Define and customize Blueprints to set what infrastructure configuration options are available to developers.
---
constants:
__name: "{{ name }}_{{ __guid }}"
variables:
name:
desc: "Name of the storage account. Must be globally unique."
required: true
group: Storage Account Details
resource_group_name:
desc: "Name of the resource group."
required: true
group: Storage Account Details
links_to: resource.azurerm_resource_group.name
location:
desc: "Azure region where the storage account will be created."
required: true
group: Storage Account Details
default: "eastus"
account_tier:
desc: "Performance tier of the storage account."
required: false
group: Storage Account Details
default: "Standard"
suggested: "Standard"
account_replication_type:
desc: "Replication type for the storage account."
required: false
group: Storage Account Details
default: "LRS"
suggested: "LRS"
account_kind:
desc: "Kind of storage account."
required: false
group: Storage Account Details
default: "StorageV2"
suggested: "StorageV2"
access_tier:
desc: "Access tier for BlobStorage and StorageV2 accounts."
required: false
group: Storage Account Details
default: "Hot"
suggested: "Hot"
enable_https_traffic_only:
desc: "Enforce HTTPS traffic only."
required: false
group: Security
default: true
min_tls_version:
desc: "Minimum TLS version to be permitted on requests."
required: false
group: Security
default: "TLS1_2"
network_rules:
group: Network Rules
required: false
advanced: true
tags:
group: Tags
required: false
groups:
Storage Account Details:
order: 1
desc: "Basic settings for the storage account."
Security:
order: 2
desc: "Security settings for the storage account."
Network Rules:
order: 3
desc: "Network access rules for the storage account."
Tags:
order: 4
desc: "Tags to assign to the storage account."
---
resource "azurerm_storage_account" "__name" {
name = {{ name }}
resource_group_name = {{ resource_group_name }}
location = {{ location }}
account_tier = {{ account_tier }}
account_replication_type = {{ account_replication_type }}
account_kind = {{ account_kind }}
access_tier = {{ access_tier }}
enable_https_traffic_only = {{ enable_https_traffic_only }}
min_tls_version = {{ min_tls_version }}
{{# network_rules }}
network_rules {
default_action = {{ network_rules.default_action | desc: "Allow or Deny access when no network rules match." | required: true | default: "Deny" }}
ip_rules = [
{{# network_rules.ip_rules }}
"{{ network_rules.ip_rules }}",
{{/ network_rules.ip_rules }}
]
virtual_network_subnet_ids = [
{{# network_rules.virtual_network_subnet_ids }}
{{ network_rules.virtual_network_subnet_ids }},
{{/ network_rules.virtual_network_subnet_ids }}
]
bypass = [
{{# network_rules.bypass }}
"{{ network_rules.bypass }}",
{{/ network_rules.bypass }}
]
}
{{/ network_rules }}
tags = {
Name = {{ name }}
{{# tags }}
{{ tags.key | required: false }} = {{ tags.value | required: false }}
{{/ tags }}
}
}
// Enforces HTTPS traffic only and sets minimum TLS version to TLS 1.2 for enhanced security.
// Defaults to StorageV2 account kind and LRS replication for best compatibility and cost-effectiveness.
// Allows configuration of network rules to restrict access.
// Encourages tagging for resource identification and management.
//
A form is created automatically that accepts inputs that you defined in the Blueprint.
.png)
After filling out the Blueprint form, Terraform is generated and a PR is automatically submitted.
