tfdocs.md

Module documentation

Required Inputs

The following input variables are required:

containers

Description: Definition of Storage Containers configuration, including optional immutability policy settings.

Type:

map(object({
    container_name        = string
    container_access_type = string
    immutability_policy = optional(object({
      is_locked                           = optional(bool, false)
      immutability_period_in_days         = optional(number, 0)
      protected_append_writes_all_enabled = optional(bool, false)
      protected_append_writes_enabled     = optional(bool, false)
    }))
  }))

location

Description: The location/region where the Storage Account is created.

Type: string

log_analytics_workspace_id

Description: Id of the log analytics workspace to send resource logging to via diagnostic settings

Type: string

monitor_diagnostic_setting_storage_account_enabled_logs

Description: Controls what logs will be enabled for the storage

Type: list(string)

monitor_diagnostic_setting_storage_account_metrics

Description: Controls what metrics will be enabled for the storage

Type: list(string)

name

Description: The name of the Storage Account.

Type: string

private_endpoint_properties

Description: Consolidated properties for the Function App Private Endpoint.

Type:

object({
    private_dns_zone_ids_blob            = optional(list(string), [])
    private_dns_zone_ids_table           = optional(list(string), [])
    private_dns_zone_ids_queue           = optional(list(string), [])
    private_endpoint_enabled             = optional(bool, false)
    private_endpoint_subnet_id           = optional(string, "")
    private_endpoint_resource_group_name = optional(string, "")
    private_service_connection_is_manual = optional(bool, false)
  })

resource_group_name

Description: The name of the resource group in which to create the Storage Account. Changing this forces a new resource to be created.

Type: string

Optional Inputs

The following input variables are optional (have default values):

access_tier

Description: Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot, Cool, Cold and Premium.

Type: string

Default: "Hot"

account_replication_type

Description: The type of replication to use for this Storage Account. Can be either LRS, GRS, RAGRS or ZRS.

Type: string

Default: "LRS"

account_tier

Description: Defines the Tier to use for this storage account. Valid options are Standard and Premium.

Type: string

Default: "Standard"

action_group_id

Description: ID of the action group to notify.

Type: string

Default: null

alert_window_size

Description: The period of time that is used to monitor alert activity e.g. PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H. The interval between checks is adjusted accordingly.

Type: string

Default: "PT5M"

availability_low_threshold

Description: This will alert of storage queue transactions is higher that given value, default will be 99.

Type: number

Default: 99

blob_properties_delete_retention_policy

Description: The value set for blob properties delete retention policy.

Type: number

Default: null

blob_properties_versioning_enabled

Description: To enable versioning for blob.

Type: bool

Default: false

enable_alerting

Description: Whether monitoring and alerting is enabled for the PostgreSQL Flexible Server.

Type: bool

Default: false

public_network_access_enabled

Description: Controls whether data in the account may be accessed from public networks.

Type: bool

Default: false

queue_transactions_high_threshold

Description: This will alert of storage queue transactions is higher that given value, default will be 1000.

Type: number

Default: 1000

queues

Description: List of Storage Queues to create.

Type: list(string)

Default: []

rbac_roles

Description: List of RBAC roles to assign to the Storage Account.

Type: list(string)

Default: []

storage_account_service

Description: n/a

Type: set(string)

Default:

[
  "blobServices",
  "queueServices",
  "tableServices",
  "fileServices"
]

success_e2e_latency_threshold

Description: This will alert if the E2E success latency is higher that given value (in milliseconds), default will be 500.

Type: number

Default: 500

tags

Description: Resource tags to be applied throughout the deployment.

Type: map(string)

Default: {}

Modules

The following Modules are called:

diagnostic-settings

Source: ../diagnostic-settings

Version:

private_endpoint_blob_storage

Source: ../private-endpoint

Version:

private_endpoint_queue_storage

Source: ../private-endpoint

Version:

private_endpoint_table_storage

Source: ../private-endpoint

Version:

rbac_assignments

Source: ../rbac-assignment

Version:

Outputs

The following outputs are exported:

primary_blob_endpoint_name

Description: Name of blob storage endpoint

storage_account_id

Description: The ID of the created Storage Account

storage_account_name

Description: The name of the created Storage Account

storage_account_primary_access_key

Description: n/a

storage_account_primary_connection_string

Description: n/a

storage_containers

Description: n/a

Resources

The following resources are used by this module:

• azurerm_monitor_metric_alert.availability_low (resource)
• azurerm_monitor_metric_alert.storage_queue_transactions_high (resource)
• azurerm_monitor_metric_alert.success_E2E_latency (resource)
• azurerm_storage_account.storage_account (resource)
• azurerm_storage_container.container (resource)
• azurerm_storage_container_immutability_policy.policy (resource)
• azurerm_storage_queue.queue (resource)
• azurerm_client_config.current (data source)