From f41503d47e30fcef6fb6658fea766d5a2fa73cb6 Mon Sep 17 00:00:00 2001 From: Deyaaeldeen Almahallawi Date: Sat, 24 Aug 2024 13:36:40 -0700 Subject: [PATCH] [Storage] Migrate to Bicep (#30852) And update API versions Live tests run: - https://dev.azure.com/azure-sdk/internal/_build/results?buildId=4070027&view=results - https://dev.azure.com/azure-sdk/internal/_build/results?buildId=4070131&view=results - https://dev.azure.com/azure-sdk/internal/_build/results?buildId=4079093&view=results - https://dev.azure.com/azure-sdk/internal/_build/results?buildId=4070138&view=results --- sdk/storage/storage-blob/test/README.md | 2 +- .../storage-file-datalake/test/README.md | 2 +- sdk/storage/storage-file-share/test/README.md | 2 +- sdk/storage/storage-queue/test/README.md | 2 +- sdk/storage/test-resources-post.ps1 | 2 +- sdk/storage/test-resources.bicep | 320 ++++++++++++ sdk/storage/test-resources.json | 490 ------------------ 7 files changed, 325 insertions(+), 495 deletions(-) create mode 100644 sdk/storage/test-resources.bicep delete mode 100644 sdk/storage/test-resources.json diff --git a/sdk/storage/storage-blob/test/README.md b/sdk/storage/storage-blob/test/README.md index 17be1db0989c..b69e56984772 100644 --- a/sdk/storage/storage-blob/test/README.md +++ b/sdk/storage/storage-blob/test/README.md @@ -2,7 +2,7 @@ To test this project, make sure to build it by following our [building instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#building), then follow the [testing instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#testing). -You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use an [ARM template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.json) that already has all of the the necessary configurations. +You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use a [Bicep template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.bicep) that already has all of the the necessary configurations. The Azure resource that is used by the tests in this project is: diff --git a/sdk/storage/storage-file-datalake/test/README.md b/sdk/storage/storage-file-datalake/test/README.md index cd469cc9bee3..611a6b69041a 100644 --- a/sdk/storage/storage-file-datalake/test/README.md +++ b/sdk/storage/storage-file-datalake/test/README.md @@ -2,7 +2,7 @@ To test this project, make sure to build it by following our [building instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#building), then follow the [testing instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#testing). -You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use an [ARM template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.json) that already has all of the the necessary configurations. +You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use a [Bicep template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.bicep) that already has all of the the necessary configurations. The Azure resource that is used by the tests in this project is: diff --git a/sdk/storage/storage-file-share/test/README.md b/sdk/storage/storage-file-share/test/README.md index edc876c4a90d..ed71c312412d 100644 --- a/sdk/storage/storage-file-share/test/README.md +++ b/sdk/storage/storage-file-share/test/README.md @@ -2,7 +2,7 @@ To test this project, make sure to build it by following our [building instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#building), then follow the [testing instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#testing). -You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use an [ARM template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.json) that already has all of the the necessary configurations. +You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use a [Bicep template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.bicep) that already has all of the the necessary configurations. The Azure resource that is used by the tests in this project is: diff --git a/sdk/storage/storage-queue/test/README.md b/sdk/storage/storage-queue/test/README.md index de05aa193552..a5779eea8c3f 100644 --- a/sdk/storage/storage-queue/test/README.md +++ b/sdk/storage/storage-queue/test/README.md @@ -2,7 +2,7 @@ To test this project, make sure to first build it properly by following our [building instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#building). Once the project is correctly built, you will be able to run the tests by following the [testing instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#testing). -You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use an [ARM template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.json) that already has all of the the necessary configurations. +You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use a [Bicep template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.bicep) that already has all of the the necessary configurations. The Azure resources that are used by the tests in this project are: diff --git a/sdk/storage/test-resources-post.ps1 b/sdk/storage/test-resources-post.ps1 index 36625105e79b..d94c3acaa620 100644 --- a/sdk/storage/test-resources-post.ps1 +++ b/sdk/storage/test-resources-post.ps1 @@ -6,7 +6,7 @@ # support for setting CORS rules is added to ARM for Queues # It is invoked by the https://github.com/Azure/azure-sdk-for-js/blob/main/eng/New-TestResources.ps1 -# script after the ARM template, defined in https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.json, +# script after the Bicep template, defined in https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.bicep, # is finished being deployed. The ARM template is responsible for creating the Storage accounts needed for live tests. param ( diff --git a/sdk/storage/test-resources.bicep b/sdk/storage/test-resources.bicep new file mode 100644 index 000000000000..8bbde473eebd --- /dev/null +++ b/sdk/storage/test-resources.bicep @@ -0,0 +1,320 @@ +@minLength(4) +param baseName string +param testApplicationOid string +param enableVersioning bool = false +param storageEndpointSuffix string = environment().suffixes.storage +param baseTime string = utcNow('u') + +var storageApiVersion = '2023-01-01' +var location = resourceGroup().location +var accountName = baseName +var datalakeAccountName = 'dl${baseName}' +var datalakeSoftDeleteAccountName = 'dls${baseName}' +var fullAccountName = 'f${baseName}' +var premiumFileAccountName = 'pf${baseName}' +var accountNameTidy = toLower(trim(accountName)) +var datalakeAccountNameTidy = toLower(trim(datalakeAccountName)) +var datalakeSoftDeleteAccountNameTidy = toLower(trim(datalakeSoftDeleteAccountName)) +var fullAccountNameTidy = toLower(trim(fullAccountName)) +var premiumFileAccountNameTidy = toLower(trim(premiumFileAccountName)) +var accountSasProperties = { + signedServices: 'bfqt' + signedPermission: 'rwdlacup' + signedResourceTypes: 'sco' + keyToSign: 'key2' + signedExpiry: dateTimeAdd(baseTime, 'PT2H') +} +var blobDataContributorRoleId = 'ba92f5b4-2d11-453d-a403-e96b0029c9fe' +var blobDataOwnerRoleId = 'b7e6dc6d-f1e8-4753-8033-0f276bb0955b' +var fileDataPrivilegedContributorRoleId = '69566ab7-960f-475b-8e7c-b3118f30c6bd' +var fileDataContributorRoleId = '0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb' +var encryption = { + services: { + file: { + enabled: true + } + blob: { + enabled: true + } + } + keySource: 'Microsoft.Storage' +} +var networkAcls = { + bypass: 'AzureServices' + virtualNetworkRules: [] + ipRules: [] + defaultAction: 'Allow' +} + +resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { + name: accountName + location: location + sku: { + name: 'Standard_RAGRS' + } + kind: 'StorageV2' + properties: { + networkAcls: networkAcls + supportsHttpsTrafficOnly: true + encryption: encryption + accessTier: 'Hot' + minimumTlsVersion: 'TLS1_2' + allowBlobPublicAccess: true + } + resource blobService 'blobServices@2023-05-01' = { + name: 'default' + properties: { + isVersioningEnabled: enableVersioning + cors: { + corsRules: [ + { + allowedOrigins: ['*'] + allowedMethods: ['DELETE', 'GET', 'HEAD', 'MERGE', 'POST', 'OPTIONS', 'PUT', 'PATCH'] + maxAgeInSeconds: 86400 + exposedHeaders: ['*'] + allowedHeaders: ['*'] + } + ] + } + lastAccessTimeTrackingPolicy: { + enable: true + name: 'AccessTimeTracking' + trackingGranularityInDays: 1 + blobType: ['blockBlob'] + } + } + } + resource fileService 'fileServices@2023-05-01' = { + name: 'default' + properties: { + cors: { + corsRules: [ + { + allowedOrigins: ['*'] + allowedMethods: ['DELETE', 'GET', 'HEAD', 'MERGE', 'POST', 'OPTIONS', 'PUT'] + maxAgeInSeconds: 86400 + exposedHeaders: ['*'] + allowedHeaders: ['*'] + } + ] + } + } + } +} + +resource datalakeAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { + name: datalakeAccountName + location: location + sku: { + name: 'Standard_RAGRS' + } + kind: 'StorageV2' + properties: { + isHnsEnabled: true + networkAcls: networkAcls + supportsHttpsTrafficOnly: true + encryption: encryption + accessTier: 'Hot' + minimumTlsVersion: 'TLS1_2' + allowBlobPublicAccess: true + } +} + +resource datalakeSoftDeleteAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { + name: datalakeSoftDeleteAccountName + location: location + sku: { + name: 'Standard_RAGRS' + } + kind: 'StorageV2' + properties: { + isHnsEnabled: true + networkAcls: networkAcls + supportsHttpsTrafficOnly: true + encryption: encryption + accessTier: 'Hot' + minimumTlsVersion: 'TLS1_2' + } + resource blobService 'blobServices@2023-05-01' = { + name: 'default' + properties: { + containerDeleteRetentionPolicy: { + enabled: true + days: 7 + } + cors: { + corsRules: [ + { + allowedOrigins: ['*'] + allowedMethods: ['DELETE', 'GET', 'HEAD', 'MERGE', 'POST', 'OPTIONS', 'PUT', 'PATCH'] + maxAgeInSeconds: 86400 + exposedHeaders: ['*'] + allowedHeaders: ['*'] + } + ] + } + } + } +} + +resource fullStorageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { + name: fullAccountName + location: location + sku: { + name: 'Standard_RAGRS' + } + kind: 'StorageV2' + properties: { + networkAcls: networkAcls + supportsHttpsTrafficOnly: true + encryption: encryption + accessTier: 'Hot' + minimumTlsVersion: 'TLS1_2' + allowBlobPublicAccess: true + } + resource blobService 'blobServices@2023-05-01' = { + name: 'default' + properties: { + restorePolicy: { + enabled: true + days: 6 + } + deleteRetentionPolicy: { + enabled: true + days: 7 + } + containerDeleteRetentionPolicy: { + enabled: true + days: 7 + } + changeFeed: { + enabled: true + } + isVersioningEnabled: true + cors: { + corsRules: [ + { + allowedOrigins: ['*'] + allowedMethods: ['DELETE', 'GET', 'HEAD', 'MERGE', 'POST', 'OPTIONS', 'PUT', 'PATCH'] + maxAgeInSeconds: 86400 + exposedHeaders: ['*'] + allowedHeaders: ['*'] + } + ] + } + } + } + resource fileService 'fileServices@2023-05-01' = { + name: 'default' + properties: { + shareDeleteRetentionPolicy: { + enabled: true + days: 7 + } + cors: { + corsRules: [ + { + allowedOrigins: ['*'] + allowedMethods: ['DELETE', 'GET', 'HEAD', 'MERGE', 'POST', 'OPTIONS', 'PUT'] + maxAgeInSeconds: 86400 + exposedHeaders: ['*'] + allowedHeaders: ['*'] + } + ] + } + } + } +} + +resource premiumFileAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = { + name: premiumFileAccountName + location: location + sku: { + name: 'Premium_LRS' + } + kind: 'FileStorage' + properties: { + networkAcls: networkAcls + supportsHttpsTrafficOnly: true + encryption: encryption + accessTier: 'Hot' + minimumTlsVersion: 'TLS1_2' + } + resource fileService 'fileServices@2023-05-01' = { + name: 'default' + properties: { + cors: { + corsRules: [ + { + allowedOrigins: ['*'] + allowedMethods: ['DELETE', 'GET', 'HEAD', 'MERGE', 'POST', 'OPTIONS', 'PUT'] + maxAgeInSeconds: 86400 + exposedHeaders: ['*'] + allowedHeaders: ['*'] + } + ] + } + } + } +} + +resource blobDataContributorRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: guid('blobDataContributorRoleId', accountName) + properties: { + roleDefinitionId: resourceId('Microsoft.Authorization/roleDefinitions', blobDataContributorRoleId) + principalId: testApplicationOid + } +} + +resource blobDataOwnerRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: guid('blobDataOwnerRoleId', accountName) + properties: { + roleDefinitionId: resourceId('Microsoft.Authorization/roleDefinitions', blobDataOwnerRoleId) + principalId: testApplicationOid + } +} + +resource fileDataPrivilegedContributorRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: guid('fileDataPrivilegedContributorRoleId', accountName) + properties: { + roleDefinitionId: resourceId('Microsoft.Authorization/roleDefinitions', fileDataPrivilegedContributorRoleId) + principalId: testApplicationOid + } +} + +resource fileDataContributorRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: guid('fileDataContributorRoleId', accountName) + properties: { + roleDefinitionId: resourceId('Microsoft.Authorization/roleDefinitions', fileDataContributorRoleId) + principalId: testApplicationOid + } +} + +output ACCOUNT_NAME string = accountName +output ACCOUNT_KEY string = listKeys(storageAccount.id, storageApiVersion).keys[0].value +output ACCOUNT_SAS string = '?${listAccountSas(accountNameTidy, storageApiVersion, accountSasProperties).accountSasToken}' +output STORAGE_CONNECTION_STRING string = 'DefaultEndpointsProtocol=https;AccountName=${accountName};AccountKey=${listKeys(storageAccount.id, storageApiVersion).keys[0].value};EndpointSuffix=${storageEndpointSuffix}' + +output DFS_ACCOUNT_NAME string = datalakeAccountName +output DFS_ACCOUNT_KEY string = listKeys(datalakeAccount.id, storageApiVersion).keys[0].value +output DFS_ACCOUNT_SAS string = '?${listAccountSas(datalakeAccountNameTidy, storageApiVersion, accountSasProperties).accountSasToken}' +output DFS_STORAGE_CONNECTION_STRING string = 'DefaultEndpointsProtocol=https;AccountName=${datalakeAccountName};AccountKey=${listKeys(datalakeAccount.id, storageApiVersion).keys[0].value};EndpointSuffix=${storageEndpointSuffix}' + +output DFS_SOFT_DELETE_ACCOUNT_NAME string = datalakeSoftDeleteAccountName +output DFS_SOFT_DELETE_ACCOUNT_KEY string = listKeys(datalakeSoftDeleteAccount.id, storageApiVersion).keys[0].value +output DFS_SOFT_DELETE_ACCOUNT_SAS string = '?${listAccountSas(datalakeSoftDeleteAccountNameTidy, storageApiVersion, accountSasProperties).accountSasToken}' + +output FULL_ACCOUNT_NAME string = fullAccountName +output FULL_ACCOUNT_KEY string = listKeys(fullStorageAccount.id, storageApiVersion).keys[0].value +output FULL_ACCOUNT_SAS string = '?${listAccountSas(fullAccountNameTidy, storageApiVersion, accountSasProperties).accountSasToken}' +output FULL_STORAGE_CONNECTION_STRING string = 'DefaultEndpointsProtocol=https;AccountName=${fullAccountName};AccountKey=${listKeys(fullStorageAccount.id, storageApiVersion).keys[0].value};EndpointSuffix=${storageEndpointSuffix}' + +output SOFT_DELETE_ACCOUNT_NAME string = fullAccountName +output SOFT_DELETE_ACCOUNT_KEY string = listKeys(fullStorageAccount.id, storageApiVersion).keys[0].value +output SOFT_DELETE_ACCOUNT_SAS string = '?${listAccountSas(fullAccountNameTidy, storageApiVersion, accountSasProperties).accountSasToken}' +output SOFT_DELETE_STORAGE_CONNECTION_STRING string = 'DefaultEndpointsProtocol=https;AccountName=${fullAccountName};AccountKey=${listKeys(fullStorageAccount.id, storageApiVersion).keys[0].value};EndpointSuffix=${storageEndpointSuffix}' + +output PREMIUM_FILE_ACCOUNT_NAME string = premiumFileAccountName +output PREMIUM_FILE_ACCOUNT_KEY string = listKeys(premiumFileAccount.id, storageApiVersion).keys[0].value +output PREMIUM_FILE_ACCOUNT_SAS string = '?${listAccountSas(premiumFileAccountNameTidy, storageApiVersion, accountSasProperties).accountSasToken}' +output PREMIUM_FILE_STORAGE_CONNECTION_STRING string = 'DefaultEndpointsProtocol=https;AccountName=${premiumFileAccountName};AccountKey=${listKeys(premiumFileAccount.id, storageApiVersion).keys[0].value};EndpointSuffix=${storageEndpointSuffix}' diff --git a/sdk/storage/test-resources.json b/sdk/storage/test-resources.json deleted file mode 100644 index 14aece9791ad..000000000000 --- a/sdk/storage/test-resources.json +++ /dev/null @@ -1,490 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "baseName": { - "type": "string", - "metadata": { - "description": "The base resource name." - } - }, - "testApplicationOid": { - "type": "string", - "metadata": { - "description": "The client OID to grant access to test resources." - } - }, - "enableVersioning": { - "type": "bool", - "defaultValue": false - }, - "storageEndpointSuffix": { - "type": "string", - "defaultValue": "core.windows.net", - "metadata": { - "description": "Storage endpoint suffix. The default value uses Azure Public Cloud (core.windows.net)" - } - }, - "baseTime": { - "type": "string", - "defaultValue": "[utcNow('u')]" - } - }, - "variables": { - "storageApiVersion": "2023-01-01", - "location": "[resourceGroup().location]", - "accountName": "[parameters('baseName')]", - "datalakeAccountName": "[concat('dl', parameters('baseName'))]", - "datalakeSoftDeleteAccountName": "[concat('dls', parameters('baseName'))]", - "fullAccountName": "[concat('f', parameters('baseName'))]", - "premiumFileAccountName": "[concat('pf', parameters('baseName'))]", - "accountNameTidy": "[toLower(trim(variables('accountName')))]", - "datalakeAccountNameTidy": "[toLower(trim(variables('datalakeAccountName')))]", - "datalakeSoftDeleteAccountNameTidy": "[toLower(trim(variables('datalakeSoftDeleteAccountName')))]", - "fullAccountNameTidy": "[toLower(trim(variables('fullAccountName')))]", - "premiumFileAccountNameTidy": "[toLower(trim(variables('premiumFileAccountName')))]", - "blobEndPoint": "[concat('https://',variables('accountNameTidy'),'.blob.', parameters('storageEndpointSuffix'))]", - "accountSasProperties": { - "signedServices": "bfqt", - "signedPermission": "rwdlacup", - "signedResourceTypes": "sco", - "keyToSign": "key2", - "signedExpiry": "[dateTimeAdd(parameters('baseTime'), 'PT2H')]" - }, - "authorizationApiVersion": "2022-04-01", - "blobDataContributorRoleId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe')]", - "blobDataOwnerRoleId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/b7e6dc6d-f1e8-4753-8033-0f276bb0955b')]", - "fileDataPrivilegedContributorRoleId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/69566ab7-960f-475b-8e7c-b3118f30c6bd')]", - "fileDataContributorRoleId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb')]", - "encryption": { - "services": { - "file": { - "enabled": true - }, - "blob": { - "enabled": true - } - }, - "keySource": "Microsoft.Storage" - }, - "networkAcls": { - "bypass": "AzureServices", - "virtualNetworkRules": [], - "ipRules": [], - "defaultAction": "Allow" - } - }, - "resources": [ - { - "type": "Microsoft.Authorization/roleAssignments", - "apiVersion": "[variables('authorizationApiVersion')]", - "name": "[guid(concat('blobDataContributorRoleId', variables('accountName')))]", - "dependsOn": ["[variables('accountName')]"], - "properties": { - "roleDefinitionId": "[variables('blobDataContributorRoleId')]", - "principalId": "[parameters('testApplicationOid')]" - } - }, - { - "type": "Microsoft.Authorization/roleAssignments", - "apiVersion": "[variables('authorizationApiVersion')]", - "name": "[guid(concat('blobDataOwnerRoleId', variables('accountName')))]", - "dependsOn": ["[variables('accountName')]"], - "properties": { - "roleDefinitionId": "[variables('blobDataOwnerRoleId')]", - "principalId": "[parameters('testApplicationOid')]" - } - }, - { - "type": "Microsoft.Authorization/roleAssignments", - "apiVersion": "[variables('authorizationApiVersion')]", - "name": "[guid(concat('fileDataPrivilegedContributorRoleId', variables('accountName')))]", - "dependsOn": ["[variables('accountName')]"], - "properties": { - "roleDefinitionId": "[variables('fileDataPrivilegedContributorRoleId')]", - "principalId": "[parameters('testApplicationOid')]" - } - }, - { - "type": "Microsoft.Authorization/roleAssignments", - "apiVersion": "[variables('authorizationApiVersion')]", - "name": "[guid(concat('fileDataContributorRoleId', variables('accountName')))]", - "dependsOn": ["[variables('accountName')]"], - "properties": { - "roleDefinitionId": "[variables('fileDataContributorRoleId')]", - "principalId": "[parameters('testApplicationOid')]" - } - }, - { - "type": "Microsoft.Storage/storageAccounts", - "apiVersion": "[variables('storageApiVersion')]", - "name": "[variables('accountName')]", - "location": "[variables('location')]", - "sku": { - "name": "Standard_RAGRS", - "tier": "Standard" - }, - "kind": "StorageV2", - "properties": { - "networkAcls": "[variables('networkAcls')]", - "supportsHttpsTrafficOnly": true, - "encryption": "[variables('encryption')]", - "accessTier": "Hot", - "minimumTlsVersion": "TLS1_2", - "allowBlobPublicAccess": true - }, - "resources": [ - { - "name": "default", - "type": "blobServices", - "apiVersion": "[variables('storageApiVersion')]", - "dependsOn": ["[variables('accountName')]"], - "properties": { - "isVersioningEnabled": "[parameters('enableVersioning')]", - "cors": { - "corsRules": [ - { - "allowedOrigins": ["*"], - "allowedMethods": [ - "DELETE", - "GET", - "HEAD", - "MERGE", - "POST", - "OPTIONS", - "PUT", - "PATCH" - ], - "maxAgeInSeconds": 86400, - "exposedHeaders": ["*"], - "allowedHeaders": ["*"] - } - ] - }, - "lastAccessTimeTrackingPolicy": { - "enable": true, - "name": "AccessTimeTracking", - "trackingGranularityInDays": 1, - "blobType": ["blockBlob"] - } - }, - "resources": [] - }, - { - "name": "default", - "type": "fileServices", - "apiVersion": "[variables('storageApiVersion')]", - "dependsOn": ["[variables('accountName')]"], - "properties": { - "cors": { - "corsRules": [ - { - "allowedOrigins": ["*"], - "allowedMethods": ["DELETE", "GET", "HEAD", "MERGE", "POST", "OPTIONS", "PUT"], - "maxAgeInSeconds": 86400, - "exposedHeaders": ["*"], - "allowedHeaders": ["*"] - } - ] - } - }, - "resources": [] - } - ] - }, - { - "type": "Microsoft.Storage/storageAccounts", - "apiVersion": "[variables('storageApiVersion')]", - "name": "[variables('datalakeAccountName')]", - "location": "[variables('location')]", - "sku": { - "name": "Standard_RAGRS", - "tier": "Standard" - }, - "kind": "StorageV2", - "properties": { - "isHnsEnabled": true, - "networkAcls": "[variables('networkAcls')]", - "supportsHttpsTrafficOnly": true, - "encryption": "[variables('encryption')]", - "accessTier": "Hot", - "minimumTlsVersion": "TLS1_2", - "allowBlobPublicAccess": true - } - }, - { - "type": "Microsoft.Storage/storageAccounts", - "apiVersion": "[variables('storageApiVersion')]", - "name": "[variables('datalakeSoftDeleteAccountName')]", - "location": "[variables('location')]", - "sku": { - "name": "Standard_RAGRS", - "tier": "Standard" - }, - "kind": "StorageV2", - "properties": { - "isHnsEnabled": true, - "networkAcls": "[variables('networkAcls')]", - "supportsHttpsTrafficOnly": true, - "encryption": "[variables('encryption')]", - "accessTier": "Hot", - "minimumTlsVersion": "TLS1_2" - }, - "resources": [ - { - "name": "default", - "type": "blobServices", - "apiVersion": "[variables('storageApiVersion')]", - "dependsOn": ["[variables('datalakeSoftDeleteAccountName')]"], - "properties": { - "containerDeleteRetentionPolicy": { - "enabled": true, - "days": 7 - }, - "cors": { - "corsRules": [ - { - "allowedOrigins": ["*"], - "allowedMethods": [ - "DELETE", - "GET", - "HEAD", - "MERGE", - "POST", - "OPTIONS", - "PUT", - "PATCH" - ], - "maxAgeInSeconds": 86400, - "exposedHeaders": ["*"], - "allowedHeaders": ["*"] - } - ] - } - } - } - ] - }, - { - "type": "Microsoft.Storage/storageAccounts", - "apiVersion": "[variables('storageApiVersion')]", - "name": "[variables('fullAccountName')]", - "location": "[variables('location')]", - "sku": { - "name": "Standard_RAGRS", - "tier": "Standard" - }, - "kind": "StorageV2", - "properties": { - "networkAcls": "[variables('networkAcls')]", - "supportsHttpsTrafficOnly": true, - "encryption": "[variables('encryption')]", - "accessTier": "Hot", - "minimumTlsVersion": "TLS1_2", - "allowBlobPublicAccess": true - }, - "resources": [ - { - "name": "default", - "type": "blobServices", - "apiVersion": "[variables('storageApiVersion')]", - "properties": { - "restorePolicy": { - "enabled": true, - "days": 6 - }, - "deleteRetentionPolicy": { - "enabled": true, - "days": 7 - }, - "containerDeleteRetentionPolicy": { - "enabled": true, - "days": 7 - }, - "changeFeed": { - "enabled": true - }, - "isVersioningEnabled": true, - "cors": { - "corsRules": [ - { - "allowedOrigins": ["*"], - "allowedMethods": [ - "DELETE", - "GET", - "HEAD", - "MERGE", - "POST", - "OPTIONS", - "PUT", - "PATCH" - ], - "maxAgeInSeconds": 86400, - "exposedHeaders": ["*"], - "allowedHeaders": ["*"] - } - ] - } - }, - "dependsOn": ["[variables('fullAccountName')]"] - }, - { - "name": "default", - "type": "fileservices", - "apiVersion": "[variables('storageApiVersion')]", - "properties": { - "shareDeleteRetentionPolicy": { - "enabled": true, - "days": 7 - }, - "cors": { - "corsRules": [ - { - "allowedOrigins": ["*"], - "allowedMethods": ["DELETE", "GET", "HEAD", "MERGE", "POST", "OPTIONS", "PUT"], - "maxAgeInSeconds": 86400, - "exposedHeaders": ["*"], - "allowedHeaders": ["*"] - } - ] - } - }, - "dependsOn": ["[variables('fullAccountName')]"] - } - ] - }, - { - "type": "Microsoft.Storage/storageAccounts", - "apiVersion": "[variables('storageApiVersion')]", - "name": "[variables('premiumFileAccountName')]", - "location": "[variables('location')]", - "sku": { - "name": "Premium_LRS", - "tier": "Premium" - }, - "kind": "FileStorage", - "properties": { - "networkAcls": "[variables('networkAcls')]", - "supportsHttpsTrafficOnly": true, - "encryption": "[variables('encryption')]", - "accessTier": "Hot", - "minimumTlsVersion": "TLS1_2" - }, - "resources": [ - { - "name": "default", - "type": "fileservices", - "apiVersion": "[variables('storageApiVersion')]", - "properties": { - "cors": { - "corsRules": [ - { - "allowedOrigins": ["*"], - "allowedMethods": ["DELETE", "GET", "HEAD", "MERGE", "POST", "OPTIONS", "PUT"], - "maxAgeInSeconds": 86400, - "exposedHeaders": ["*"], - "allowedHeaders": ["*"] - } - ] - } - }, - "dependsOn": ["[variables('premiumFileAccountName')]"] - } - ] - } - ], - "outputs": { - "ACCOUNT_NAME": { - "type": "string", - "value": "[variables('accountName')]" - }, - "ACCOUNT_KEY": { - "type": "string", - "value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('accountName')), variables('storageApiVersion')).keys[0].value]" - }, - "ACCOUNT_SAS": { - "type": "string", - "value": "[concat('?', listAccountSas(variables('accountNameTidy'), variables('storageApiVersion'), variables('accountSasProperties')).accountSasToken)]" - }, - "STORAGE_CONNECTION_STRING": { - "type": "string", - "value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('accountName'), ';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('accountName')), variables('storageApiVersion')).keys[0].value, ';EndpointSuffix=', parameters('storageEndpointSuffix'))]" - }, - "DFS_ACCOUNT_NAME": { - "type": "string", - "value": "[variables('dataLakeAccountName')]" - }, - "DFS_ACCOUNT_KEY": { - "type": "string", - "value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('dataLakeAccountName')), variables('storageApiVersion')).keys[0].value]" - }, - "DFS_ACCOUNT_SAS": { - "type": "string", - "value": "[concat('?', listAccountSas(variables('datalakeAccountNameTidy'), variables('storageApiVersion'), variables('accountSasProperties')).accountSasToken)]" - }, - "DFS_STORAGE_CONNECTION_STRING": { - "type": "string", - "value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('dataLakeAccountName'), ';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('dataLakeAccountName')), variables('storageApiVersion')).keys[0].value, ';EndpointSuffix=', parameters('storageEndpointSuffix'))]" - }, - "DFS_SOFT_DELETE_ACCOUNT_NAME": { - "type": "string", - "value": "[variables('datalakeSoftDeleteAccountName')]" - }, - "DFS_SOFT_DELETE_ACCOUNT_KEY": { - "type": "string", - "value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('datalakeSoftDeleteAccountName')), variables('storageApiVersion')).keys[0].value]" - }, - "DFS_SOFT_DELETE_ACCOUNT_SAS": { - "type": "string", - "value": "[concat('?', listAccountSas(variables('datalakeSoftDeleteAccountNameTidy'), variables('storageApiVersion'), variables('accountSasProperties')).accountSasToken)]" - }, - "FULL_ACCOUNT_NAME": { - "type": "string", - "value": "[variables('fullAccountName')]" - }, - "FULL_ACCOUNT_KEY": { - "type": "string", - "value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('fullAccountName')), variables('storageApiVersion')).keys[0].value]" - }, - "FULL_ACCOUNT_SAS": { - "type": "string", - "value": "[concat('?', listAccountSas(variables('fullAccountNameTidy'), variables('storageApiVersion'), variables('accountSasProperties')).accountSasToken)]" - }, - "FULL_STORAGE_CONNECTION_STRING": { - "type": "string", - "value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('fullAccountName'), ';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('fullAccountName')), variables('storageApiVersion')).keys[0].value, ';EndpointSuffix=', parameters('storageEndpointSuffix'))]" - }, - "SOFT_DELETE_ACCOUNT_NAME": { - "type": "string", - "value": "[variables('fullAccountName')]" - }, - "SOFT_DELETE_ACCOUNT_KEY": { - "type": "string", - "value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('fullAccountName')), variables('storageApiVersion')).keys[0].value]" - }, - "SOFT_DELETE_ACCOUNT_SAS": { - "type": "string", - "value": "[concat('?', listAccountSas(variables('fullAccountNameTidy'), variables('storageApiVersion'), variables('accountSasProperties')).accountSasToken)]" - }, - "SOFT_DELETE_STORAGE_CONNECTION_STRING": { - "type": "string", - "value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('fullAccountName'), ';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('fullAccountName')), variables('storageApiVersion')).keys[0].value, ';EndpointSuffix=', parameters('storageEndpointSuffix'))]" - }, - "PREMIUM_FILE_ACCOUNT_NAME": { - "type": "string", - "value": "[variables('fullAccountName')]" - }, - "PREMIUM_FILE_ACCOUNT_KEY": { - "type": "string", - "value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('fullAccountName')), variables('storageApiVersion')).keys[0].value]" - }, - "PREMIUM_FILE_ACCOUNT_SAS": { - "type": "string", - "value": "[concat('?', listAccountSas(variables('fullAccountNameTidy'), variables('storageApiVersion'), variables('accountSasProperties')).accountSasToken)]" - }, - "PREMIUM_FILE_STORAGE_CONNECTION_STRING": { - "type": "string", - "value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('fullAccountName'), ';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('fullAccountName')), variables('storageApiVersion')).keys[0].value, ';EndpointSuffix=', parameters('storageEndpointSuffix'))]" - } - } -}