Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Draft] Singular name example for storage #3474

Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,9 @@ trigger:
- main
paths:
include:
- '/modules/storage/storage-accounts/*'
- '/modules/storage/storage-account/*'
- '/modules/network/private-endpoints/*'
- '/.azuredevops/modulePipelines/ms.storage.storageaccounts.yml'
- '/.azuredevops/modulePipelines/ms.storage.storageaccount.yml'
- '/.azuredevops/pipelineTemplates/*.yml'
- '/utilities/pipelines/*'
exclude:
Expand All @@ -40,7 +40,7 @@ variables:
- template: '../../settings.yml'
- group: 'PLATFORM_VARIABLES'
- name: modulePath
value: '/modules/storage/storage-accounts'
value: '/modules/storage/storage-account'

stages:
- template: /.azuredevops/pipelineTemplates/stages.module.yml
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,18 +27,18 @@ on:
branches:
- main
paths:
- 'modules/storage/storage-accounts/**'
- 'modules/storage/storage-account/**'
- 'modules/network/private-endpoints/**'
- '.github/actions/templates/**'
- '.github/workflows/template.module.yml'
- '.github/workflows/ms.storage.storageaccounts.yml'
- '.github/workflows/ms.storage.storageaccount.yml'
- 'utilities/pipelines/**'
- '!utilities/pipelines/deploymentRemoval/**'
- '!*/**/README.md'

env:
modulePath: 'modules/storage/storage-accounts'
workflowPath: '.github/workflows/ms.storage.storageaccounts.yml'
modulePath: 'modules/storage/storage-account'
workflowPath: '.github/workflows/ms.storage.storageaccount.yml'

concurrency:
group: ${{ github.workflow }}
Expand Down
420 changes: 420 additions & 0 deletions Set-CARMLFoldersForPBRSingular.ps1

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Storage Accounts `[Microsoft.Storage/storageAccounts]`
# Storage Accounts `[Microsoft.Storage/storageAccount]`

This module deploys a Storage Account.

Expand Down Expand Up @@ -59,7 +59,7 @@ This module deploys a Storage Account.
| `allowedCopyScope` | string | `''` | `['', AAD, PrivateLink]` | Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. |
| `allowSharedKeyAccess` | bool | `True` | | Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true. |
| `azureFilesIdentityBasedAuthentication` | object | `{object}` | | Provides the identity based authentication settings for Azure Files. |
| `blobServices` | _[blobServices](blob-services/README.md)_ object | `{object}` | | Blob service and containers to deploy. |
| `blobServices` | object | `{object}` | | Blob service and containers to deploy. |
| `cMKKeyName` | string | `''` | | The name of the customer managed key to use for encryption. Cannot be deployed together with the parameter 'systemAssignedIdentity' enabled. |
| `cMKKeyVersion` | string | `''` | | The version of the customer managed key to reference for encryption. If not provided, latest is used. |
| `customDomainName` | string | `''` | | Sets the custom domain name assigned to the storage account. Name is the CNAME source. |
Expand All @@ -76,26 +76,26 @@ This module deploys a Storage Account.
| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). |
| `enableNfsV3` | bool | `False` | | If true, enables NFS 3.0 support for the storage account. Requires enableHierarchicalNamespace to be true. |
| `enableSftp` | bool | `False` | | If true, enables Secure File Transfer Protocol for the storage account. Requires enableHierarchicalNamespace to be true. |
| `fileServices` | _[fileServices](file-services/README.md)_ object | `{object}` | | File service and shares to deploy. |
| `fileServices` | object | `{object}` | | File service and shares to deploy. |
| `isLocalUserEnabled` | bool | `False` | | Enables local users feature, if set to true. |
| `kind` | string | `'StorageV2'` | `[BlobStorage, BlockBlobStorage, FileStorage, Storage, StorageV2]` | Type of Storage Account to create. |
| `largeFileSharesState` | string | `'Disabled'` | `[Disabled, Enabled]` | Allow large file shares if sets to 'Enabled'. It cannot be disabled once it is enabled. Only supported on locally redundant and zone redundant file shares. It cannot be set on FileStorage storage accounts (storage accounts for premium file shares). |
| `localUsers` | _[localUsers](local-users/README.md)_ array | `[]` | | Local users to deploy for SFTP authentication. |
| `localUsers` | array | `[]` | | Local users to deploy for SFTP authentication. |
| `location` | string | `[resourceGroup().location]` | | Location for all resources. |
| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. |
| `managementPolicyRules` | array | `[]` | | The Storage Account ManagementPolicies Rules. |
| `minimumTlsVersion` | string | `'TLS1_2'` | `[TLS1_0, TLS1_1, TLS1_2]` | Set the minimum TLS version on request to storage. |
| `networkAcls` | object | `{object}` | | Networks ACLs, this value contains IPs to whitelist and/or Subnet information. For security reasons, it is recommended to set the DefaultAction Deny. |
| `privateEndpoints` | array | `[]` | | Configuration details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible. |
| `publicNetworkAccess` | string | `''` | `['', Disabled, Enabled]` | Whether or not public network access is allowed for this resource. For security reasons it should be disabled. If not specified, it will be disabled by default if private endpoints are set and networkAcls are not set. |
| `queueServices` | _[queueServices](queue-services/README.md)_ object | `{object}` | | Queue service and queues to create. |
| `queueServices` | object | `{object}` | | Queue service and queues to create. |
| `requireInfrastructureEncryption` | bool | `True` | | A Boolean indicating whether or not the service applies a secondary layer of encryption with platform managed keys for data at rest. For security reasons, it is recommended to set it to true. |
| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. |
| `sasExpirationPeriod` | string | `''` | | The SAS expiration period. DD.HH:MM:SS. |
| `skuName` | string | `'Standard_GRS'` | `[Premium_LRS, Premium_ZRS, Standard_GRS, Standard_GZRS, Standard_LRS, Standard_RAGRS, Standard_RAGZRS, Standard_ZRS]` | Storage Account Sku Name. |
| `supportsHttpsTrafficOnly` | bool | `True` | | Allows HTTPS traffic only to storage service if sets to true. |
| `systemAssignedIdentity` | bool | `False` | | Enables system assigned managed identity on the resource. |
| `tableServices` | _[tableServices](table-services/README.md)_ object | `{object}` | | Table service and tables to create. |
| `tableServices` | object | `{object}` | | Table service and tables to create. |
| `tags` | object | `{object}` | | Tags of the resource. |
| `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. |

Expand Down Expand Up @@ -426,7 +426,7 @@ The following module usage examples are retrieved from the content of the files
<summary>via Bicep module</summary>

```bicep
module storageAccounts './storage/storage-accounts/main.bicep' = {
module storageAccount './storage/storage-account/main.bicep' = {
name: '${uniqueString(deployment().name, location)}-test-ssacom'
params: {
// Required parameters
Expand Down Expand Up @@ -891,7 +891,7 @@ module storageAccounts './storage/storage-accounts/main.bicep' = {
<summary>via Bicep module</summary>

```bicep
module storageAccounts './storage/storage-accounts/main.bicep' = {
module storageAccount './storage/storage-account/main.bicep' = {
name: '${uniqueString(deployment().name, location)}-test-ssaencr'
params: {
// Required parameters
Expand Down Expand Up @@ -1058,7 +1058,7 @@ module storageAccounts './storage/storage-accounts/main.bicep' = {
<summary>via Bicep module</summary>

```bicep
module storageAccounts './storage/storage-accounts/main.bicep' = {
module storageAccount './storage/storage-account/main.bicep' = {
name: '${uniqueString(deployment().name, location)}-test-ssamin'
params: {
// Required parameters
Expand Down Expand Up @@ -1107,7 +1107,7 @@ module storageAccounts './storage/storage-accounts/main.bicep' = {
<summary>via Bicep module</summary>

```bicep
module storageAccounts './storage/storage-accounts/main.bicep' = {
module storageAccount './storage/storage-account/main.bicep' = {
name: '${uniqueString(deployment().name, location)}-test-ssanfs'
params: {
// Required parameters
Expand Down Expand Up @@ -1252,7 +1252,7 @@ module storageAccounts './storage/storage-accounts/main.bicep' = {
<summary>via Bicep module</summary>

```bicep
module storageAccounts './storage/storage-accounts/main.bicep' = {
module storageAccount './storage/storage-account/main.bicep' = {
name: '${uniqueString(deployment().name, location)}-test-ssav1'
params: {
// Required parameters
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Storage Account blob Services `[Microsoft.Storage/storageAccounts/blobServices]`
# Storage Account blob Services `[Microsoft.Storage/storageAccount/blobService]`

This module deploys a Storage Account Blob Service.

Expand Down Expand Up @@ -37,7 +37,7 @@ This module deploys a Storage Account Blob Service.
| `containerDeleteRetentionPolicyAllowPermanentDelete` | bool | `False` | | This property when set to true allows deletion of the soft deleted blob versions and snapshots. This property cannot be used blob restore policy. This property only applies to blob service and does not apply to containers or file share. |
| `containerDeleteRetentionPolicyDays` | int | `7` | | Indicates the number of days that the deleted item should be retained. |
| `containerDeleteRetentionPolicyEnabled` | bool | `True` | | The blob service properties for container soft delete. Indicates whether DeleteRetentionPolicy is enabled. |
| `containers` | _[containers](containers/README.md)_ array | `[]` | | Blob containers to create. |
| `containers` | array | `[]` | | Blob containers to create. |
| `corsRules` | array | `[]` | | Specifies CORS rules for the Blob service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Blob service. |
| `defaultServiceVersion` | string | `''` | | Indicates the default version to use for requests to the Blob service if an incoming request's version is not specified. Possible values include version 2008-10-27 and all more recent versions. |
| `deleteRetentionPolicyDays` | int | `7` | | Indicates the number of days that the deleted blob should be retained. |
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Storage Account Blob Containers `[Microsoft.Storage/storageAccounts/blobServices/containers]`
# Storage Account Blob Containers `[Microsoft.Storage/storageAccount/blobService/container]`

This module deploys a Storage Account Blob Container.

Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Storage Account Blob Container Immutability Policies `[Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies]`
# Storage Account Blob Container Immutability Policies `[Microsoft.Storage/storageAccount/blobService/container/immutabilityPolicy]`

This module deploys a Storage Account Blob Container Immutability Policy.

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ resource container 'Microsoft.Storage/storageAccounts/blobServices/containers@20
}
}

module immutabilityPolicy 'immutability-policies/main.bicep' = if (!empty(immutabilityPolicyProperties)) {
module immutabilityPolicy 'immutability-policy/main.bicep' = if (!empty(immutabilityPolicyProperties)) {
name: immutabilityPolicyName
params: {
storageAccountName: storageAccount.name
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -195,7 +195,7 @@ resource blobServices_diagnosticSettings 'Microsoft.Insights/diagnosticSettings@
scope: blobServices
}

module blobServices_container 'containers/main.bicep' = [for (container, index) in containers: {
module blobServices_container 'container/main.bicep' = [for (container, index) in containers: {
name: '${deployment().name}-Container-${index}'
params: {
storageAccountName: storageAccount.name
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Storage Account File Share Services `[Microsoft.Storage/storageAccounts/fileServices]`
# Storage Account File Share Services `[Microsoft.Storage/storageAccount/fileService]`

This module deploys a Storage Account File Share Service.

Expand Down Expand Up @@ -42,7 +42,7 @@ This module deploys a Storage Account File Share Service.
| `name` | string | `'default'` | | The name of the file service. |
| `protocolSettings` | object | `{object}` | | Protocol settings for file service. |
| `shareDeleteRetentionPolicy` | object | `{object}` | | The service properties for soft delete. |
| `shares` | _[shares](shares/README.md)_ array | `[]` | | File shares to create. |
| `shares` | array | `[]` | | File shares to create. |


## Outputs
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ resource fileServices_diagnosticSettings 'Microsoft.Insights/diagnosticSettings@
scope: fileServices
}

module fileServices_shares 'shares/main.bicep' = [for (share, index) in shares: {
module fileServices_shares 'share/main.bicep' = [for (share, index) in shares: {
name: '${deployment().name}-shares-${index}'
params: {
storageAccountName: storageAccount.name
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Storage Account File Shares `[Microsoft.Storage/storageAccounts/fileServices/shares]`
# Storage Account File Shares `[Microsoft.Storage/storageAccount/fileService/share]`

This module deploys a Storage Account File Share.

Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Storage Account Local Users `[Microsoft.Storage/storageAccounts/localUsers]`
# Storage Account Local Users `[Microsoft.Storage/storageAccount/localUser]`

This module deploys a Storage Account Local User, which is used for SFTP authentication.

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -369,7 +369,7 @@ module storageAccount_privateEndpoints '../../network/private-endpoints/main.bic
}]

// Lifecycle Policy
module storageAccount_managementPolicies 'management-policies/main.bicep' = if (!empty(managementPolicyRules)) {
module storageAccount_managementPolicies 'management-policy/main.bicep' = if (!empty(managementPolicyRules)) {
name: '${uniqueString(deployment().name, location)}-Storage-ManagementPolicies'
params: {
storageAccountName: storageAccount.name
Expand All @@ -379,7 +379,7 @@ module storageAccount_managementPolicies 'management-policies/main.bicep' = if (
}

// SFTP user settings
module storageAccount_localUsers 'local-users/main.bicep' = [for (localUser, index) in localUsers: {
module storageAccount_localUsers 'local-user/main.bicep' = [for (localUser, index) in localUsers: {
name: '${uniqueString(deployment().name, location)}-Storage-LocalUsers-${index}'
params: {
storageAccountName: storageAccount.name
Expand All @@ -395,7 +395,7 @@ module storageAccount_localUsers 'local-users/main.bicep' = [for (localUser, ind
}]

// Containers
module storageAccount_blobServices 'blob-services/main.bicep' = if (!empty(blobServices)) {
module storageAccount_blobServices 'blob-service/main.bicep' = if (!empty(blobServices)) {
name: '${uniqueString(deployment().name, location)}-Storage-BlobServices'
params: {
storageAccountName: storageAccount.name
Expand Down Expand Up @@ -426,7 +426,7 @@ module storageAccount_blobServices 'blob-services/main.bicep' = if (!empty(blobS
}

// File Shares
module storageAccount_fileServices 'file-services/main.bicep' = if (!empty(fileServices)) {
module storageAccount_fileServices 'file-service/main.bicep' = if (!empty(fileServices)) {
name: '${uniqueString(deployment().name, location)}-Storage-FileServices'
params: {
storageAccountName: storageAccount.name
Expand All @@ -448,7 +448,7 @@ module storageAccount_fileServices 'file-services/main.bicep' = if (!empty(fileS
}

// Queue
module storageAccount_queueServices 'queue-services/main.bicep' = if (!empty(queueServices)) {
module storageAccount_queueServices 'queue-service/main.bicep' = if (!empty(queueServices)) {
name: '${uniqueString(deployment().name, location)}-Storage-QueueServices'
params: {
storageAccountName: storageAccount.name
Expand All @@ -465,7 +465,7 @@ module storageAccount_queueServices 'queue-services/main.bicep' = if (!empty(que
}

// Table
module storageAccount_tableServices 'table-services/main.bicep' = if (!empty(tableServices)) {
module storageAccount_tableServices 'table-service/main.bicep' = if (!empty(tableServices)) {
name: '${uniqueString(deployment().name, location)}-Storage-TableServices'
params: {
storageAccountName: storageAccount.name
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Storage Account Management Policies `[Microsoft.Storage/storageAccounts/managementPolicies]`
# Storage Account Management Policies `[Microsoft.Storage/storageAccount/managementPolicy]`

This module deploys a Storage Account Management Policy.

Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Storage Account Queue Services `[Microsoft.Storage/storageAccounts/queueServices]`
# Storage Account Queue Services `[Microsoft.Storage/storageAccount/queueService]`

This module deploys a Storage Account Queue Service.

Expand Down Expand Up @@ -39,7 +39,7 @@ This module deploys a Storage Account Queue Service.
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
| `diagnosticWorkspaceId` | string | `''` | | Resource ID of a log analytics workspace. |
| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). |
| `queues` | _[queues](queues/README.md)_ array | `[]` | | Queues to create. |
| `queues` | array | `[]` | | Queues to create. |


## Outputs
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ resource queueServices_diagnosticSettings 'Microsoft.Insights/diagnosticSettings
scope: queueServices
}

module queueServices_queues 'queues/main.bicep' = [for (queue, index) in queues: {
module queueServices_queues 'queue/main.bicep' = [for (queue, index) in queues: {
name: '${deployment().name}-Queue-${index}'
params: {
storageAccountName: storageAccount.name
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Storage Account Queues `[Microsoft.Storage/storageAccounts/queueServices/queues]`
# Storage Account Queues `[Microsoft.Storage/storageAccount/queueService/queue]`

This module deploys a Storage Account Queue.

Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Storage Account Table Services `[Microsoft.Storage/storageAccounts/tableServices]`
# Storage Account Table Services `[Microsoft.Storage/storageAccount/tableService]`

This module deploys a Storage Account Table Service.

Expand Down Expand Up @@ -38,7 +38,7 @@ This module deploys a Storage Account Table Service.
| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. |
| `diagnosticWorkspaceId` | string | `''` | | Resource ID of a log analytics workspace. |
| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). |
| `tables` | _[tables](tables/README.md)_ array | `[]` | | tables to create. |
| `tables` | array | `[]` | | tables to create. |


## Outputs
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ resource tableServices_diagnosticSettings 'Microsoft.Insights/diagnosticSettings
scope: tableServices
}

module tableServices_tables 'tables/main.bicep' = [for (tableName, index) in tables: {
module tableServices_tables 'table/main.bicep' = [for (tableName, index) in tables: {
name: '${deployment().name}-Table-${index}'
params: {
name: tableName
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Storage Account Table `[Microsoft.Storage/storageAccounts/tableServices/tables]`
# Storage Account Table `[Microsoft.Storage/storageAccount/tableService/table]`

This module deploys a Storage Account Table.

Expand Down