Change encryption at host to *bool

hashicorp · Sep 16, 2023 · 89e7794 · 89e7794
1 parent 3140920
commit 89e7794
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 4 deletions.
diff --git a/builder/azure/arm/config.go b/builder/azure/arm/config.go
@@ -570,7 +570,7 @@ type Config struct {
 	SecureBootEnabled bool `mapstructure:"secure_boot_enabled" required:"false"`
 	// Specifies if Encryption at host is enabled for the Virtual Machine.
 	// Requires enabling encryption at host in the Subscription read more [here](https://learn.microsoft.com/en-us/azure/virtual-machines/disks-enable-host-based-encryption-portal?tabs=azure-powershell)
-	EncryptionAtHost bool `mapstructure:"encryption_at_host" required:"false"`
+	EncryptionAtHost *bool `mapstructure:"encryption_at_host" required:"false"`
 
 	// Specifies if vTPM (virtual Trusted Platform Module) and Trusted Launch is enabled for the Virtual Machine.
 	VTpmEnabled bool `mapstructure:"vtpm_enabled" required:"false"`

diff --git a/builder/azure/arm/template_factory.go b/builder/azure/arm/template_factory.go
@@ -283,7 +283,7 @@ func GetVirtualMachineTemplateBuilder(config *Config) (*template.TemplateBuilder
 		}
 	}
 
-	if config.SecureBootEnabled || config.VTpmEnabled || config.EncryptionAtHost {
+	if config.SecureBootEnabled || config.VTpmEnabled || (config.EncryptionAtHost != nil && *config.EncryptionAtHost) {
 		err = builder.SetSecurityProfile(config.SecureBootEnabled, config.VTpmEnabled, config.EncryptionAtHost)
 		if err != nil {
 			return nil, err

diff --git a/builder/azure/common/template/template_builder.go b/builder/azure/common/template/template_builder.go
@@ -518,7 +518,7 @@ func (s *TemplateBuilder) SetLicenseType(licenseType string) error {
 	return nil
 }
 
-func (s *TemplateBuilder) SetSecurityProfile(secureBootEnabled bool, vtpmEnabled bool, encryptionAtHost bool) error {
+func (s *TemplateBuilder) SetSecurityProfile(secureBootEnabled bool, vtpmEnabled bool, encryptionAtHost *bool) error {
 	s.setVariable("apiVersion", "2020-12-01") // Required for Trusted Launch
 	resource, err := s.getResourceByType(resourceVirtualMachine)
 	if err != nil {
@@ -533,7 +533,7 @@ func (s *TemplateBuilder) SetSecurityProfile(secureBootEnabled bool, vtpmEnabled
 		resource.Properties.SecurityProfile.UefiSettings.SecureBootEnabled = common.BoolPtr(secureBootEnabled)
 		resource.Properties.SecurityProfile.UefiSettings.VTpmEnabled = common.BoolPtr(vtpmEnabled)
 	}
-	resource.Properties.SecurityProfile.EncryptionAtHost = common.BoolPtr(encryptionAtHost)
+	resource.Properties.SecurityProfile.EncryptionAtHost = encryptionAtHost
 
 	return nil
 }