access_list |
Map of CIDRs Storage Account access. |
map(string) |
{} |
no |
access_tier |
Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts |
string |
"Hot" |
no |
account_kind |
Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2 |
string |
"StorageV2" |
no |
account_tier |
Defines the Tier to use for this storage account (Standard or Premium). |
string |
null |
no |
allow_nested_items_to_be_public |
Allow or disallow public access to all blobs or containers in the storage account. |
bool |
false |
no |
blob_cors |
blob service cors rules: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account#cors_rule |
map(object({ allowed_headers = list(string) allowed_methods = list(string) allowed_origins = list(string) exposed_headers = list(string) max_age_in_seconds = number })) |
null |
no |
blob_delete_retention_days |
Retention days for deleted blob. Valid value is between 1 and 365 (set to 0 to disable). |
number |
7 |
no |
blob_versioning_enabled |
Controls whether blob object versioning is enabled. |
bool |
false |
no |
container_delete_retention_days |
Retention days for deleted container. Valid value is between 1 and 365 (set to 0 to disable). |
number |
7 |
no |
custom_404_path |
path from your repo root to your custom 404 page |
string |
null |
no |
default_network_rule |
Specifies the default action of allow or deny when no other network rules match |
string |
"Deny" |
no |
enable_hns |
Enable Hierarchical Namespace (can be used with Azure Data Lake Storage Gen 2). |
bool |
false |
no |
enable_https_traffic_only |
Forces HTTPS if enabled. |
bool |
true |
no |
enable_large_file_share |
Enable Large File Share. |
bool |
false |
no |
enable_sftp |
Enable SFTP for storage account (enable_hns must be set to true for this to work). |
bool |
false |
no |
enable_static_website |
Controls if static website to be enabled on the storage account. Possible values are true or false |
bool |
false |
no |
encryption_scopes |
Encryption scopes, keys are scope names. more info https://docs.microsoft.com/en-us/azure/storage/common/infrastructure-encryption-enable?tabs=portal |
map(object({ enable_infrastructure_encryption = optional(bool) source = optional(string) })) |
{} |
no |
index_path |
path from your repo root to index.html |
string |
null |
no |
infrastructure_encryption_enabled |
Is infrastructure encryption enabled? Changing this forces a new resource to be created. |
bool |
true |
no |
location |
Specifies the supported Azure location to MySQL server resource |
string |
n/a |
yes |
min_tls_version |
The minimum supported TLS version for the storage account. |
string |
"TLS1_2" |
no |
name |
Storage account name |
string |
null |
no |
nfsv3_enabled |
Is NFSv3 protocol enabled? Changing this forces a new resource to be created |
bool |
false |
no |
replication_type |
Storage account replication type - i.e. LRS, GRS, RAGRS, ZRS, GZRS, RAGZRS. |
string |
n/a |
yes |
resource_group_name |
name of the resource group to create the resource |
string |
n/a |
yes |
service_endpoints |
Creates a virtual network rule in the subnet_id (values are virtual network subnet ids). |
map(string) |
{} |
no |
shared_access_key_enabled |
Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key |
bool |
false |
no |
tags |
tags to be applied to resources |
map(string) |
n/a |
yes |
traffic_bypass |
Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None. |
list(string) |
[ "None" ] |
no |