Merge pull request #2 from clouddrove/1.0.0

update module
clouddrove · Dec 12, 2022 · 2a086bd · 2a086bd
2 parents 11430f2 + 3e15f62
commit 2a086bd
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 8 deletions.
diff --git a/_example/example.tf b/_example/example.tf
@@ -7,8 +7,8 @@ module "resource_group" {
   source = "clouddrove/resource-group/azure"
 
   label_order = ["name", "environment", ]
-  name        = "trustspherstoraget"
-  environment = "staging"
+  name        = "app"
+  environment = "test"
   location    = "North Europe"
 }
 
@@ -20,6 +20,14 @@ module "storage" {
   account_kind             = "BlobStorage"
   account_tier             = "Standard"
   account_replication_type = "GRS"
+  is_hns_enabled           = true
+  sftp_enabled             = true
+  network_rules = [
+    {
+    ip_rules = ["0.0.0.0/0"]
+    bypass  = ["AzureServices"]
+   }
+  ]
 
   containers_list = [
     { name = "mystore250", access_type = "private" },

diff --git a/main.tf b/main.tf
@@ -28,6 +28,8 @@ resource "azurerm_storage_account" "storage" {
   account_replication_type  = var.account_replication_type
   enable_https_traffic_only = var.enable_https_traffic_only
   min_tls_version           = var.min_tls_version
+  is_hns_enabled            = var.is_hns_enabled
+  sftp_enabled              = var.sftp_enabled
   tags                      = module.labels.tags
 
   blob_properties {
@@ -37,12 +39,13 @@ resource "azurerm_storage_account" "storage" {
   }
 
   dynamic "network_rules" {
-    for_each = var.network_rules != null ? ["true"] : []
+    for_each = var.network_rules
     content {
       default_action             = "Deny"
-      bypass                     = var.network_rules.bypass
-      ip_rules                   = var.network_rules.ip_rules
-      virtual_network_subnet_ids = var.network_rules.subnet_ids
+      ip_rules                   = lookup(network_rules.value, "ip_rules", null )
+      virtual_network_subnet_ids = lookup(network_rules.value, "virtual_network_subnet_ids", null )
+      bypass                     = lookup(network_rules.value, "bypass", null)
+
     }
   }
 }

diff --git a/variables.tf b/variables.tf
@@ -108,8 +108,17 @@ variable "containers_list" {
 }
 
 variable "network_rules" {
-  type        = object({ bypass = list(string), ip_rules = list(string), subnet_ids = list(string) })
-  default     = null
+  type        = list(any)
+  default     = []
   description = "Network rules restricing access to the storage account."
 }
 
+variable "is_hns_enabled" {
+  type = bool
+  default = false
+}
+
+variable "sftp_enabled" {
+  type = bool
+  default = false
+}