Top / Microsoft Azure / Azure Compute / Managed Disk

Azure Compute Managed Disk

This page shows how to write Terraform for Compute Managed Disk and write them securely.

terraform-logo

Review your .tf file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

azurerm_managed_disk (Terraform)

The Managed Disk in Compute can be configured in Terraform with the resource name azurerm_managed_disk. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

main.tf#L6
resource "azurerm_managed_disk" "disk0" {
  name                 = "disk0"
  location             = var.region
  resource_group_name  = var.rg
  storage_account_type = var.disk_type
  create_option        = "Empty"
main.tf#L65
resource "azurerm_managed_disk" "example" {
  name                 = var.firstDiskAttribute[0]
  location             = var.region
  resource_group_name  = azurerm_resource_group.example.name
  storage_account_type = "Standard_LRS"
  create_option        = "Empty"
main.tf#L44
resource "azurerm_managed_disk" "managed_disk" {
  name                 = "manageddisk01"
  location             = azurerm_resource_group.rg.location
  resource_group_name  = azurerm_resource_group.rg.name
  storage_account_type = "Standard_LRS"
  create_option        = "Empty"
07-disks.tf#L78
resource "azurerm_managed_disk" "disk-01-vm-07-server-04" {
    name                 = "disk-01-vm-07-server-04"
    location            = azurerm_resource_group.rg-br-server-prd.location
    resource_group_name = azurerm_resource_group.rg-br-server-prd.name
    storage_account_type = "Standard_LRS"
    create_option        = "Empty"
main.tf#L1
resource "azurerm_managed_disk" "disk0" {
  name                 = "disk0"
  location             = var.region
  resource_group_name  = var.rg
  storage_account_type = var.disk_type
  create_option        = "Empty"
main.tf#L98
resource "azurerm_managed_disk" "managedisk_vhgrrpoddb01" {
  count                = length(var.extradisks_vhgrrpoddb01)
  name                 = element(var.extradisks_vhgrrpoddb01,count.index)
  location             = var.location
  resource_group_name  = azurerm_resource_group.rg.name
  storage_account_type = element(var.extradisks_storage_account_type1,count.index)
managed_disk_test.tf#L6
resource "azurerm_managed_disk" "standard" {
  name                = "standard"
  resource_group_name = "fake_resource_group"
  location            = "eastus"

  create_option        = "Empty"
positive.tf#L1
resource "azurerm_managed_disk" "positive1" {
  name                 = "acctestmd"
  location             = "West US 2"
  resource_group_name  = azurerm_resource_group.example.name
  storage_account_type = "Standard_LRS"
  create_option        = "Empty"
main.tf#L10
resource "azurerm_managed_disk" "source" {
  name                 = "acctestmd1"
  location             = "West US 2"
  resource_group_name  = azurerm_resource_group.example.name
  storage_account_type = "Standard_LRS"
  create_option        = "Empty"
managed-disks.tf#L2
resource "azurerm_managed_disk" "postfacto_v1_redis" {
  name     = "k8s_postfacto_v1_redis_disk"
  location = azurerm_resource_group.rg.location
  # If storage is ZRS, to make  ZRS available at multiple zones, leave the array empty
  # Note: ZRS uses CSI drive, which should be installed if k8s < 1.21.0
  zones                = [1]

Review your Terraform file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Security Best Practices for azurerm_managed_disk

There is 1 setting in azurerm_managed_disk that should be taken care of for security reasons. The following section explain an overview and example code.

risk-label

Ensure to enable the encryption on managed disks

It is better to enable the encryption on managed disks.

Review your Azure Compute settings

You can check if the azurerm_managed_disk setting in your .tf file is correct in 3 min with Shisho Cloud.

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Manages a managed disk.

>> from Terraform Registry

Tips: Best Practices for The Other Azure Compute Resources

In addition to the azurerm_linux_virtual_machine, Azure Compute has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.

risk-label

azurerm_linux_virtual_machine

Ensure to use SSH authentication for virtual machines

It is better to use SSH authentication for virtual machines instead of password authentication to enforce more secure ways.

risk-label

azurerm_virtual_machine

Ensure to use SSH authentication for virtual machines

It is better to use SSH authentication for virtual machines instead of password authentication to enforce more secure ways.

Review your Azure Compute settings

In addition to the above, there are other security points you should be aware of making sure that your .tf files are protected in Shisho Cloud.

Azure Resource Manager Example

Azure Resource Manager code does not have the related resource.

The Other Related Azure Compute Resources

Frequently asked questions

What is Azure Compute Managed Disk?

Azure Compute Managed Disk is a resource for Compute of Microsoft Azure. Settings can be wrote in Terraform.

Where can I find the example code for the Azure Compute Managed Disk?

For Terraform, the lasertown/throughput_test, ani50/tfstructuraldatatype and shankar5885/sampletf source code examples are useful. See the Terraform Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents