Need Kitchen supports enabling "encryption at host" to meet Azure policy encryption-end-to-end requirements. #296
Description
Hi team,
One of our largest customers is performing Azure policy enforcement to ensure end-to-end encryption at VM/VMSS level for the entire environment. However, the Azure deployment pattern is blocked since the Azure Kitchen Driver doesn't support the "encryption at host" property. Could you please help to add this feature asap?
If it is possible, the AzureRM driver should support the property "encryption_at_host: true", which is consistent with Hashicorp packer process. Refer here
Error denied by Azure policy: "Virtual machines and virtual machine scale sets should have encryption at host enabled".
MS document about "Encryption at host" feaure: https://learn.microsoft.com/en-us/azure/virtual-machines/disks-enable-host-based-encryption-portal?tabs=azure-powershell
Many thanks.