Common Azure terraform module to create a storage account
Resource naming is based on the Microsoft CAF naming convention best practices. Custom naming is available by setting the parameter custom_name. We rely on the official Terraform Azure CAF naming provider to generate resource names when available.
The resource location is the parent resource group location. To specify a custom location, use the custom_location parameter.
Tags are inherited from parent resource group. To add resource specific tags, use the custom_tags
module "umanis_tagging" {
source = "Umanis/tags/azurerm"
location = "France Central"
client = "XY2"
project = "1234"
budget = "FE4567"
rgpd_personal = true
rgpd_confidential = false
}
module "umanis_naming" {
source = "Umanis/naming/azurerm"
location = "France Central"
client = "XY2"
project = "1234"
area = 1
environment = "tst"
}
module "umanis_resource_group" {
source = "Umanis/resource-group/azurerm"
tags = module.umanis_tagging.tags
location = "France Central"
description = "Test resource group"
caf_prefixes = module.umanis_naming.resource_group_prefixes
}
module "umanis_storage_account" {
source = "Umanis/storage-account/azurerm"
resource_group_name = module.umanis_resource_group.name
description = "Test storage-account"
caf_prefixes = module.umanis_naming.resource_prefixes
instance_index = 1
}
| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| azurecaf | >= 1.2.16 |
| azurerm | >=3.0.2 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| instance_index | Resource type index on the resource group. | number |
n/a | yes |
| resource_group_name | Specifies the parent resource group name. | string |
n/a | yes |
| access_tier | Defines the access tier for BlobStorage and StorageV2 accounts. Valid options are Hot and Cool. | string |
"Hot" |
no |
| account_kind | The type of storage account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. | string |
"StorageV2" |
no |
| blob_soft_delete_retention_days | Specifies the number of days that the blob should be retained, between 1 and 365 days. Defaults to 7 |
number |
7 |
no |
| caf_prefixes | Prefixes to use for caf naming. | list(string) |
[] |
no |
| change_feed_enabled | Is the blob service properties for change feed events enabled ? | bool |
false |
no |
| container_soft_delete_retention_days | Specifies the number of days that the blob should be retained, between 1 and 365 days. Defaults to 7 |
number |
7 |
no |
| containers_list | List of containers to create and their access levels. | list(object({ name = string, access_type = string })) |
[] |
no |
| custom_location | Specifies a custom location for the resource. | string |
"" |
no |
| custom_name | Specifies a custom name for the resource. | string |
"" |
no |
| custom_tags | The custom tags to add on the resource. | map(string) |
{} |
no |
| description | The resource description. | string |
"" |
no |
| enable_advanced_threat_protection | Is advanced threat protection enabled. | bool |
false |
no |
| enable_versioning | Is blob versioning enabled? Default to false |
bool |
false |
no |
| file_shares | List of file shares to create and their quotas. | list(object({ name = string, quota = number })) |
[] |
no |
| is_hns_enabled | Is Hierarchical namespace enabled. This can only be true when sku is Standard or when account_tier is Premium and account_kind is BlockBlobStorage | bool |
false |
no |
| last_access_time_enabled | Is the last access time based tracking enabled? Default to false |
bool |
false |
no |
| network_rules | Network rules restricing access to the storage account. | object({ bypass = list(string), ip_rules = list(string), subnet_ids = list(string) }) |
null |
no |
| queues | List of storages queues | list(string) |
[] |
no |
| shared_access_key_enabled | Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). | bool |
true |
no |
| skuname | The SKUs supported by Microsoft Azure Storage. Valid options are Premium_LRS, Premium_ZRS, Standard_GRS, Standard_GZRS, Standard_LRS, Standard_RAGRS, Standard_RAGZRS, Standard_ZRS | string |
"Standard_LRS" |
no |
| static_website | Static web site configuration. static_website can only be set when the account_kind is set to StorageV2 or BlockBlobStorage. | object({ index_document = string, error_404_document = string }) |
null |
no |
| tables | List of storage tables. | list(string) |
[] |
no |
| Name | Description |
|---|---|
| containers | Map of containers. |
| file_shares | Map of Storage SMB file shares. |
| queues | Map of Storage queues. |
| storage_account_id | The ID of the storage account. |
| storage_account_name | The name of the storage account. |
| storage_account_primary_location | The primary location of the storage account |
| storage_account_primary_web_endpoint | The endpoint URL for web storage in the primary location. |
| storage_account_primary_web_host | The hostname with port if applicable for web storage in the primary location. |
| storage_account_secondary_location | The secondary location of the storage account |
| storage_account_secondary_web_endpoint | The endpoint URL for web storage in the secondary location. |
| storage_account_secondary_web_host | The hostname with port if applicable for web storage in the secondary location. |
| storage_primary_access_key | The primary access key for the storage account |
| storage_primary_connection_string | The primary connection string for the storage account |
| storage_secondary_access_key | The primary access key for the storage account. |
| storage_secondary_connection_string | The secondary connection string for the storage account |
| tables | Map of Storage tables. |
Terraform Azure resource group documentation: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account
Terraform Azure CAF Naming documentation: https://registry.terraform.io/providers/aztfmod/azurecaf/latest/docs/resources/azurecaf_name