Support for `Infrastructure encryption` and `Table` and `Queue` Services in `azurerm_storage_account_customer_managed_key`

[yupwei68]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Support for the Table and Queue Services and Infrastructure encryption in azurerm_storage_account_customer_managed_key, like the portal below:

These features could not be implemented in azurerm_storage_account_customer_managed_key, because they are Forcenew properties, which could only be set in creating a storage account.

New or Affected Resource(s)

• azurerm_storage_account_customer_managed_key

Potential Terraform Configuration

# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key.

References

• 0000

[tombuildsstuff]

@yupwei68 in which case it sounds like this isn't suitable for Terraform due to the API limitation unfortunately?

[yupwei68]

Yes. Thus I open this issue to track these features.

[jmcee1]

Shouldn't this be implemented in azurerm_storage_account, as other arguments forcing recreation if modified?

[AliMBajwa]

@jmcee1 agreed - I think this needs enabling on the storage accounts themselves. #8816