Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Implement support for KMS arguments #288

Merged
merged 10 commits into from
Jan 29, 2023
Prev Previous commit
Next Next commit
chore: Fulfill checkov checks
mkilchhofer committed Jan 24, 2023

Unverified

The committer email address is not verified.
commit 70121785da3e7b0a78393f44b0c1a9c87566902b
1 change: 1 addition & 0 deletions .checkov_config.yaml
Original file line number Diff line number Diff line change
@@ -11,6 +11,7 @@ quiet: true
secrets-scan-file-type: []
skip-check:
- CKV_GHA_3
- CKV_AZURE_112
lonegunmanb marked this conversation as resolved.
Show resolved Hide resolved
- CKV_AZURE_168
- CKV_AZURE_170
skip-framework:
9 changes: 5 additions & 4 deletions examples/named_cluster/kms.tf
Original file line number Diff line number Diff line change
@@ -7,10 +7,11 @@ resource "azurerm_key_vault_key" "kms" {
"verify",
"wrapKey",
]
key_type = "RSA"
key_vault_id = azurerm_key_vault.des_vault.id
name = "etcd-encryption"
key_size = 2048
key_type = "RSA"
key_vault_id = azurerm_key_vault.des_vault.id
name = "etcd-encryption"
expiration_date = timeadd("${formatdate("YYYY-MM-DD", timestamp())}T00:00:00Z", "168h")
key_size = 2048

depends_on = [
azurerm_key_vault_access_policy.current_user