Azure Storage Accounts now support some Data-Protection configurations, for example versioning or soft deletion for blob-storages.
Would be great if this could be configured with Terraform as well.
resource "azurerm_storage_account" "example" {
name = "examplestoracc"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
data_protection = {
turn_on_versioning = true
turn_on_soft_deletion = true
keep_deleted_blobs_in_days = 7
...
}
}
https://docs.microsoft.com/en-us/azure/storage/blobs/versioning-overview?tabs=powershell
Upvoting, this has been available for a while now: https://azure.microsoft.com/en-gb/updates/azure-blob-versioning-is-now-general-available/
Current work around (not hugely ideal)
resource "azurerm_template_deployment" "asdf" {
name = "asdf"
resource_group_name = azurerm_resource_group.asdf.name
deployment_mode = "Incremental"
parameters = {
"storageAccount" = azurerm_storage_account.asdf.name
}
template_body = <<DEPLOY
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"storageAccount": {
"type": "string",
"metadata": {
"description": "Storage Account Name"}
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts/blobServices",
"apiVersion": "2019-06-01",
"name": "[concat(parameters('storageAccount'), '/default')]",
"properties": {
"IsVersioningEnabled": true
}
}
]
}
DEPLOY
}
The turn_on_soft_deletion
you can do today with a delete_retention_policy
:
resource "azurerm_storage_account" "storage_account_attachments" {
...
blob_properties {
delete_retention_policy {
days = 365
}
}
}
Most helpful comment
Upvoting, this has been available for a while now: https://azure.microsoft.com/en-gb/updates/azure-blob-versioning-is-now-general-available/
Current work around (not hugely ideal)