search

Azure / terraform-azurerm-avm-res-storage-storageaccount

This Terraform module is designed to create Azure Storage Accounts and its related resources, including blob containers, queues, tables, and file shares. It also supports the creation of a storage account private endpoint which provides secure and direct connectivity to Azure Storage over a private network.
https://registry.terraform.io/modules/Azure/avm-res-storage-storageaccount
MIT License
19 stars 27 forks source link

[AVM Module Issue]: Module fails to complete creation when Public access is restricted by policy #149

Closed ebrookman closed 2 weeks ago

ebrookman commented 3 weeks ago

Check for previous/existing GitHub issues

Issue Type?

Bug

(Optional) Module Version

0.2.3

(Optional) Correlation Id

No response

Description

module "epic_sa" {
    source = "Azure/avm-res-storage-storageaccount/azurerm"
    version = "0.2.3"

    name                    = format("sa-bugreport-%s", var.primary_region_short_name)
    resource_group_name     = data.azurerm_resource_group.rg.name
    location                = data.azurerm_resource_group.rg.location
    account_tier            = "Standard"
    account_replication_type = "LRS"
    account_kind = "StorageV2"
    public_network_access_enabled = false
    infrastructure_encryption_enabled = true
    shared_access_key_enabled = false

    private_endpoints = {
        for endpoint, private_ip in local.endpoints :
        endpoint => {
            name = format("pe-${endpoint}-%s", var.primary_region_short_name)
            subnet_resource_id = data.azurerm_subnet.subnet.id
            subresource_name = endpoint
            ip_configurations = {
                staticIpConfig = {
                    name = "staticIpConfig"
                    private_ip_address = private_ip
                }
            }
        }
    }

    tags = {
        "Environment" = "DEV"

    }

}

When running this module as configured, I get the following error: image

chinthakaru commented 3 weeks ago

@ebrookman Thank you for reaching out. Set the storage_use_azuread flag to true and conduct another test. This is documented in the readme.

provider "azurerm" {
  features {}
  storage_use_azuread = true
}
microsoft-github-policy-service[bot] commented 2 weeks ago
microsoft-github-policy-service[bot] commented 2 weeks ago

[!IMPORTANT] @ebrookman, this issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment.

microsoft-github-policy-service[bot] commented 2 weeks ago

[!WARNING] @ebrookman, this issue will now be closed, as it has been marked as requiring author feedback but has not had any activity for 7 days.