Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add CMK support for core resources #4149

Merged
merged 30 commits into from
Nov 26, 2024
Merged

Add CMK support for core resources #4149

merged 30 commits into from
Nov 26, 2024

Conversation

yuvalyaron
Copy link
Collaborator

@yuvalyaron yuvalyaron commented Nov 19, 2024
edited
Loading

Resolves #4142, #4143

Part of #4002

What is being addressed

Added CMK support for Storage accounts and VM storage disks for core TRE resources.
Added the option to use an external Key Vault to store the CMKs

How is this addressed

users set enable_cmk_encryption: true in the config.yaml,
and either encryption_kv_name or external_key_store_id for the key vault.

Matthew Fortunka and others added 16 commits September 9, 2024 11:04
@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 19, 2024
edited
Loading

Unit Test Results

0 tests   0 ✅  0s ⏱️
0 suites  0 💤
0 files    0 ❌

Results for commit 95c6b6a.

♻️ This comment has been updated with latest results.

@yuvalyaron
Copy link
Collaborator Author

/test-extended

@github-actions GitHub Actions
Copy link

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/11916800932 (with refid afeb06a0)

(in response to this comment from @yuvalyaron)

@yuvalyaron
Copy link
Collaborator Author

/test-extended

@github-actions GitHub Actions
Copy link

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/11923480499 (with refid afeb06a0)

(in response to this comment from @yuvalyaron)

@yuvalyaron
Copy link
Collaborator Author

/test-extended

@github-actions GitHub Actions
Copy link

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/11923684873 (with refid afeb06a0)

(in response to this comment from @yuvalyaron)

@yuvalyaron
Copy link
Collaborator Author

/test-extended

@github-actions GitHub Actions
Copy link

🤖 pr-bot 🤖

🏃 Running extended tests: https://github.com/microsoft/AzureTRE/actions/runs/11930799088 (with refid afeb06a0)

(in response to this comment from @yuvalyaron)

@yuvalyaron yuvalyaron enabled auto-merge (squash) November 20, 2024 13:07
guybartal
guybartal approved these changes Nov 21, 2024
View reviewed changes
Copy link
Collaborator

@guybartal guybartal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM with few comments

@yuvalyaron
Copy link
Collaborator Author

/test

@github-actions GitHub Actions
Copy link

🤖 pr-bot 🤖

🏃 Running tests: https://github.com/microsoft/AzureTRE/actions/runs/11995889638 (with refid afeb06a0)

(in response to this comment from @yuvalyaron)

@yuvalyaron yuvalyaron mentioned this pull request Nov 24, 2024
Closed
LizaShak
LizaShak approved these changes Nov 25, 2024
View reviewed changes
Copy link
Collaborator

@LizaShak LizaShak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, just a small comment to document all the new config

config.sample.yaml Show resolved Hide resolved
@yuvalyaron
Copy link
Collaborator Author

/test-force-approve

@github-actions GitHub Actions
Copy link

🤖 pr-bot 🤖

✅ Marking tests as complete (for commit 6f9e0fd)

(in response to this comment from @yuvalyaron)

@yuvalyaron
Copy link
Collaborator Author

/test-force-approve

@github-actions GitHub Actions
Copy link

🤖 pr-bot 🤖

✅ Marking tests as complete (for commit 95c6b6a)

(in response to this comment from @yuvalyaron)

@tim-p-allen
Copy link
Collaborator

Has support been adding for the CMK configuration through Env Vars in GitHub?

@yuvalyaron
Copy link
Collaborator Author

Has support been adding for the CMK configuration through Env Vars in GitHub?

#4148
@tim-allen-ck

tim-p-allen
tim-p-allen approved these changes Nov 26, 2024
View reviewed changes
Copy link
Collaborator

@tim-p-allen tim-p-allen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@yuvalyaron yuvalyaron merged commit 38bd432 into microsoft:main Nov 26, 2024
12 checks passed
@yuvalyaron yuvalyaron deleted the 4002-cmk-support branch November 26, 2024 12:10
@yuvalyaron yuvalyaron linked an issue Nov 26, 2024 that may be closed by this pull request
Support for storing the encryption keys of core resources in an external Key Vault #4143
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marrobi marrobi marrobi left review comments

@tim-p-allen tim-p-allen tim-p-allen approved these changes

@LizaShak LizaShak LizaShak approved these changes

@guybartal guybartal guybartal approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
5 participants
@yuvalyaron @tim-p-allen @guybartal @marrobi @LizaShak