From 2511ca89216e8a142455b145935f1866fe1cf7db Mon Sep 17 00:00:00 2001
From: Heyko Oelrichs <heoelri@microsoft.com>
Date: Thu, 25 Apr 2024 16:47:05 +0200
Subject: [PATCH] Fix host encryption issue in Terraform variables

---
 src/infra/workload/releaseunit/main.tf  | 14 +-------------
 src/infra/workload/releaseunit/stamp.tf | 10 +++++++---
 2 files changed, 8 insertions(+), 16 deletions(-)

diff --git a/src/infra/workload/releaseunit/main.tf b/src/infra/workload/releaseunit/main.tf
index f70614070..a8c144b53 100644
--- a/src/infra/workload/releaseunit/main.tf
+++ b/src/infra/workload/releaseunit/main.tf
@@ -21,6 +21,7 @@ provider "azurerm" {
       prevent_deletion_if_contains_resources = false
     }
   }
+  skip_provider_registration = true
 }
 
 provider "azapi" {}
@@ -29,17 +30,4 @@ provider "azapi" {}
 resource "random_password" "api_key" {
   length  = 32
   special = false
-}
-
-# Register the compute resource provider with the EncryptionAtHost feature (optional)
-resource "azurerm_resource_provider_registration" "compute" {
-  name = "Microsoft.Compute"
-
-  dynamic "feature" {
-    for_each = var.aks_enable_host_encryption ? [1] : []
-    content {
-      name       = "EncryptionAtHost"
-      registered = true
-    }
-  }
 }
\ No newline at end of file
diff --git a/src/infra/workload/releaseunit/stamp.tf b/src/infra/workload/releaseunit/stamp.tf
index a1558aa07..b9acdc505 100644
--- a/src/infra/workload/releaseunit/stamp.tf
+++ b/src/infra/workload/releaseunit/stamp.tf
@@ -23,8 +23,6 @@ module "stamp" {
 
   vnet_address_space = module.stamp_addresses.network_cidr_blocks[each.value]
 
-  aks_kubernetes_version = var.aks_kubernetes_version # kubernetes version
-
   prefix       = local.prefix       # handing over the resource prefix
   default_tags = local.default_tags # handing over the resource tags
   queued_by    = var.queued_by
@@ -39,7 +37,9 @@ module "stamp" {
   frontdoor_id_header                    = var.frontdoor_id_header
   acr_name                               = var.acr_name
 
-  aks_enable_host_encryption  = var.aks_enable_host_encryption
+  aks_kubernetes_version = var.aks_kubernetes_version # Defined kubernetes version
+
+  aks_enable_host_encryption  = var.aks_enable_host_encryption # Enable host encryption
 
   aks_system_node_pool_sku_size          = var.aks_system_node_pool_sku_size
   aks_system_node_pool_autoscale_minimum = var.aks_system_node_pool_autoscale_minimum
@@ -57,4 +57,8 @@ module "stamp" {
   alerts_enabled       = var.alerts_enabled
   api_key              = random_password.api_key.result
   ai_adaptive_sampling = var.ai_adaptive_sampling
+
+  depends_on = [ 
+    azurerm_resource_provider_registration.compute
+  ]
 }