Skip to content

docs(azure-sa): update docs and added examples #891

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
pablosanchezpaz wants to merge 3 commits into from
Closed

docs(azure-sa): update docs and added examples #891

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
31f8c65
docs(azure-sa): update docs and added examples
pablosanchezpaz Feb 5, 2026
8c9151f
Update Readme
pablosanchezpaz Feb 10, 2026
1586ce3
docs(azure): update Readme
pablosanchezpaz Feb 10, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 48 additions & 0 deletions modules/azure-sa/.terraform-docs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
formatter: "markdown"

version: ""

header-from: docs/header.md
footer-from: docs/footer.md

recursive:
enabled: false
path: modules
include-main: true

sections:
hide: []
show: []

content: ""

output:
file: "README.md"
mode: inject
template: |-
<!-- BEGIN_TF_DOCS -->
{{ .Content }}
<!-- END_TF_DOCS -->

output-values:
enabled: false
from: ""

sort:
enabled: true
by: name

settings:
anchor: true
color: true
default: true
description: true
escape: true
hide-empty: false
html: true
indent: 2
lockfile: true
read-comments: true
required: true
sensitive: true
type: true
223 changes: 75 additions & 148 deletions modules/azure-sa/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,60 @@
<!-- BEGIN_TF_DOCS -->
# Azure Storage Account Terraform Module

## Overview

This Terraform module allows you to create and manage an Azure Storage Account, including:
- Advanced account configuration (tier, replication, network, TLS, etc.)
- Support for blobs, queues, tables, and shares
- Lifecycle policies and network rules
- Integration with subnets and advanced threat protection
- Flexible tagging and inheritance from the Resource Group

## Main features
- Create Storage Account with advanced configuration
- Support for containers, queues, tables, and shares
- Customizable lifecycle policies and network rules
- Integration with subnets and advanced protection
- Tag management and inheritance from Resource Group

## Requirements
- Terraform >= 1.7.0
- Provider azurerm ~> 4.38.1

## File structure

```
.
├── main.tf
├── variables.tf
├── outputs.tf
├── versions.tf
├── README.md
├── CHANGELOG.md
├── docs/
│ ├── header.md
│ └── footer.md
└── _examples/
├── basic/
│ └── main.tf
└── complete/
├── main.tf
└── values.yaml
```

## Basic usage example

```yaml
values:
resource_group_name: "rg_test"
storage_account:
name: "mystorageaccount"
account_tier: "Standard"
account_replication_type: "LRS"
```

> For a complete and advanced example, see the file at `_examples/complete/values.yaml`.

## Requirements

| Name | Version |
Expand Down Expand Up @@ -51,153 +108,23 @@ No modules.

| Name | Description |
|------|-------------|
| <a name="output_id"></a> [id](#output\_id) | ID of the storage account |
| <a name="output_id"></a> [id](#output\_id) | ID of the created Storage Account. |

## Example
---

```yaml
values:
# data values
resource_group_name: "rg_test"
allowed_subnets:
- name: "data"
vnet: "test-vnet"
resource_group: "rg-test"
- name: "video"
vnet: "test-vnet1"
resource_group: "rg-test1"
additional_allowed_subnet_ids:
- "/subscriptions/324ca80b-cea7-41ff-ac13-25441f452f33/resourceGroups/rg_test/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/test-subnet"
- "/subscriptions/c9e99a2d-e0cd-473b-935c-bc2e37ea8511/resourceGroups/rg_test/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/test-subnet1"

# storage account
storage_account:
name: "mystorageaccount"
account_tier: "Standard"
account_replication_type: "LRS"
account_kind: "StorageV2"
access_tier: "Hot"
cross_tenant_replication_enabled: false
https_traffic_only_enabled: true
min_tls_version: "TLS1_2"
public_network_access_enabled: true
identity:
type: "SystemAssigned"
blob_properties:
versioning_enabled: true
change_feed_enabled: true
delete_retention_policy:
days: 30
container_delete_retention_policy:
days: 15
restore_policy:
days: 10

# storage account network rules
network_rules:
default_action: "Deny"
bypass: "AzureServices"
private_link_access:
- endpoint_resource_id: "/subscriptions/xxxx/resourceGroups/xxxx/providers/Microsoft.Network/privateLinkService/xxxx"
endpoint_tenant_id: "66666666-7777-8888-9999-000000000000"
- endpoint_resource_id: "/subscriptions/yyyy/resourceGroups/yyyy/providers/Microsoft.Network/privateLinkService/yyyy"

# storage containers
containers:
- name: "test"
container_access_type: "private"
- name: "test2"
container_access_type: "private"

# storage queues
queues:
- name: "test"
metadata:
queuename: functionsqueue
queuelength: '5'
connection: STORAGE_CONNECTIONSTRING_ENV_NAME

# storage tables
tables:
- name: "Table1"
acl:
id: "policy1"
access_policy:
permissions: "rwd"
start: "2024-09-01T00:00:00Z"
expiry: "2024-09-30T23:59:59Z"

# storage shares
shares:
- name: "share1"
access_tier: "Hot"
enabled_protocol: "SMB"
quota: 100
metadata:
environment: "production"
owner: "teamA"
- name: "share2"
quota: 200
metadata:
environment: "staging"
acl:
- id: "policy2"
access_policy:
permissions: "r"
start: "2024-10-01T00:00:00Z"
expiry: "2024-10-31T23:59:59Z"
- name: "share3"
access_tier: "Cool"
quota: 50

# storage management policy rules
lifecycle_policy_rules:
- name: "rule1"
enabled: true
filters:
blob_types:
- "blockBlob"
prefix_match:
- "container1/prefix1"
match_blob_index_tag:
- name: "tag1"
operation: "=="
value: "val1"
actions:
base_blob:
tier_to_cool_after_days_since_modification_greater_than: 10
tier_to_archive_after_days_since_modification_greater_than: 50
delete_after_days_since_modification_greater_than: 100
snapshot:
delete_after_days_since_creation_greater_than: 30
version:
delete_after_days_since_creation: 90
- name: "rule2"
enabled: false
filters:
blob_types:
- "blockBlob"
prefix_match:
- "container2/prefix1"
- "container2/prefix2"
actions:
base_blob:
tier_to_cool_after_days_since_modification_greater_than: 11
tier_to_archive_after_days_since_modification_greater_than: 51
delete_after_days_since_modification_greater_than: 101
snapshot:
change_tier_to_cool_after_days_since_creation: 23
change_tier_to_archive_after_days_since_creation: 90
delete_after_days_since_creation_greater_than: 31
version:
change_tier_to_archive_after_days_since_creation: 9
change_tier_to_cool_after_days_since_creation: 90
delete_after_days_since_creation: 3
# tags
tags:
cliente: "test"
tenant: "test"
Producto: "test"
application: "test"
env: "test"
```
## Examples

For detailed examples, refer to the [module examples](https://github.com/prefapp/tfm/tree/main/modules/azure-sa/_examples):

- [basic](https://github.com/prefapp/tfm/tree/main/modules/azure-sa/_examples/basic) - Minimal Storage Account configuration with containers, queues, tables and shares.
- [complete](https://github.com/prefapp/tfm/tree/main/modules/azure-sa/_examples/complete) - Full example including network rules, lifecycle policies and multiple data services.

## Additional resources

- [Azure Storage Account](https://learn.microsoft.com/en-us/azure/storage/common/storage-account-overview)
- [Terraform AzureRM Provider](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account)
- [Official Terraform documentation](https://www.terraform.io/docs)

## Support
For issues, questions, or contributions related to this module, please visit the [repository's issue tracker](https://github.com/prefapp/tfm/issues).
<!-- END_TF_DOCS -->
16 changes: 16 additions & 0 deletions modules/azure-sa/_examples/basic/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
module "azure_sa" {
source = "../../"

resource_group_name = var.resource_group_name
allowed_subnets = var.allowed_subnets
additional_allowed_subnet_ids = var.additional_allowed_subnet_ids

storage_account = var.storage_account
network_rules = var.network_rules
containers = var.containers
queues = var.queues
tables = var.tables
shares = var.shares
lifecycle_policy_rules = var.lifecycle_policy_rules
tags = var.tags
}
18 changes: 18 additions & 0 deletions modules/azure-sa/_examples/complete/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
locals {
values = yamldecode(file("${path.module}/values.yaml"))
}

module "storage_account" {
source = "../.."
resource_group_name = local.values.resource_group_name
storage_account = local.values.storage_account
allowed_subnets = local.values.allowed_subnets
additional_allowed_subnet_ids = local.values.additional_allowed_subnet_ids
network_rules = local.values.network_rules
containers = local.values.containers
queues = local.values.queues
tables = local.values.tables
shares = local.values.shares
lifecycle_policy_rules = local.values.lifecycle_policy_rules
tags = local.values.tags
}
Loading