Open kevinmatthews-kpmg opened 3 years ago
This feature is now GA: https://azure.microsoft.com/en-us/updates/storage-resource-instance-rules-ga/
It appears that the REST APIs for creating Storage Accounts support this feature: https://docs.microsoft.com/en-us/rest/api/storagerp/storage-accounts/create?tabs=HTTP#networkruleset
is there a workaround to add resource instances via terraform?
It's supported today - it's just called private_link_access
:
A private_link_access block supports the following:
endpoint_resource_id - (Required) The ID of the Azure resource that should be allowed access to the target storage account.
endpoint_tenant_id - (Optional) The tenant id of the resource of the resource access rule to be granted access. Defaults to the current tenant id.
Community Note
Description
There is an option for resource instances in the firewall for storage accounts, this allows you to choose a resource type and resource instance that should be allowed through the firewall. An example of this might be to allow an azure synapse workspace to connect to the storage account
New or Affected Resource(s)
Potential Terraform Configuration
References
0000