-butler-irl