From 15b5996c4884bf144be66c405e0c016de3f8b26e Mon Sep 17 00:00:00 2001 From: mahesh yadav Date: Mon, 12 Dec 2022 16:51:28 +0530 Subject: [PATCH 1/2] update module --- _example/example.tf | 12 ++++++++++-- main.tf | 11 +++++++---- variables.tf | 15 ++++++++++++--- 3 files changed, 29 insertions(+), 9 deletions(-) diff --git a/_example/example.tf b/_example/example.tf index 0165fc7..d2951f9 100644 --- a/_example/example.tf +++ b/_example/example.tf @@ -7,8 +7,8 @@ module "resource_group" { source = "clouddrove/resource-group/azure" label_order = ["name", "environment", ] - name = "trustspherstoraget" - environment = "staging" + name = "app" + environment = "test" location = "North Europe" } @@ -20,6 +20,14 @@ module "storage" { account_kind = "BlobStorage" account_tier = "Standard" account_replication_type = "GRS" + is_hns_enabled = true + sftp_enabled = true + network_rules = [ + { + ip_rules = ["0.0.0.0/0"] + bypass = ["AzureServices"] + } + ] containers_list = [ { name = "mystore250", access_type = "private" }, diff --git a/main.tf b/main.tf index 02531d4..40675b5 100644 --- a/main.tf +++ b/main.tf @@ -28,6 +28,8 @@ resource "azurerm_storage_account" "storage" { account_replication_type = var.account_replication_type enable_https_traffic_only = var.enable_https_traffic_only min_tls_version = var.min_tls_version + is_hns_enabled = var.is_hns_enabled + sftp_enabled = var.sftp_enabled tags = module.labels.tags blob_properties { @@ -37,12 +39,13 @@ resource "azurerm_storage_account" "storage" { } dynamic "network_rules" { - for_each = var.network_rules != null ? ["true"] : [] + for_each = var.network_rules content { default_action = "Deny" - bypass = var.network_rules.bypass - ip_rules = var.network_rules.ip_rules - virtual_network_subnet_ids = var.network_rules.subnet_ids + ip_rules = lookup(network_rules.value, "ip_rules", null ) + virtual_network_subnet_ids = lookup(network_rules.value, "virtual_network_subnet_ids", null ) + bypass = lookup(network_rules.value, "bypass", null) + } } } diff --git a/variables.tf b/variables.tf index cdb7a8e..177ae80 100644 --- a/variables.tf +++ b/variables.tf @@ -97,7 +97,7 @@ variable "min_tls_version" { variable "soft_delete_retention" { type = number - default = 30 + default = null description = "Number of retention days for soft delete. If set to null it will disable soft delete all together." } @@ -108,8 +108,17 @@ variable "containers_list" { } variable "network_rules" { - type = object({ bypass = list(string), ip_rules = list(string), subnet_ids = list(string) }) - default = null + type = list(any) + default = [] description = "Network rules restricing access to the storage account." } +variable "is_hns_enabled" { + type = bool + default = false +} + +variable "sftp_enabled" { + type = bool + default = false +} From 3e15f629a02dcedd8045dfa7f2614cbd0d189214 Mon Sep 17 00:00:00 2001 From: mahesh yadav Date: Mon, 12 Dec 2022 16:56:44 +0530 Subject: [PATCH 2/2] update soft delete relention --- variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/variables.tf b/variables.tf index 177ae80..0415634 100644 --- a/variables.tf +++ b/variables.tf @@ -97,7 +97,7 @@ variable "min_tls_version" { variable "soft_delete_retention" { type = number - default = null + default = 30 description = "Number of retention days for soft delete. If set to null it will disable soft delete all together." }