Evaluate Infrastructure Encryption for Storage Account as option #41
Description
Microsoft allows doubly encrypting Storage Accounts: https://learn.microsoft.com/en-us/azure/storage/common/infrastructure-encryption-enable?tabs=portal
It is only possibly during creation of the Storage Account, so a customer who wants this must do it right during installation, but currently the ARM template does not offer that option.
Microsoft says that this feature is only for compliance, not security, so there's reason to enable this for customers who don't have this as a compliance requirement. But if it does no harm, we could just enable it. We shall evaluate whether this has any affect on the cost or availability and if it has no adverse effects, enable it by default or possibly as an option.
CC: @Eyad404