update README.md

README.md

@@ -78,31 +78,16 @@ Here is an example of how you can use this module in your inventory structure:
     name                      = "app"
     environment               = "test"
     label_order               = ["name", "environment"]
+    default_enabled           = true
     resource_group_name       = module.resource_group.resource_group_name
     location                  = module.resource_group.resource_group_location
-    storage_account_name      = "storagestartac"
-    account_kind              = "StorageV2"
-    account_tier              = "Standard"
-    account_replication_type  = "GRS"
-    enable_https_traffic_only = true
-    is_hns_enabled            = true
-    sftp_enabled              = true
-
-    network_rules = [
-      {
-          default_action = "Deny"
-          ip_rules       = ["0.0.0.0/0"]
-          bypass         = ["AzureServices"]
-      }
-    ]
-
+    storage_account_name      = "stordtyre236"
 
-    ##   Storage Account Threat Protection
-    enable_advanced_threat_protection = true
 
     ##   Storage Container
     containers_list = [
       { name = "app-test", access_type = "private" },
+      { name = "app2", access_type = "private" },
     ]
 
     ##   Storage File Share
@@ -116,16 +101,15 @@ Here is an example of how you can use this module in your inventory structure:
     ## Storage Queues
     queues = ["queue1"]
 
-    management_policy = [
-      {
-        prefix_match               = ["app-test/folder_path"]
-        tier_to_cool_after_days    = 0
-        tier_to_archive_after_days = 50
-        delete_after_days          = 100
-        snapshot_delete_after_days = 30
-      }
-    ]
-}
+    management_policy_enable = true
+
+    #enable private endpoint
+    virtual_network_id = module.vnet.vnet_id[0]
+    subnet_id          = module.subnet.default_subnet_id[0]
+
+    log_analytics_workspace_id = module.log-analytics.workspace_id
+
+  }
   ```
 ####  storage with cmk encryption
 ```hcl
@@ -134,51 +118,29 @@ Here is an example of how you can use this module in your inventory structure:
     source                    = "clouddrove/storage/azure"
     name                      = "app"
     environment               = "test"
-    label_order               = ["name", "environment"]
+    label_order               = ["name", "environment", ]
     resource_group_name       = module.resource_group.resource_group_name
     location                  = module.resource_group.resource_group_location
-    storage_account_name      = "storagkistaptac"
+    storage_account_name      = "storagkqp0896"
     account_kind              = "BlockBlobStorage"
     account_tier              = "Premium"
     identity_type             = "UserAssigned"
-    object_id                 = ["7XXXXXXXXXXXXXXXX166d7c97", "c2f1eXXXXXXXXXXXXXXXX470c43"]
+    object_id                 = ["71d1a02f-3ae9-4ab9-8fec-d9b1166d7c97", ]
     account_replication_type  = "ZRS"
-    enable_https_traffic_only = true
-    is_hns_enabled            = true
-    sftp_enabled              = true
-    #### when CMK encryption enable required key-vault id
-    ###customer_managed_key can only be set when the account_kind is set to StorageV2 or account_tier set to Premium, and the identity type is UserAssigned.
-    cmk_encryption_enabled = true
-    key_vault_id           = module.vault.id
-    ###This can only be true when account_kind is StorageV2 or when account_tier is Premium and account_kind is one of BlockBlobStorage or FileStorage.
-    infrastructure_encryption_enabled = true
-
-    network_rules = [
-      {
-        default_action = "Deny"
-        ip_rules       = ["0.0.0.0/0"]
-        bypass         = ["AzureServices"]
-      }
-    ]
 
-
-    ##   Storage Account Threat Protection
-    enable_advanced_threat_protection = true
+    ###customer_managed_key can only be set when the account_kind is set to StorageV2 or account_tier set to Premium, and the identity type is UserAssigned.
+    key_vault_id = module.vault.id
 
     ##   Storage Container
     containers_list = [
       { name = "app-test", access_type = "private" },
     ]
 
-    management_policy = [
-      {
-        prefix_match               = ["app-test/folder_path"]
-        tier_to_cool_after_days    = 0
-        tier_to_archive_after_days = 50
-        delete_after_days          = 100
-        snapshot_delete_after_days = 30
-      }
-    ]
+    virtual_network_id = module.vnet.vnet_id[0]
+    subnet_id          = module.subnet.default_subnet_id[0]
+
+    log_analytics_workspace_id = module.log-analytics.workspace_id
+
   }
   ```
 
@@ -191,28 +153,29 @@ Here is an example of how you can use this module in your inventory structure:
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| Metric\_enable | Is this Diagnostic Metric enabled? Defaults to true. | `bool` | `true` | no |
 | access\_tier | Defines the access tier for BlobStorage and StorageV2 accounts. Valid options are Hot and Cool. | `string` | `"Hot"` | no |
 | account\_kind | The type of storage account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. | `string` | `"StorageV2"` | no |
-| account\_replication\_type | Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS. Changing this forces a new resource to be created when types LRS, GRS and RAGRS are changed to ZRS, GZRS or RAGZRS and vice versa. | `string` | `""` | no |
+| account\_replication\_type | Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS. Changing this forces a new resource to be created when types LRS, GRS and RAGRS are changed to ZRS, GZRS or RAGZRS and vice versa. | `string` | `"GRS"` | no |
 | account\_tier | Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid. Changing this forces a new resource to be created. | `string` | `"Standard"` | no |
 | addon\_resource\_group\_name | The name of the addon vnet resource group | `string` | `""` | no |
 | addon\_vent\_link | The name of the addon vnet | `bool` | `false` | no |
 | addon\_virtual\_network\_id | The name of the addon vnet link vnet id | `string` | `""` | no |
 | alias | n/a | `string` | `null` | no |
 | alias\_sub | n/a | `string` | `null` | no |
 | allow\_nested\_items\_to\_be\_public | Allow or disallow nested items within this Account to opt into being public. Defaults to true. | `bool` | `true` | no |
-| cmk\_encryption\_enabled | n/a | `bool` | `false` | no |
 | containers\_list | List of containers to create and their access levels. | `list(object({ name = string, access_type = string }))` | `[]` | no |
 | cross\_tenant\_replication\_enabled | Should cross Tenant replication be enabled? Defaults to true. | `bool` | `true` | no |
-| datastorages | n/a | `list(string)` | `null` | no |
+| datastorages | n/a | `list(string)` | <pre>[<br>  "blob",<br>  "queue",<br>  "table",<br>  "file"<br>]</pre> | no |
 | days | Number of days to create retension policies for te diagnosys setting. | `number` | `365` | no |
-| default\_enabled | Set to false to prevent the module from creating any resources. | `bool` | `false` | no |
+| default\_enabled | n/a | `bool` | `false` | no |
 | default\_to\_oauth\_authentication | Default to Azure Active Directory authorization in the Azure portal when accessing the Storage Account. The default value is false | `bool` | `false` | no |
+| diagnostic\_log\_days | The number of days for which this Retention Policy should apply. | `number` | `"90"` | no |
 | diff\_sub | The name of the addon vnet | `bool` | `false` | no |
-| enable\_advanced\_threat\_protection | Boolean flag which controls if advanced threat protection is enabled. | `bool` | `false` | no |
-| enable\_diagnostic | Set to false to prevent the module from creating the diagnosys setting for the NSG Resource.. | `bool` | `false` | no |
+| enable\_advanced\_threat\_protection | Boolean flag which controls if advanced threat protection is enabled. | `bool` | `true` | no |
+| enable\_diagnostic | Set to false to prevent the module from creating the diagnosys setting for the NSG Resource.. | `bool` | `true` | no |
 | enable\_https\_traffic\_only | Boolean flag which forces HTTPS if enabled, see here for more information. | `bool` | `true` | no |
-| enable\_private\_endpoint | enable or disable private endpoint to storage account | `bool` | `false` | no |
+| enable\_private\_endpoint | enable or disable private endpoint to storage account | `bool` | `true` | no |
 | enabled | Set to false to prevent the module from creating any resources. | `bool` | `true` | no |
 | environment | Environment (e.g. `prod`, `dev`, `staging`). | `string` | `""` | no |
 | eventhub\_authorization\_rule\_id | Eventhub authorization rule id to pass it to destination details of diagnosys setting of NSG. | `string` | `null` | no |
@@ -222,28 +185,29 @@ Here is an example of how you can use this module in your inventory structure:
 | file\_shares | List of containers to create and their access levels. | `list(object({ name = string, quota = number }))` | `[]` | no |
 | identity\_ids | Specifies a list of User Assigned Managed Identity IDs to be assigned to this Storage Account. | `list(string)` | `null` | no |
 | identity\_type | Specifies the type of Managed Service Identity that should be configured on this Storage Account. Possible values are `SystemAssigned`, `UserAssigned`, `SystemAssigned, UserAssigned` (to enable both). | `string` | `"SystemAssigned"` | no |
-| infrastructure\_encryption\_enabled | Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false. | `bool` | `false` | no |
+| infrastructure\_encryption\_enabled | Is infrastructure encryption enabled? Changing this forces a new resource to be created. Defaults to false. | `bool` | `true` | no |
 | is\_hns\_enabled | Is Hierarchical Namespace enabled? This can be used with Azure Data Lake Storage Gen 2. Changing this forces a new resource to be created. | `bool` | `false` | no |
 | key\_vault\_id | n/a | `string` | `null` | no |
 | label\_order | Label order, e.g. sequence of application name and environment `name`,`environment`,'attribute' [`webserver`,`qa`,`devops`,`public`,] . | `list(any)` | `[]` | no |
 | last\_access\_time\_enabled | (Optional) Is the last access time based tracking enabled? Default to true. | `bool` | `false` | no |
 | location | The location/region to keep all your network resources. To get the list of all locations with table format from azure cli, run 'az account list-locations -o table' | `string` | `"North Europe"` | no |
+| log\_analytics\_destination\_type | Possible values are AzureDiagnostics and Dedicated, default to AzureDiagnostics. When set to Dedicated, logs sent to a Log Analytics workspace will go into resource specific tables, instead of the legacy AzureDiagnostics table. | `string` | `"AzureDiagnostics"` | no |
 | log\_analytics\_workspace\_id | log analytics workspace id to pass it to destination details of diagnosys setting of NSG. | `string` | `null` | no |
-| logs | n/a | `list(string)` | `null` | no |
-| logs\_enabled | n/a | `list(bool)` | `null` | no |
+| logs | n/a | `list(string)` | <pre>[<br>  "StorageWrite",<br>  "StorageRead",<br>  "StorageDelete"<br>]</pre> | no |
+| logs\_enabled | n/a | `list(bool)` | <pre>[<br>  true,<br>  true<br>]</pre> | no |
 | managedby | ManagedBy, eg 'Identos'. | `string` | `""` | no |
-| management\_policy | Configure Azure Storage firewalls and virtual networks | <pre>list(object({<br>    prefix_match               = set(string),<br>    tier_to_cool_after_days    = number,<br>    tier_to_archive_after_days = number,<br>    delete_after_days          = number,<br>    snapshot_delete_after_days = number<br>  }))</pre> | `[]` | no |
+| management\_policy | Configure Azure Storage firewalls and virtual networks | <pre>list(object({<br>    prefix_match               = set(string),<br>    tier_to_cool_after_days    = number,<br>    tier_to_archive_after_days = number,<br>    delete_after_days          = number,<br>    snapshot_delete_after_days = number<br>  }))</pre> | <pre>[<br>  {<br>    "delete_after_days": 100,<br>    "prefix_match": null,<br>    "snapshot_delete_after_days": 30,<br>    "tier_to_archive_after_days": 50,<br>    "tier_to_cool_after_days": 0<br>  }<br>]</pre> | no |
 | management\_policy\_enable | n/a | `bool` | `false` | no |
-| metrics | n/a | `list(string)` | `null` | no |
-| metrics\_enabled | n/a | `list(bool)` | `null` | no |
+| metrics | n/a | `list(string)` | <pre>[<br>  "Transaction",<br>  "Capacity"<br>]</pre> | no |
+| metrics\_enabled | n/a | `list(bool)` | <pre>[<br>  true,<br>  true<br>]</pre> | no |
 | min\_tls\_version | The minimum supported TLS version for the storage account | `string` | `"TLS1_2"` | no |
 | name | Name  (e.g. `app` or `cluster`). | `string` | `""` | no |
-| network\_rules | List of objects that represent the configuration of each network rules. | `map` | `{}` | no |
+| network\_rules | List of objects that represent the configuration of each network rules. | `list(object({ default_action = string, ip_rules = list(string), bypass = list(string) }))` | <pre>[<br>  {<br>    "bypass": [<br>      "AzureServices"<br>    ],<br>    "default_action": "Deny",<br>    "ip_rules": [<br>      "0.0.0.0/0"<br>    ]<br>  }<br>]</pre> | no |
 | object\_id | n/a | `list(string)` | `[]` | no |
 | principal\_id | The ID of the Principal (User, Group or Service Principal) to assign the Role Definition to. Changing this forces a new resource to be created. | `list(string)` | `[]` | no |
 | public\_network\_access\_enabled | Whether the public network access is enabled? Defaults to true. | `bool` | `true` | no |
 | queues | List of storages queues | `list(string)` | `[]` | no |
-| repository | Terraform current module repo | `string` | `""` | no |
+| repository | Terraform current module repo | `string` | `"https://github.com/clouddrove/terraform-azure-storage.git"` | no |
 | resource\_group\_name | A container that holds related resources for an Azure solution | `string` | `""` | no |
 | retention\_policy\_enabled | Set to false to prevent the module from creating retension policy for the diagnosys setting. | `bool` | `false` | no |
 | sftp\_enabled | Boolean, enable SFTP for the storage account | `bool` | `false` | no |
@@ -255,7 +219,7 @@ Here is an example of how you can use this module in your inventory structure:
 | tables | List of storage tables. | `list(string)` | `[]` | no |
 | tags | A map of tags to add to all resources | `map(string)` | `{}` | no |
 | user\_assigned\_identity\_id | The ID of a user assigned identity. | `string` | `null` | no |
-| versioning\_enabled | Is versioning enabled? Default to false. | `bool` | `false` | no |
+| versioning\_enabled | Is versioning enabled? Default to false. | `bool` | `true` | no |
 | virtual\_network\_id | The name of the virtual network | `string` | `""` | no |
 
 ## Outputs