Commit 323b25d8 authored by Daniel Scholl's avatar Daniel Scholl
Browse files

Terraform Checks, added default retention policy and changelog

parent fc7c9ec7
......@@ -5,6 +5,7 @@
__Infra Changes__
- [Issue 75 - Upgrade Infrastructure tools and software dependencies](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/75) - _* Manual Intervention Required_
- [Issue 76 - Add Terraform Service Resource Template Feature Flags](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/76)
- [Issue 80 - Feature Change - Data Partition - Enable CORS configuration for Blob Containers on Storage Accounts](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/80)
......
......@@ -35,14 +35,17 @@ resource "azurerm_storage_account" "main" {
}
blob_properties {
delete_retention_policy {
days = var.retention_days
}
dynamic "cors_rule" {
for_each = var.blob_cors_rule
content {
# Enable Cors Rules
allowed_headers = cors_rule.value["allowed_headers"]
allowed_methods = cors_rule.value["allowed_methods"]
allowed_origins = cors_rule.value["allowed_origins"]
exposed_headers = cors_rule.value["exposed_headers"]
allowed_headers = cors_rule.value["allowed_headers"]
allowed_methods = cors_rule.value["allowed_methods"]
allowed_origins = cors_rule.value["allowed_origins"]
exposed_headers = cors_rule.value["exposed_headers"]
max_age_in_seconds = cors_rule.value["max_age_in_seconds"]
}
}
......
......@@ -80,22 +80,28 @@ variable "resource_tags" {
default = {}
}
variable "retention_days" {
description = "Number of days that to keep deleted blobs"
type = number
default = 30
}
# CORS Rules
variable "blob_cors_rule" {
type = list(
object(
{
# A list of origin domains that will be allowed by CORS.
allowed_origins = list(string)
# A list of http headers that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowed_methods = list(string)
# A list of headers that are allowed to be a part of the cross-origin request.
allowed_headers = list(string)
# A list of response headers that are exposed to CORS clients.
exposed_headers = list(string)
# The number of seconds the client should cache a preflight response.
max_age_in_seconds = number
object(
{
# A list of origin domains that will be allowed by CORS.
allowed_origins = list(string)
# A list of http headers that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH.
allowed_methods = list(string)
# A list of headers that are allowed to be a part of the cross-origin request.
allowed_headers = list(string)
# A list of response headers that are exposed to CORS clients.
exposed_headers = list(string)
# The number of seconds the client should cache a preflight response.
max_age_in_seconds = number
}))
default = []
default = []
description = "List of CORS Rules to be applied on the Blob Service."
}
\ No newline at end of file
}
......@@ -157,7 +157,7 @@ module "storage_account" {
kind = "StorageV2"
replication_type = var.storage_replication_type
resource_tags = var.resource_tags
resource_tags = var.resource_tags
blob_cors_rule = var.blob_cors_rule
}
......
......@@ -85,15 +85,15 @@ variable "storage_containers" {
variable "blob_cors_rule" {
type = list(
object(
{
allowed_origins = list(string)
allowed_methods = list(string)
allowed_headers = list(string)
exposed_headers = list(string)
max_age_in_seconds = number
object(
{
allowed_origins = list(string)
allowed_methods = list(string)
allowed_headers = list(string)
exposed_headers = list(string)
max_age_in_seconds = number
}))
default = []
default = []
description = "List of CORS Rules to be applied on the Blob Service."
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment