diff --git a/azurerm/resource_arm_storage_account.go b/azurerm/resource_arm_storage_account.go index 7efa5e747aaf..610f83372d7d 100644 --- a/azurerm/resource_arm_storage_account.go +++ b/azurerm/resource_arm_storage_account.go @@ -127,13 +127,13 @@ func resourceArmStorageAccount() *schema.Resource { "enable_blob_encryption": { Type: schema.TypeBool, Optional: true, - Computed: true, + Default: true, }, "enable_file_encryption": { Type: schema.TypeBool, Optional: true, - Computed: true, + Default: true, }, "enable_https_traffic_only": { @@ -275,6 +275,7 @@ func resourceArmStorageAccountCreate(d *schema.ResourceData, meta interface{}) e location := azureRMNormalizeLocation(d.Get("location").(string)) tags := d.Get("tags").(map[string]interface{}) enableBlobEncryption := d.Get("enable_blob_encryption").(bool) + enableFileEncryption := d.Get("enable_file_encryption").(bool) enableHTTPSTrafficOnly := d.Get("enable_https_traffic_only").(bool) accountTier := d.Get("account_tier").(string) @@ -296,6 +297,9 @@ func resourceArmStorageAccountCreate(d *schema.ResourceData, meta interface{}) e Services: &storage.EncryptionServices{ Blob: &storage.EncryptionService{ Enabled: utils.Bool(enableBlobEncryption), + }, + File: &storage.EncryptionService{ + Enabled: utils.Bool(enableFileEncryption), }}, KeySource: storage.KeySource(storageAccountEncryptionSource), }, @@ -304,12 +308,6 @@ func resourceArmStorageAccountCreate(d *schema.ResourceData, meta interface{}) e }, } - if v, ok := d.GetOk("enable_file_encryption"); ok { - parameters.Encryption.Services.File = &storage.EncryptionService{ - Enabled: utils.Bool(v.(bool)), - } - } - if _, ok := d.GetOk("custom_domain"); ok { parameters.CustomDomain = expandStorageAccountCustomDomain(d) } diff --git a/website/docs/r/storage_account.html.markdown b/website/docs/r/storage_account.html.markdown index d04552f55bbd..1376b7c6ee87 100644 --- a/website/docs/r/storage_account.html.markdown +++ b/website/docs/r/storage_account.html.markdown @@ -97,13 +97,9 @@ The following arguments are supported: * `access_tier` - (Optional) Defines the access tier for `BlobStorage` and `StorageV2` accounts. Valid options are `Hot` and `Cold`, defaults to `Hot`. -* `enable_blob_encryption` - (Optional) Boolean flag which controls if Encryption - Services are enabled for Blob storage, see [here](https://azure.microsoft.com/en-us/documentation/articles/storage-service-encryption/) - for more information. +* `enable_blob_encryption` - (Optional) Boolean flag which controls if Encryption Services are enabled for Blob storage, see [here](https://azure.microsoft.com/en-us/documentation/articles/storage-service-encryption/) for more information. Defaults to `true`. -* `enable_file_encryption` - (Optional) Boolean flag which controls if Encryption - Services are enabled for File storage, see [here](https://azure.microsoft.com/en-us/documentation/articles/storage-service-encryption/) - for more information. +* `enable_file_encryption` - (Optional) Boolean flag which controls if Encryption Services are enabled for File storage, see [here](https://azure.microsoft.com/en-us/documentation/articles/storage-service-encryption/) for more information. Defaults to `true`. * `enable_https_traffic_only` - (Optional) Boolean flag which forces HTTPS if enabled, see [here](https://docs.microsoft.com/en-us/azure/storage/storage-require-secure-transfer/) for more information.