From 03c855e4df521fd5132b5b7e02411661993e2e9d Mon Sep 17 00:00:00 2001
From: Jim Enright <jenright@cloudera.com>
Date: Thu, 14 Mar 2024 17:14:53 +0000
Subject: [PATCH] Update CDP provider version and add encryption_at_host
 parameter

Signed-off-by: Jim Enright <jenright@cloudera.com>
---
 .../examples/ex01-minimal_inputs/main.tf                   | 2 +-
 .../examples/ex02-existing-vpc/main.tf                     | 2 +-
 .../examples/ex03-create-keypair/main.tf                   | 2 +-
 modules/terraform-cdp-deploy/README.md                     | 3 ++-
 .../terraform-cdp-deploy/examples/ex01-aws-basic/main.tf   | 2 +-
 modules/terraform-cdp-deploy/main.tf                       | 1 +
 modules/terraform-cdp-deploy/modules/aws/provider.tf       | 2 +-
 modules/terraform-cdp-deploy/modules/azure/main.tf         | 1 +
 modules/terraform-cdp-deploy/modules/azure/provider.tf     | 2 +-
 modules/terraform-cdp-deploy/modules/azure/variables.tf    | 7 +++++++
 modules/terraform-cdp-deploy/modules/gcp/provider.tf       | 2 +-
 modules/terraform-cdp-deploy/provider.tf                   | 2 +-
 modules/terraform-cdp-deploy/variables.tf                  | 7 +++++++
 13 files changed, 26 insertions(+), 9 deletions(-)

diff --git a/modules/terraform-cdp-aws-pre-reqs/examples/ex01-minimal_inputs/main.tf b/modules/terraform-cdp-aws-pre-reqs/examples/ex01-minimal_inputs/main.tf
index 31931de..9895a74 100644
--- a/modules/terraform-cdp-aws-pre-reqs/examples/ex01-minimal_inputs/main.tf
+++ b/modules/terraform-cdp-aws-pre-reqs/examples/ex01-minimal_inputs/main.tf
@@ -38,7 +38,7 @@ terraform {
   required_providers {
     cdp = {
       source  = "cloudera/cdp"
-      version = "0.5.4"
+      version = "0.5.5"
     }
   }
 }
diff --git a/modules/terraform-cdp-aws-pre-reqs/examples/ex02-existing-vpc/main.tf b/modules/terraform-cdp-aws-pre-reqs/examples/ex02-existing-vpc/main.tf
index cda5257..80e1150 100644
--- a/modules/terraform-cdp-aws-pre-reqs/examples/ex02-existing-vpc/main.tf
+++ b/modules/terraform-cdp-aws-pre-reqs/examples/ex02-existing-vpc/main.tf
@@ -51,7 +51,7 @@ terraform {
   required_providers {
     cdp = {
       source  = "cloudera/cdp"
-      version = "0.5.4"
+      version = "0.5.5"
     }
   }
 }
diff --git a/modules/terraform-cdp-aws-pre-reqs/examples/ex03-create-keypair/main.tf b/modules/terraform-cdp-aws-pre-reqs/examples/ex03-create-keypair/main.tf
index 345d256..999392b 100644
--- a/modules/terraform-cdp-aws-pre-reqs/examples/ex03-create-keypair/main.tf
+++ b/modules/terraform-cdp-aws-pre-reqs/examples/ex03-create-keypair/main.tf
@@ -58,7 +58,7 @@ terraform {
   required_providers {
     cdp = {
       source  = "cloudera/cdp"
-      version = "0.5.4"
+      version = "0.5.5"
     }
   }
 }
diff --git a/modules/terraform-cdp-deploy/README.md b/modules/terraform-cdp-deploy/README.md
index f82c79a..4fe3d56 100644
--- a/modules/terraform-cdp-deploy/README.md
+++ b/modules/terraform-cdp-deploy/README.md
@@ -20,7 +20,7 @@ In each directory an example `terraform.tfvars.sample` values file is included t
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
-| <a name="requirement_cdp"></a> [cdp](#requirement\_cdp) | 0.5.4 |
+| <a name="requirement_cdp"></a> [cdp](#requirement\_cdp) | 0.5.5 |
 
 ## Providers
 
@@ -94,6 +94,7 @@ No resources.
 | <a name="input_enable_ccm_tunnel"></a> [enable\_ccm\_tunnel](#input\_enable\_ccm\_tunnel) | Flag to enable Cluster Connectivity Manager tunnel. If false then access from Cloud to CDP Control Plane CIDRs is required from via SG ingress | `bool` | `true` | no |
 | <a name="input_enable_outbound_load_balancer"></a> [enable\_outbound\_load\_balancer](#input\_enable\_outbound\_load\_balancer) | Create outbound load balancers for Azure environments. Only applicable for CDP deployment on Azure. | `bool` | `null` | no |
 | <a name="input_enable_raz"></a> [enable\_raz](#input\_enable\_raz) | Flag to enable Ranger Authorization Service (RAZ) | `bool` | `true` | no |
+| <a name="input_encryption_at_host"></a> [encryption\_at\_host](#input\_encryption\_at\_host) | Provision resources with host encryption enabled. Only applicable for CDP deployment on Azure. | `bool` | `null` | no |
 | <a name="input_encryption_key_arn"></a> [encryption\_key\_arn](#input\_encryption\_key\_arn) | ARN of the AWS KMS CMK to use for the server-side encryption of AWS storage resources. Only applicable for CDP deployment on AWS. | `string` | `null` | no |
 | <a name="input_encryption_key_resource_group_name"></a> [encryption\_key\_resource\_group\_name](#input\_encryption\_key\_resource\_group\_name) | Name of the existing Azure resource group hosting the Azure Key Vault containing customer managed key which will be used to encrypt the Azure Managed Disk. Only applicable for CDP deployment on Azure. | `string` | `null` | no |
 | <a name="input_encryption_key_url"></a> [encryption\_key\_url](#input\_encryption\_key\_url) | URL of the key which will be used to encrypt the Azure Managed Disks. Only applicable for CDP deployment on Azure. | `string` | `null` | no |
diff --git a/modules/terraform-cdp-deploy/examples/ex01-aws-basic/main.tf b/modules/terraform-cdp-deploy/examples/ex01-aws-basic/main.tf
index 9a3ef15..31bc15c 100644
--- a/modules/terraform-cdp-deploy/examples/ex01-aws-basic/main.tf
+++ b/modules/terraform-cdp-deploy/examples/ex01-aws-basic/main.tf
@@ -82,7 +82,7 @@ terraform {
   required_providers {
     cdp = {
       source  = "cloudera/cdp"
-      version = "0.5.4"
+      version = "0.5.5"
     }
   }
 }
diff --git a/modules/terraform-cdp-deploy/main.tf b/modules/terraform-cdp-deploy/main.tf
index 479dd0b..e4d7b5d 100644
--- a/modules/terraform-cdp-deploy/main.tf
+++ b/modules/terraform-cdp-deploy/main.tf
@@ -147,6 +147,7 @@ module "cdp_on_azure" {
 
   encryption_key_resource_group_name = var.encryption_key_resource_group_name
   encryption_key_url                 = var.encryption_key_url
+  encryption_at_host                 = var.encryption_at_host
 
   azure_aks_private_dns_zone_id      = var.azure_aks_private_dns_zone_id
   azure_database_private_dns_zone_id = var.azure_database_private_dns_zone_id
diff --git a/modules/terraform-cdp-deploy/modules/aws/provider.tf b/modules/terraform-cdp-deploy/modules/aws/provider.tf
index 53103c0..4a32712 100644
--- a/modules/terraform-cdp-deploy/modules/aws/provider.tf
+++ b/modules/terraform-cdp-deploy/modules/aws/provider.tf
@@ -16,7 +16,7 @@ terraform {
   required_providers {
     cdp = {
       source  = "cloudera/cdp"
-      version = "0.5.4"
+      version = "0.5.5"
     }
   }
 
diff --git a/modules/terraform-cdp-deploy/modules/azure/main.tf b/modules/terraform-cdp-deploy/modules/azure/main.tf
index b238af5..a036c0c 100644
--- a/modules/terraform-cdp-deploy/modules/azure/main.tf
+++ b/modules/terraform-cdp-deploy/modules/azure/main.tf
@@ -74,6 +74,7 @@ resource "cdp_environments_azure_environment" "cdp_env" {
   enable_outbound_load_balancer      = var.enable_outbound_load_balancer
   encryption_key_resource_group_name = var.encryption_key_resource_group_name
   encryption_key_url                 = var.encryption_key_url
+  encryption_at_host                 = var.encryption_at_host
 
   polling_options = {
     async           = var.environment_async_creation
diff --git a/modules/terraform-cdp-deploy/modules/azure/provider.tf b/modules/terraform-cdp-deploy/modules/azure/provider.tf
index 53103c0..4a32712 100644
--- a/modules/terraform-cdp-deploy/modules/azure/provider.tf
+++ b/modules/terraform-cdp-deploy/modules/azure/provider.tf
@@ -16,7 +16,7 @@ terraform {
   required_providers {
     cdp = {
       source  = "cloudera/cdp"
-      version = "0.5.4"
+      version = "0.5.5"
     }
   }
 
diff --git a/modules/terraform-cdp-deploy/modules/azure/variables.tf b/modules/terraform-cdp-deploy/modules/azure/variables.tf
index cb052f3..70b5fd6 100644
--- a/modules/terraform-cdp-deploy/modules/azure/variables.tf
+++ b/modules/terraform-cdp-deploy/modules/azure/variables.tf
@@ -142,6 +142,13 @@ variable "encryption_key_url" {
 
 }
 
+variable "encryption_at_host" {
+  type = bool
+
+  description = "Provision resources with host encryption enabled"
+
+}
+
 variable "proxy_config_name" {
   type = string
 
diff --git a/modules/terraform-cdp-deploy/modules/gcp/provider.tf b/modules/terraform-cdp-deploy/modules/gcp/provider.tf
index 53103c0..4a32712 100644
--- a/modules/terraform-cdp-deploy/modules/gcp/provider.tf
+++ b/modules/terraform-cdp-deploy/modules/gcp/provider.tf
@@ -16,7 +16,7 @@ terraform {
   required_providers {
     cdp = {
       source  = "cloudera/cdp"
-      version = "0.5.4"
+      version = "0.5.5"
     }
   }
 
diff --git a/modules/terraform-cdp-deploy/provider.tf b/modules/terraform-cdp-deploy/provider.tf
index 53103c0..4a32712 100644
--- a/modules/terraform-cdp-deploy/provider.tf
+++ b/modules/terraform-cdp-deploy/provider.tf
@@ -16,7 +16,7 @@ terraform {
   required_providers {
     cdp = {
       source  = "cloudera/cdp"
-      version = "0.5.4"
+      version = "0.5.5"
     }
   }
 
diff --git a/modules/terraform-cdp-deploy/variables.tf b/modules/terraform-cdp-deploy/variables.tf
index c56a8c0..1903674 100644
--- a/modules/terraform-cdp-deploy/variables.tf
+++ b/modules/terraform-cdp-deploy/variables.tf
@@ -330,6 +330,13 @@ variable "encryption_key_url" {
   default = null
 }
 
+variable "encryption_at_host" {
+  type = bool
+
+  description = "Provision resources with host encryption enabled. Only applicable for CDP deployment on Azure."
+
+  default = null
+}
 # ------- Cloud Service Provider Settings - General -------
 variable "region" {
   type        = string