Docs - azure disk encryption during deployment

[JeffGiroux]

User requires that the BIG-IP in Azure deploy with an encrypted disk at instance boot up and that this is encrypted with the customer managed key.

1. Update README
2. Add steps for encryption process

[JeffGiroux]

The os_disk block has an optional encryption parameter. It requires an existing Disk Encryption Set ID. Alternatively, add code block to create a new Disk Encryption Set...but that is out of scope. Here are high level steps to encrypt a disk.

linux_virtual_machine terraform docs - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine#os_disk
disk_encryption_set - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/disk_encryption_set

Steps

1. create Azure keyvault
2. create Azure key
3. create Azure Disk Encryption Set and copy ID for later
4. Locate os_disk block in bigip.tf (standalone example) https://github.com/JeffGiroux/f5_terraform/blob/main/Azure/Standalone/bigip.tf
5. Add disk encryption parameter

current

  os_disk {
    name                 = "${var.prefix}vm01-osdisk"
    caching              = "ReadWrite"
    storage_account_type = "Standard_LRS"
  }

after

  os_disk {
    name                   = "${var.prefix}vm01-osdisk"
    caching                = "ReadWrite"
    storage_account_type   = "Standard_LRS"
    disk_encryption_set_id = "/subscriptions/xxxx/resourceGroups/myRg123/providers/Microsoft.Compute/diskEncryptionSets/myDiskEncryptSet123"

  }