From 288f32fe2dc799167ec7257909a0e72be36d8c75 Mon Sep 17 00:00:00 2001
From: Basilio Bogado <541149+basiliskus@users.noreply.github.com>
Date: Wed, 21 Aug 2024 10:01:45 -0700
Subject: [PATCH] Enabled infrastructure encryption for azurerm_storage_account
 resources (#1258)

---
 operations/template/docs.tf    | 17 +++++++++--------
 operations/template/storage.tf | 17 +++++++++--------
 2 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/operations/template/docs.tf b/operations/template/docs.tf
index 69548091f..c7a59959e 100644
--- a/operations/template/docs.tf
+++ b/operations/template/docs.tf
@@ -1,12 +1,13 @@
 resource "azurerm_storage_account" "docs" {
-  name                            = "cdcti${var.environment}docs"
-  resource_group_name             = data.azurerm_resource_group.group.name
-  location                        = data.azurerm_resource_group.group.location
-  account_tier                    = "Standard"
-  account_replication_type        = "GRS"
-  account_kind                    = "StorageV2"
-  allow_nested_items_to_be_public = false
-  min_tls_version                 = "TLS1_2"
+  name                              = "cdcti${var.environment}docs"
+  resource_group_name               = data.azurerm_resource_group.group.name
+  location                          = data.azurerm_resource_group.group.location
+  account_tier                      = "Standard"
+  account_replication_type          = "GRS"
+  account_kind                      = "StorageV2"
+  allow_nested_items_to_be_public   = false
+  min_tls_version                   = "TLS1_2"
+  infrastructure_encryption_enabled = true
 
   static_website {
     index_document = "index.html"
diff --git a/operations/template/storage.tf b/operations/template/storage.tf
index 8a9e5a28f..101149214 100644
--- a/operations/template/storage.tf
+++ b/operations/template/storage.tf
@@ -1,12 +1,13 @@
 resource "azurerm_storage_account" "storage" {
-  name                            = "cdcti${var.environment}"
-  resource_group_name             = data.azurerm_resource_group.group.name
-  location                        = data.azurerm_resource_group.group.location
-  account_tier                    = "Standard"
-  account_replication_type        = "GRS"
-  account_kind                    = "StorageV2"
-  allow_nested_items_to_be_public = false
-  min_tls_version                 = "TLS1_2"
+  name                              = "cdcti${var.environment}"
+  resource_group_name               = data.azurerm_resource_group.group.name
+  location                          = data.azurerm_resource_group.group.location
+  account_tier                      = "Standard"
+  account_replication_type          = "GRS"
+  account_kind                      = "StorageV2"
+  allow_nested_items_to_be_public   = false
+  min_tls_version                   = "TLS1_2"
+  infrastructure_encryption_enabled = true
 
   #   below tags are managed by CDC
   lifecycle {