Storage
data class StorageAccountArgs(val accessTier: Output<AccessTier>? = null, val accountName: Output<String>? = null, val allowBlobPublicAccess: Output<Boolean>? = null, val allowSharedKeyAccess: Output<Boolean>? = null, val azureFilesIdentityBasedAuthentication: Output<AzureFilesIdentityBasedAuthenticationArgs>? = null, val customDomain: Output<CustomDomainArgs>? = null, val enableHttpsTrafficOnly: Output<Boolean>? = null, val enableNfsV3: Output<Boolean>? = null, val encryption: Output<EncryptionArgs>? = null, val extendedLocation: Output<ExtendedLocationArgs>? = null, val identity: Output<IdentityArgs>? = null, val isHnsEnabled: Output<Boolean>? = null, val keyPolicy: Output<KeyPolicyArgs>? = null, val kind: Output<Either<String, Kind>>? = null, val largeFileSharesState: Output<Either<String, LargeFileSharesState>>? = null, val location: Output<String>? = null, val minimumTlsVersion: Output<Either<String, MinimumTlsVersion>>? = null, val networkRuleSet: Output<NetworkRuleSetArgs>? = null, val resourceGroupName: Output<String>? = null, val routingPreference: Output<RoutingPreferenceArgs>? = null, val sasPolicy: Output<SasPolicyArgs>? = null, val sku: Output<SkuArgs>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<StorageAccountArgs>
The storage account. API Version: 2021-02-01.
Example Usage
NfsV3AccountCreate
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
{
AccountName = "sto4445",
EnableHttpsTrafficOnly = false,
EnableNfsV3 = true,
IsHnsEnabled = true,
Kind = "BlockBlobStorage",
Location = "eastus",
NetworkRuleSet = new AzureNative.Storage.Inputs.NetworkRuleSetArgs
{
Bypass = "AzureServices",
DefaultAction = AzureNative.Storage.DefaultAction.Allow,
IpRules = new[] {},
VirtualNetworkRules = new[]
{
new AzureNative.Storage.Inputs.VirtualNetworkRuleArgs
{
VirtualNetworkResourceId = "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12",
},
},
},
ResourceGroupName = "res9101",
Sku = new AzureNative.Storage.Inputs.SkuArgs
{
Name = "Premium_LRS",
},
});
});Content copied to clipboard
package main
import (
storage "github.com/pulumi/pulumi-azure-native-sdk/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := storage.NewStorageAccount(ctx, "storageAccount", &storage.StorageAccountArgs{
AccountName: pulumi.String("sto4445"),
EnableHttpsTrafficOnly: pulumi.Bool(false),
EnableNfsV3: pulumi.Bool(true),
IsHnsEnabled: pulumi.Bool(true),
Kind: pulumi.String("BlockBlobStorage"),
Location: pulumi.String("eastus"),
NetworkRuleSet: storage.NetworkRuleSetResponse{
Bypass: pulumi.String("AzureServices"),
DefaultAction: storage.DefaultActionAllow,
IpRules: storage.IPRuleArray{},
VirtualNetworkRules: storage.VirtualNetworkRuleArray{
&storage.VirtualNetworkRuleArgs{
VirtualNetworkResourceId: pulumi.String("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"),
},
},
},
ResourceGroupName: pulumi.String("res9101"),
Sku: &storage.SkuArgs{
Name: pulumi.String("Premium_LRS"),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.storage.StorageAccount;
import com.pulumi.azurenative.storage.StorageAccountArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
.accountName("sto4445")
.enableHttpsTrafficOnly(false)
.enableNfsV3(true)
.isHnsEnabled(true)
.kind("BlockBlobStorage")
.location("eastus")
.networkRuleSet(Map.ofEntries(
Map.entry("bypass", "AzureServices"),
Map.entry("defaultAction", "Allow"),
Map.entry("ipRules", ),
Map.entry("virtualNetworkRules", Map.of("virtualNetworkResourceId", "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"))
))
.resourceGroupName("res9101")
.sku(Map.of("name", "Premium_LRS"))
.build());
}
}Content copied to clipboard
StorageAccountCreate
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
{
AccountName = "sto4445",
AllowBlobPublicAccess = false,
AllowSharedKeyAccess = true,
Encryption = new AzureNative.Storage.Inputs.EncryptionArgs
{
KeySource = "Microsoft.Storage",
RequireInfrastructureEncryption = false,
Services = new AzureNative.Storage.Inputs.EncryptionServicesArgs
{
Blob = new AzureNative.Storage.Inputs.EncryptionServiceArgs
{
Enabled = true,
KeyType = "Account",
},
File = new AzureNative.Storage.Inputs.EncryptionServiceArgs
{
Enabled = true,
KeyType = "Account",
},
},
},
ExtendedLocation = new AzureNative.Storage.Inputs.ExtendedLocationArgs
{
Name = "losangeles001",
Type = "EdgeZone",
},
IsHnsEnabled = true,
KeyPolicy = new AzureNative.Storage.Inputs.KeyPolicyArgs
{
KeyExpirationPeriodInDays = 20,
},
Kind = "Storage",
Location = "eastus",
MinimumTlsVersion = "TLS1_2",
ResourceGroupName = "res9101",
RoutingPreference = new AzureNative.Storage.Inputs.RoutingPreferenceArgs
{
PublishInternetEndpoints = true,
PublishMicrosoftEndpoints = true,
RoutingChoice = "MicrosoftRouting",
},
SasPolicy = new AzureNative.Storage.Inputs.SasPolicyArgs
{
ExpirationAction = "Log",
SasExpirationPeriod = "1.15:59:59",
},
Sku = new AzureNative.Storage.Inputs.SkuArgs
{
Name = "Standard_GRS",
},
Tags =
{
{ "key1", "value1" },
{ "key2", "value2" },
},
});
});Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.storage.StorageAccount;
import com.pulumi.azurenative.storage.StorageAccountArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
.accountName("sto4445")
.allowBlobPublicAccess(false)
.allowSharedKeyAccess(true)
.encryption(Map.ofEntries(
Map.entry("keySource", "Microsoft.Storage"),
Map.entry("requireInfrastructureEncryption", false),
Map.entry("services", Map.ofEntries(
Map.entry("blob", Map.ofEntries(
Map.entry("enabled", true),
Map.entry("keyType", "Account")
)),
Map.entry("file", Map.ofEntries(
Map.entry("enabled", true),
Map.entry("keyType", "Account")
))
))
))
.extendedLocation(Map.ofEntries(
Map.entry("name", "losangeles001"),
Map.entry("type", "EdgeZone")
))
.isHnsEnabled(true)
.keyPolicy(Map.of("keyExpirationPeriodInDays", 20))
.kind("Storage")
.location("eastus")
.minimumTlsVersion("TLS1_2")
.resourceGroupName("res9101")
.routingPreference(Map.ofEntries(
Map.entry("publishInternetEndpoints", true),
Map.entry("publishMicrosoftEndpoints", true),
Map.entry("routingChoice", "MicrosoftRouting")
))
.sasPolicy(Map.ofEntries(
Map.entry("expirationAction", "Log"),
Map.entry("sasExpirationPeriod", "1.15:59:59")
))
.sku(Map.of("name", "Standard_GRS"))
.tags(Map.ofEntries(
Map.entry("key1", "value1"),
Map.entry("key2", "value2")
))
.build());
}
}Content copied to clipboard
StorageAccountCreateUserAssignedEncryptionIdentityWithCMK
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var storageAccount = new AzureNative.Storage.StorageAccount("storageAccount", new()
{
AccountName = "sto4445",
Encryption = new AzureNative.Storage.Inputs.EncryptionArgs
{
EncryptionIdentity = new AzureNative.Storage.Inputs.EncryptionIdentityArgs
{
EncryptionUserAssignedIdentity = "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
},
KeySource = "Microsoft.Keyvault",
KeyVaultProperties = new AzureNative.Storage.Inputs.KeyVaultPropertiesArgs
{
KeyName = "wrappingKey",
KeyVaultUri = "https://myvault8569.vault.azure.net",
KeyVersion = "",
},
Services = new AzureNative.Storage.Inputs.EncryptionServicesArgs
{
Blob = new AzureNative.Storage.Inputs.EncryptionServiceArgs
{
Enabled = true,
KeyType = "Account",
},
File = new AzureNative.Storage.Inputs.EncryptionServiceArgs
{
Enabled = true,
KeyType = "Account",
},
},
},
Identity = new AzureNative.Storage.Inputs.IdentityArgs
{
Type = "UserAssigned",
UserAssignedIdentities =
{
{ "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}", null },
},
},
Kind = "Storage",
Location = "eastus",
ResourceGroupName = "res9101",
Sku = new AzureNative.Storage.Inputs.SkuArgs
{
Name = "Standard_LRS",
},
});
});Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.storage.StorageAccount;
import com.pulumi.azurenative.storage.StorageAccountArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var storageAccount = new StorageAccount("storageAccount", StorageAccountArgs.builder()
.accountName("sto4445")
.encryption(Map.ofEntries(
Map.entry("encryptionIdentity", Map.of("encryptionUserAssignedIdentity", "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}")),
Map.entry("keySource", "Microsoft.Keyvault"),
Map.entry("keyVaultProperties", Map.ofEntries(
Map.entry("keyName", "wrappingKey"),
Map.entry("keyVaultUri", "https://myvault8569.vault.azure.net"),
Map.entry("keyVersion", "")
)),
Map.entry("services", Map.ofEntries(
Map.entry("blob", Map.ofEntries(
Map.entry("enabled", true),
Map.entry("keyType", "Account")
)),
Map.entry("file", Map.ofEntries(
Map.entry("enabled", true),
Map.entry("keyType", "Account")
))
))
))
.identity(Map.ofEntries(
Map.entry("type", "UserAssigned"),
Map.entry("userAssignedIdentities", Map.of("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}", ))
))
.kind("Storage")
.location("eastus")
.resourceGroupName("res9101")
.sku(Map.of("name", "Standard_LRS"))
.build());
}
}Content copied to clipboard
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:storage:StorageAccount sto4445 /subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445Content copied to clipboard
Constructors
Link copied to clipboard
constructor(accessTier: Output<AccessTier>? = null, accountName: Output<String>? = null, allowBlobPublicAccess: Output<Boolean>? = null, allowSharedKeyAccess: Output<Boolean>? = null, azureFilesIdentityBasedAuthentication: Output<AzureFilesIdentityBasedAuthenticationArgs>? = null, customDomain: Output<CustomDomainArgs>? = null, enableHttpsTrafficOnly: Output<Boolean>? = null, enableNfsV3: Output<Boolean>? = null, encryption: Output<EncryptionArgs>? = null, extendedLocation: Output<ExtendedLocationArgs>? = null, identity: Output<IdentityArgs>? = null, isHnsEnabled: Output<Boolean>? = null, keyPolicy: Output<KeyPolicyArgs>? = null, kind: Output<Either<String, Kind>>? = null, largeFileSharesState: Output<Either<String, LargeFileSharesState>>? = null, location: Output<String>? = null, minimumTlsVersion: Output<Either<String, MinimumTlsVersion>>? = null, networkRuleSet: Output<NetworkRuleSetArgs>? = null, resourceGroupName: Output<String>? = null, routingPreference: Output<RoutingPreferenceArgs>? = null, sasPolicy: Output<SasPolicyArgs>? = null, sku: Output<SkuArgs>? = null, tags: Output<Map<String, String>>? = null)
Properties
Link copied to clipboard
Required for storage accounts where kind = BlobStorage. The access tier used for billing.
Link copied to clipboard
The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
Link copied to clipboard
Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.
Link copied to clipboard
Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.
Link copied to clipboard
val azureFilesIdentityBasedAuthentication: Output<AzureFilesIdentityBasedAuthenticationArgs>? = null
Provides the identity based authentication settings for Azure Files.
Link copied to clipboard
User domain assigned to the storage account. Name is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.
Link copied to clipboard
Allows https traffic only to storage service if sets to true. The default value is true since API version 2019-04-01.
Link copied to clipboard
NFS 3.0 protocol support enabled if set to true.
Link copied to clipboard
Not applicable. Azure Storage encryption is enabled for all storage accounts and cannot be disabled.
Link copied to clipboard
Optional. Set the extended location of the resource. If not set, the storage account will be created in Azure main region. Otherwise it will be created in the specified extended location
Link copied to clipboard
The identity of the resource.
Link copied to clipboard
Account HierarchicalNamespace enabled if sets to true.
Link copied to clipboard
KeyPolicy assigned to the storage account.
Link copied to clipboard
Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.
Link copied to clipboard
Required. Gets or sets the location of the resource. This will be one of the supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). The geo region of a resource cannot be changed once it is created, but if an identical geo region is specified on update, the request will succeed.
Link copied to clipboard
Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.
Link copied to clipboard
Network rule set
Link copied to clipboard
The name of the resource group within the user's subscription. The name is case insensitive.
Link copied to clipboard
Maintains information about the network routing choice opted by the user for data transfer
Link copied to clipboard
SasPolicy assigned to the storage account.
Link copied to clipboard
Gets or sets a list of key value pairs that describe the resource. These tags can be used for viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key with a length no greater than 128 characters and a value with a length no greater than 256 characters.