Merge pull request #599 from Azure/fix/kms-requires-vnet-integration

Make the Azure Key Vault public because private Key Vault requires preview API
Azure · Nov 7, 2024 · dc5d58b · dc5d58b
2 parents 495d0ab + 1cd4e6c
commit dc5d58b
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 3 deletions.
diff --git a/examples/named_cluster/key_vault.tf b/examples/named_cluster/key_vault.tf
@@ -29,7 +29,7 @@ resource "azurerm_key_vault" "des_vault" {
 
   network_acls {
     bypass         = "AzureServices"
-    default_action = "Deny"
+    default_action = "Allow"
     ip_rules       = [local.public_ip]
   }
 }

diff --git a/examples/named_cluster/main.tf b/examples/named_cluster/main.tf
@@ -97,7 +97,7 @@ module "aks_cluster_name" {
   # KMS etcd encryption
   kms_enabled                  = true
   kms_key_vault_key_id         = azurerm_key_vault_key.kms.id
-  kms_key_vault_network_access = "Private"
+  kms_key_vault_network_access = "Public"
 
   depends_on = [
     azurerm_key_vault_access_policy.kms,

diff --git a/test/go.mod b/test/go.mod
@@ -5,7 +5,7 @@ go 1.22.0
 toolchain go1.22.5
 
 require (
-	github.com/Azure/terraform-module-test-helper v0.26.0
+	github.com/Azure/terraform-module-test-helper v0.27.0
 	github.com/gruntwork-io/terratest v0.47.1
 	github.com/hashicorp/go-retryablehttp v0.7.7
 	github.com/stretchr/testify v1.9.0