search

forseti-security / terraform-google-forseti

A Terraform module for installing Forseti on GCP
Apache License 2.0
132 stars 127 forks source link

Shielded VM - Enable Secure Boot is not turned on #607

Closed gkowalski-google closed 3 years ago

gkowalski-google commented 4 years ago

Story

Users can configure a shielded VM by providing the settings in the server_shielded_instance_config variable. Example test fixture here. Recently the shielded_vm tests started to fail in this PR. The same behavior was reproduced locally with the branch from that PR along with master branch. Confirmed in Console UI that the secure boot flag was not set and this line can be seen in the console logs:

[    0.000000] secureboot: Secure boot could not be determined (mode 0)

Stopping and enabling the secure boot flag works. Currently this text fixture is using the latest version of the Google provider 3.34.0. Attempted to downgrade to 3.7.0 did not help.

The secure boot control has been disabled for now.

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 15 days if no further activity occurs. Thank you for your contributions.