-
Notifications
You must be signed in to change notification settings - Fork 145
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add CMK support for Base Workspace #4161
base: main
Are you sure you want to change the base?
Conversation
…02-cmk-support
…02-cmk-support
Unit Test Results0 tests 0 ✅ 0s ⏱️ Results for commit 75fce3a. ♻️ This comment has been updated with latest results. |
templates/workspaces/base/terraform/airlock/storage_accounts.tf
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
/test-extended |
🤖 pr-bot 🤖 🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/12161171332 (with refid (in response to this comment from @yuvalyaron) |
1 similar comment
🤖 pr-bot 🤖 🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/12161171332 (with refid (in response to this comment from @yuvalyaron) |
/test-extended |
🤖 pr-bot 🤖 🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/12181387380 (with refid (in response to this comment from @yuvalyaron) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Partially Resolves #4145
What is being addressed
Added CMK support for the base workspace
How is this addressed
Propagated the
ENABLE_CMK_ENCRYPTION
andKEY_STORE_ID
environment variables to the resource processor, ensuring the workspace is automatically deployed with CMK encryption if set at the TRE level.Added an identity for the workspace, allowing it to access the Key Vault for creating the CMK.