-
Notifications
You must be signed in to change notification settings - Fork 29
/
Copy pathvariables-storage.tf
116 lines (101 loc) · 3.96 KB
/
variables-storage.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
variable "use_existing_storage_account" {
description = "Whether existing Storage Account should be used instead of creating a new one."
type = bool
default = false
}
variable "storage_account_id" {
description = "ID of the existing Storage Account to use."
type = string
default = null
}
variable "storage_account_kind" {
description = "Storage Account Kind."
type = string
default = "StorageV2"
}
variable "storage_account_min_tls_version" {
description = "Storage Account minimal TLS version."
type = string
default = "TLS1_2"
}
variable "storage_account_advanced_threat_protection_enabled" {
description = "Whether advanced threat protection is enabled. See documentation: https://docs.microsoft.com/en-us/azure/storage/common/storage-advanced-threat-protection?tabs=azure-portal"
type = bool
default = false
}
variable "storage_account_https_traffic_only_enabled" {
description = "Whether HTTPS traffic only is enabled for Storage Account."
type = bool
default = true
}
variable "storage_account_identity_type" {
description = "Type of Managed Service Identity that should be configured on the Storage Account."
type = string
default = null
}
variable "storage_account_identity_ids" {
description = "Specifies a list of User Assigned Managed Identity IDs to be assigned to the Storage Account."
type = list(string)
default = null
}
variable "storage_account_network_rules_enabled" {
description = "Whether to enable Storage Account network default rules for functions."
type = bool
default = true
}
variable "storage_account_network_bypass" {
description = "Whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of `Logging`, `Metrics`, `AzureServices`, or `None`."
type = list(string)
default = ["Logging", "Metrics", "AzureServices"]
}
variable "storage_account_allowed_ips" {
description = "IPs restrictions for Function Storage Account in CIDR format."
type = list(string)
default = []
}
variable "rbac_storage_contributor_role_principal_ids" {
description = "The principal IDs of the users, groups, and service principals to assign the `Storage Account Contributor` role to."
type = list(string)
default = []
nullable = false
}
variable "rbac_storage_blob_role_principal_ids" {
description = "The principal IDs of the users, groups, and service principals to assign the `Storage Blob Data *` different roles to if Blob containers are created."
type = object({
owners = optional(list(string), [])
contributors = optional(list(string), [])
readers = optional(list(string), [])
})
default = {}
nullable = false
}
variable "rbac_storage_file_role_principal_ids" {
description = "The principal IDs of the users, groups, and service principals to assign the `Storage File Data *` different roles to if File Shares are created."
type = object({
privileged_contributors = optional(list(string), [])
privileged_readers = optional(list(string), [])
smb_owners = optional(list(string), [])
smb_contributors = optional(list(string), [])
smb_readers = optional(list(string), [])
})
default = {}
nullable = false
}
variable "rbac_storage_table_role_principal_ids" {
description = "The principal IDs of the users, groups, and service principals to assign the `Storage Table Data *` role to."
type = object({
contributors = optional(list(string), [])
readers = optional(list(string), [])
})
default = {}
nullable = false
}
variable "rbac_storage_queue_contributor_role_principal_ids" {
description = "The principal IDs of the users, groups, and service principals to assign the `Storage Queue Data *` role to."
type = object({
contributors = optional(list(string), [])
readers = optional(list(string), [])
})
default = {}
nullable = false
}