Support Infrastructure Encryption - secondary layer of encryption at … (Azure#8773)

* Support Infrastructure Encryption - secondary layer of encryption at REST for accounts.

Add a boolean property to Microsoft.Storage/storageAccounts resource under encryption attributes to opt-in for a secondary layer of encryption for data at rest.

* requireInfrastructureEncryption is optional and defaults to null.

Author: tonykjose

specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/examples/StorageAccountCreate.json

@@ -28,6 +28,7 @@
               "enabled": true
             }
           },
+          "requireInfrastructureEncryption": false,
           "keySource": "Microsoft.Storage"
         }
       },
@@ -89,6 +90,7 @@
                 "lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
               }
             },
+            "requireInfrastructureEncryption": false,
             "keySource": "Microsoft.Storage"
           },
           "secondaryLocation": "centraluseuap",

specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/storage.json

@@ -1878,6 +1878,11 @@
           },
           "default": "Microsoft.Storage"
         },
+        "requireInfrastructureEncryption": {
+          "type": "boolean",
+          "x-ms-client-name": "RequireInfrastructureEncryption",
+          "description": "A boolean indicating whether or not the service applies a secondary layer of encryption with platform managed keys for data at rest."
+        },
         "keyvaultproperties": {
           "$ref": "#/definitions/KeyVaultProperties",
           "x-ms-client-name": "KeyVaultProperties",