Azure Site Recovery with an OS disk thats encrypted with the default PMK and ADE with Key Vault

michaelong8 · April 26, 2021, 11:03am

Hi,

Ive been scouring google for a way to complete the ASR script below which i have taken from one of your docs (https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/site_recovery_replicated_vm).

The whole script works fabulous in azure CLI in powershell, but when i stop the script midway and encrypt the VM 's OS disk with ADE and keyvault and try to start at the vm.vm-replication bit of the code. I get the error below.

Error creating replicated vm vm-replication (vault vault1): code “150175” Message= "Virtual machine’s OS disk is encrypted and there is no disk information found"

I guess im looking for a solution, assuming ive got a complete terraform code that does the ADE encryption with Key Vault, on how to get ASR working with a VM that has a double encrypted disk (PMK and ADE).

Thanks

Michael

petercharleston · May 28, 2021, 1:11pm

Hi Michael,

did you get a solution to this?

I have come across the same issue

Regards
Peter

michaelong8 · May 28, 2021, 4:50pm

Hey Peter,

Unfortunately not yet. I find it weird that, that this type of configuration isnt mainstream.
If you’re a security conscious organization then you would certainly encrypt the disk with your own key and for Terraform to be designed to accommodate a more secure configuration for ASR.

Thanks

Mike

dev.tf · March 6, 2022, 11:29pm

@michaelong8 @petercharleston I am also getting same error. Did you manage to get solution for this error or workaround?

Thanks.