[Storage] Migrate to Bicep (#30852)
And update API versions Live tests run: - https://dev.azure.com/azure-sdk/internal/_build/results?buildId=4070027&view=results - https://dev.azure.com/azure-sdk/internal/_build/results?buildId=4070131&view=results - https://dev.azure.com/azure-sdk/internal/_build/results?buildId=4079093&view=results - https://dev.azure.com/azure-sdk/internal/_build/results?buildId=4070138&view=results
This commit is contained in:
Deyaaeldeen Almahallawi
GitHub
Родитель
43e8e1bd38
Коммит
f41503d47e
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
To test this project, make sure to build it by following our [building instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#building), then follow the [testing instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#testing).
|
||||
|
||||
You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use an [ARM template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.json) that already has all of the the necessary configurations.
|
||||
You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use a [Bicep template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.bicep) that already has all of the the necessary configurations.
|
||||
|
||||
The Azure resource that is used by the tests in this project is:
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
To test this project, make sure to build it by following our [building instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#building), then follow the [testing instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#testing).
|
||||
|
||||
You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use an [ARM template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.json) that already has all of the the necessary configurations.
|
||||
You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use a [Bicep template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.bicep) that already has all of the the necessary configurations.
|
||||
|
||||
The Azure resource that is used by the tests in this project is:
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
To test this project, make sure to build it by following our [building instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#building), then follow the [testing instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#testing).
|
||||
|
||||
You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use an [ARM template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.json) that already has all of the the necessary configurations.
|
||||
You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use a [Bicep template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.bicep) that already has all of the the necessary configurations.
|
||||
|
||||
The Azure resource that is used by the tests in this project is:
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
To test this project, make sure to first build it properly by following our [building instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#building). Once the project is correctly built, you will be able to run the tests by following the [testing instructions](https://github.com/Azure/azure-sdk-for-js/blob/main/CONTRIBUTING.md#testing).
|
||||
|
||||
You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use an [ARM template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.json) that already has all of the the necessary configurations.
|
||||
You can use existing Azure resources for the live tests, or generate new ones by using our [New-TestResources.ps1](https://github.com/Azure/azure-sdk-for-js/blob/main/eng/common/TestResources/New-TestResources.ps1) script, which will use a [Bicep template](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.bicep) that already has all of the the necessary configurations.
|
||||
|
||||
The Azure resources that are used by the tests in this project are:
|
||||
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
# support for setting CORS rules is added to ARM for Queues
|
||||
|
||||
# It is invoked by the https://github.com/Azure/azure-sdk-for-js/blob/main/eng/New-TestResources.ps1
|
||||
# script after the ARM template, defined in https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.json,
|
||||
# script after the Bicep template, defined in https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/storage/test-resources.bicep,
|
||||
# is finished being deployed. The ARM template is responsible for creating the Storage accounts needed for live tests.
|
||||
|
||||
param (
|
||||
|
|
|
|||
|
|
@ -0,0 +1,320 @@
|
|||
@minLength(4)
|
||||
param baseName string
|
||||
param testApplicationOid string
|
||||
param enableVersioning bool = false
|
||||
param storageEndpointSuffix string = environment().suffixes.storage
|
||||
param baseTime string = utcNow('u')
|
||||
|
||||
var storageApiVersion = '2023-01-01'
|
||||
var location = resourceGroup().location
|
||||
var accountName = baseName
|
||||
var datalakeAccountName = 'dl${baseName}'
|
||||
var datalakeSoftDeleteAccountName = 'dls${baseName}'
|
||||
var fullAccountName = 'f${baseName}'
|
||||
var premiumFileAccountName = 'pf${baseName}'
|
||||
var accountNameTidy = toLower(trim(accountName))
|
||||
var datalakeAccountNameTidy = toLower(trim(datalakeAccountName))
|
||||
var datalakeSoftDeleteAccountNameTidy = toLower(trim(datalakeSoftDeleteAccountName))
|
||||
var fullAccountNameTidy = toLower(trim(fullAccountName))
|
||||
var premiumFileAccountNameTidy = toLower(trim(premiumFileAccountName))
|
||||
var accountSasProperties = {
|
||||
signedServices: 'bfqt'
|
||||
signedPermission: 'rwdlacup'
|
||||
signedResourceTypes: 'sco'
|
||||
keyToSign: 'key2'
|
||||
signedExpiry: dateTimeAdd(baseTime, 'PT2H')
|
||||
}
|
||||
var blobDataContributorRoleId = 'ba92f5b4-2d11-453d-a403-e96b0029c9fe'
|
||||
var blobDataOwnerRoleId = 'b7e6dc6d-f1e8-4753-8033-0f276bb0955b'
|
||||
var fileDataPrivilegedContributorRoleId = '69566ab7-960f-475b-8e7c-b3118f30c6bd'
|
||||
var fileDataContributorRoleId = '0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb'
|
||||
var encryption = {
|
||||
services: {
|
||||
file: {
|
||||
enabled: true
|
||||
}
|
||||
blob: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
keySource: 'Microsoft.Storage'
|
||||
}
|
||||
var networkAcls = {
|
||||
bypass: 'AzureServices'
|
||||
virtualNetworkRules: []
|
||||
ipRules: []
|
||||
defaultAction: 'Allow'
|
||||
}
|
||||
|
||||
resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = {
|
||||
name: accountName
|
||||
location: location
|
||||
sku: {
|
||||
name: 'Standard_RAGRS'
|
||||
}
|
||||
kind: 'StorageV2'
|
||||
properties: {
|
||||
networkAcls: networkAcls
|
||||
supportsHttpsTrafficOnly: true
|
||||
encryption: encryption
|
||||
accessTier: 'Hot'
|
||||
minimumTlsVersion: 'TLS1_2'
|
||||
allowBlobPublicAccess: true
|
||||
}
|
||||
resource blobService 'blobServices@2023-05-01' = {
|
||||
name: 'default'
|
||||
properties: {
|
||||
isVersioningEnabled: enableVersioning
|
||||
cors: {
|
||||
corsRules: [
|
||||
{
|
||||
allowedOrigins: ['*']
|
||||
allowedMethods: ['DELETE', 'GET', 'HEAD', 'MERGE', 'POST', 'OPTIONS', 'PUT', 'PATCH']
|
||||
maxAgeInSeconds: 86400
|
||||
exposedHeaders: ['*']
|
||||
allowedHeaders: ['*']
|
||||
}
|
||||
]
|
||||
}
|
||||
lastAccessTimeTrackingPolicy: {
|
||||
enable: true
|
||||
name: 'AccessTimeTracking'
|
||||
trackingGranularityInDays: 1
|
||||
blobType: ['blockBlob']
|
||||
}
|
||||
}
|
||||
}
|
||||
resource fileService 'fileServices@2023-05-01' = {
|
||||
name: 'default'
|
||||
properties: {
|
||||
cors: {
|
||||
corsRules: [
|
||||
{
|
||||
allowedOrigins: ['*']
|
||||
allowedMethods: ['DELETE', 'GET', 'HEAD', 'MERGE', 'POST', 'OPTIONS', 'PUT']
|
||||
maxAgeInSeconds: 86400
|
||||
exposedHeaders: ['*']
|
||||
allowedHeaders: ['*']
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resource datalakeAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = {
|
||||
name: datalakeAccountName
|
||||
location: location
|
||||
sku: {
|
||||
name: 'Standard_RAGRS'
|
||||
}
|
||||
kind: 'StorageV2'
|
||||
properties: {
|
||||
isHnsEnabled: true
|
||||
networkAcls: networkAcls
|
||||
supportsHttpsTrafficOnly: true
|
||||
encryption: encryption
|
||||
accessTier: 'Hot'
|
||||
minimumTlsVersion: 'TLS1_2'
|
||||
allowBlobPublicAccess: true
|
||||
}
|
||||
}
|
||||
|
||||
resource datalakeSoftDeleteAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = {
|
||||
name: datalakeSoftDeleteAccountName
|
||||
location: location
|
||||
sku: {
|
||||
name: 'Standard_RAGRS'
|
||||
}
|
||||
kind: 'StorageV2'
|
||||
properties: {
|
||||
isHnsEnabled: true
|
||||
networkAcls: networkAcls
|
||||
supportsHttpsTrafficOnly: true
|
||||
encryption: encryption
|
||||
accessTier: 'Hot'
|
||||
minimumTlsVersion: 'TLS1_2'
|
||||
}
|
||||
resource blobService 'blobServices@2023-05-01' = {
|
||||
name: 'default'
|
||||
properties: {
|
||||
containerDeleteRetentionPolicy: {
|
||||
enabled: true
|
||||
days: 7
|
||||
}
|
||||
cors: {
|
||||
corsRules: [
|
||||
{
|
||||
allowedOrigins: ['*']
|
||||
allowedMethods: ['DELETE', 'GET', 'HEAD', 'MERGE', 'POST', 'OPTIONS', 'PUT', 'PATCH']
|
||||
maxAgeInSeconds: 86400
|
||||
exposedHeaders: ['*']
|
||||
allowedHeaders: ['*']
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resource fullStorageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = {
|
||||
name: fullAccountName
|
||||
location: location
|
||||
sku: {
|
||||
name: 'Standard_RAGRS'
|
||||
}
|
||||
kind: 'StorageV2'
|
||||
properties: {
|
||||
networkAcls: networkAcls
|
||||
supportsHttpsTrafficOnly: true
|
||||
encryption: encryption
|
||||
accessTier: 'Hot'
|
||||
minimumTlsVersion: 'TLS1_2'
|
||||
allowBlobPublicAccess: true
|
||||
}
|
||||
resource blobService 'blobServices@2023-05-01' = {
|
||||
name: 'default'
|
||||
properties: {
|
||||
restorePolicy: {
|
||||
enabled: true
|
||||
days: 6
|
||||
}
|
||||
deleteRetentionPolicy: {
|
||||
enabled: true
|
||||
days: 7
|
||||
}
|
||||
containerDeleteRetentionPolicy: {
|
||||
enabled: true
|
||||
days: 7
|
||||
}
|
||||
changeFeed: {
|
||||
enabled: true
|
||||
}
|
||||
isVersioningEnabled: true
|
||||
cors: {
|
||||
corsRules: [
|
||||
{
|
||||
allowedOrigins: ['*']
|
||||
allowedMethods: ['DELETE', 'GET', 'HEAD', 'MERGE', 'POST', 'OPTIONS', 'PUT', 'PATCH']
|
||||
maxAgeInSeconds: 86400
|
||||
exposedHeaders: ['*']
|
||||
allowedHeaders: ['*']
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
resource fileService 'fileServices@2023-05-01' = {
|
||||
name: 'default'
|
||||
properties: {
|
||||
shareDeleteRetentionPolicy: {
|
||||
enabled: true
|
||||
days: 7
|
||||
}
|
||||
cors: {
|
||||
corsRules: [
|
||||
{
|
||||
allowedOrigins: ['*']
|
||||
allowedMethods: ['DELETE', 'GET', 'HEAD', 'MERGE', 'POST', 'OPTIONS', 'PUT']
|
||||
maxAgeInSeconds: 86400
|
||||
exposedHeaders: ['*']
|
||||
allowedHeaders: ['*']
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resource premiumFileAccount 'Microsoft.Storage/storageAccounts@2023-05-01' = {
|
||||
name: premiumFileAccountName
|
||||
location: location
|
||||
sku: {
|
||||
name: 'Premium_LRS'
|
||||
}
|
||||
kind: 'FileStorage'
|
||||
properties: {
|
||||
networkAcls: networkAcls
|
||||
supportsHttpsTrafficOnly: true
|
||||
encryption: encryption
|
||||
accessTier: 'Hot'
|
||||
minimumTlsVersion: 'TLS1_2'
|
||||
}
|
||||
resource fileService 'fileServices@2023-05-01' = {
|
||||
name: 'default'
|
||||
properties: {
|
||||
cors: {
|
||||
corsRules: [
|
||||
{
|
||||
allowedOrigins: ['*']
|
||||
allowedMethods: ['DELETE', 'GET', 'HEAD', 'MERGE', 'POST', 'OPTIONS', 'PUT']
|
||||
maxAgeInSeconds: 86400
|
||||
exposedHeaders: ['*']
|
||||
allowedHeaders: ['*']
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resource blobDataContributorRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
|
||||
name: guid('blobDataContributorRoleId', accountName)
|
||||
properties: {
|
||||
roleDefinitionId: resourceId('Microsoft.Authorization/roleDefinitions', blobDataContributorRoleId)
|
||||
principalId: testApplicationOid
|
||||
}
|
||||
}
|
||||
|
||||
resource blobDataOwnerRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
|
||||
name: guid('blobDataOwnerRoleId', accountName)
|
||||
properties: {
|
||||
roleDefinitionId: resourceId('Microsoft.Authorization/roleDefinitions', blobDataOwnerRoleId)
|
||||
principalId: testApplicationOid
|
||||
}
|
||||
}
|
||||
|
||||
resource fileDataPrivilegedContributorRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
|
||||
name: guid('fileDataPrivilegedContributorRoleId', accountName)
|
||||
properties: {
|
||||
roleDefinitionId: resourceId('Microsoft.Authorization/roleDefinitions', fileDataPrivilegedContributorRoleId)
|
||||
principalId: testApplicationOid
|
||||
}
|
||||
}
|
||||
|
||||
resource fileDataContributorRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
|
||||
name: guid('fileDataContributorRoleId', accountName)
|
||||
properties: {
|
||||
roleDefinitionId: resourceId('Microsoft.Authorization/roleDefinitions', fileDataContributorRoleId)
|
||||
principalId: testApplicationOid
|
||||
}
|
||||
}
|
||||
|
||||
output ACCOUNT_NAME string = accountName
|
||||
output ACCOUNT_KEY string = listKeys(storageAccount.id, storageApiVersion).keys[0].value
|
||||
output ACCOUNT_SAS string = '?${listAccountSas(accountNameTidy, storageApiVersion, accountSasProperties).accountSasToken}'
|
||||
output STORAGE_CONNECTION_STRING string = 'DefaultEndpointsProtocol=https;AccountName=${accountName};AccountKey=${listKeys(storageAccount.id, storageApiVersion).keys[0].value};EndpointSuffix=${storageEndpointSuffix}'
|
||||
|
||||
output DFS_ACCOUNT_NAME string = datalakeAccountName
|
||||
output DFS_ACCOUNT_KEY string = listKeys(datalakeAccount.id, storageApiVersion).keys[0].value
|
||||
output DFS_ACCOUNT_SAS string = '?${listAccountSas(datalakeAccountNameTidy, storageApiVersion, accountSasProperties).accountSasToken}'
|
||||
output DFS_STORAGE_CONNECTION_STRING string = 'DefaultEndpointsProtocol=https;AccountName=${datalakeAccountName};AccountKey=${listKeys(datalakeAccount.id, storageApiVersion).keys[0].value};EndpointSuffix=${storageEndpointSuffix}'
|
||||
|
||||
output DFS_SOFT_DELETE_ACCOUNT_NAME string = datalakeSoftDeleteAccountName
|
||||
output DFS_SOFT_DELETE_ACCOUNT_KEY string = listKeys(datalakeSoftDeleteAccount.id, storageApiVersion).keys[0].value
|
||||
output DFS_SOFT_DELETE_ACCOUNT_SAS string = '?${listAccountSas(datalakeSoftDeleteAccountNameTidy, storageApiVersion, accountSasProperties).accountSasToken}'
|
||||
|
||||
output FULL_ACCOUNT_NAME string = fullAccountName
|
||||
output FULL_ACCOUNT_KEY string = listKeys(fullStorageAccount.id, storageApiVersion).keys[0].value
|
||||
output FULL_ACCOUNT_SAS string = '?${listAccountSas(fullAccountNameTidy, storageApiVersion, accountSasProperties).accountSasToken}'
|
||||
output FULL_STORAGE_CONNECTION_STRING string = 'DefaultEndpointsProtocol=https;AccountName=${fullAccountName};AccountKey=${listKeys(fullStorageAccount.id, storageApiVersion).keys[0].value};EndpointSuffix=${storageEndpointSuffix}'
|
||||
|
||||
output SOFT_DELETE_ACCOUNT_NAME string = fullAccountName
|
||||
output SOFT_DELETE_ACCOUNT_KEY string = listKeys(fullStorageAccount.id, storageApiVersion).keys[0].value
|
||||
output SOFT_DELETE_ACCOUNT_SAS string = '?${listAccountSas(fullAccountNameTidy, storageApiVersion, accountSasProperties).accountSasToken}'
|
||||
output SOFT_DELETE_STORAGE_CONNECTION_STRING string = 'DefaultEndpointsProtocol=https;AccountName=${fullAccountName};AccountKey=${listKeys(fullStorageAccount.id, storageApiVersion).keys[0].value};EndpointSuffix=${storageEndpointSuffix}'
|
||||
|
||||
output PREMIUM_FILE_ACCOUNT_NAME string = premiumFileAccountName
|
||||
output PREMIUM_FILE_ACCOUNT_KEY string = listKeys(premiumFileAccount.id, storageApiVersion).keys[0].value
|
||||
output PREMIUM_FILE_ACCOUNT_SAS string = '?${listAccountSas(premiumFileAccountNameTidy, storageApiVersion, accountSasProperties).accountSasToken}'
|
||||
output PREMIUM_FILE_STORAGE_CONNECTION_STRING string = 'DefaultEndpointsProtocol=https;AccountName=${premiumFileAccountName};AccountKey=${listKeys(premiumFileAccount.id, storageApiVersion).keys[0].value};EndpointSuffix=${storageEndpointSuffix}'
|
||||
|
|
@ -1,490 +0,0 @@
|
|||
{
|
||||
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
|
||||
"contentVersion": "1.0.0.0",
|
||||
"parameters": {
|
||||
"baseName": {
|
||||
"type": "string",
|
||||
"metadata": {
|
||||
"description": "The base resource name."
|
||||
}
|
||||
},
|
||||
"testApplicationOid": {
|
||||
"type": "string",
|
||||
"metadata": {
|
||||
"description": "The client OID to grant access to test resources."
|
||||
}
|
||||
},
|
||||
"enableVersioning": {
|
||||
"type": "bool",
|
||||
"defaultValue": false
|
||||
},
|
||||
"storageEndpointSuffix": {
|
||||
"type": "string",
|
||||
"defaultValue": "core.windows.net",
|
||||
"metadata": {
|
||||
"description": "Storage endpoint suffix. The default value uses Azure Public Cloud (core.windows.net)"
|
||||
}
|
||||
},
|
||||
"baseTime": {
|
||||
"type": "string",
|
||||
"defaultValue": "[utcNow('u')]"
|
||||
}
|
||||
},
|
||||
"variables": {
|
||||
"storageApiVersion": "2023-01-01",
|
||||
"location": "[resourceGroup().location]",
|
||||
"accountName": "[parameters('baseName')]",
|
||||
"datalakeAccountName": "[concat('dl', parameters('baseName'))]",
|
||||
"datalakeSoftDeleteAccountName": "[concat('dls', parameters('baseName'))]",
|
||||
"fullAccountName": "[concat('f', parameters('baseName'))]",
|
||||
"premiumFileAccountName": "[concat('pf', parameters('baseName'))]",
|
||||
"accountNameTidy": "[toLower(trim(variables('accountName')))]",
|
||||
"datalakeAccountNameTidy": "[toLower(trim(variables('datalakeAccountName')))]",
|
||||
"datalakeSoftDeleteAccountNameTidy": "[toLower(trim(variables('datalakeSoftDeleteAccountName')))]",
|
||||
"fullAccountNameTidy": "[toLower(trim(variables('fullAccountName')))]",
|
||||
"premiumFileAccountNameTidy": "[toLower(trim(variables('premiumFileAccountName')))]",
|
||||
"blobEndPoint": "[concat('https://',variables('accountNameTidy'),'.blob.', parameters('storageEndpointSuffix'))]",
|
||||
"accountSasProperties": {
|
||||
"signedServices": "bfqt",
|
||||
"signedPermission": "rwdlacup",
|
||||
"signedResourceTypes": "sco",
|
||||
"keyToSign": "key2",
|
||||
"signedExpiry": "[dateTimeAdd(parameters('baseTime'), 'PT2H')]"
|
||||
},
|
||||
"authorizationApiVersion": "2022-04-01",
|
||||
"blobDataContributorRoleId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe')]",
|
||||
"blobDataOwnerRoleId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/b7e6dc6d-f1e8-4753-8033-0f276bb0955b')]",
|
||||
"fileDataPrivilegedContributorRoleId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/69566ab7-960f-475b-8e7c-b3118f30c6bd')]",
|
||||
"fileDataContributorRoleId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb')]",
|
||||
"encryption": {
|
||||
"services": {
|
||||
"file": {
|
||||
"enabled": true
|
||||
},
|
||||
"blob": {
|
||||
"enabled": true
|
||||
}
|
||||
},
|
||||
"keySource": "Microsoft.Storage"
|
||||
},
|
||||
"networkAcls": {
|
||||
"bypass": "AzureServices",
|
||||
"virtualNetworkRules": [],
|
||||
"ipRules": [],
|
||||
"defaultAction": "Allow"
|
||||
}
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"type": "Microsoft.Authorization/roleAssignments",
|
||||
"apiVersion": "[variables('authorizationApiVersion')]",
|
||||
"name": "[guid(concat('blobDataContributorRoleId', variables('accountName')))]",
|
||||
"dependsOn": ["[variables('accountName')]"],
|
||||
"properties": {
|
||||
"roleDefinitionId": "[variables('blobDataContributorRoleId')]",
|
||||
"principalId": "[parameters('testApplicationOid')]"
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Authorization/roleAssignments",
|
||||
"apiVersion": "[variables('authorizationApiVersion')]",
|
||||
"name": "[guid(concat('blobDataOwnerRoleId', variables('accountName')))]",
|
||||
"dependsOn": ["[variables('accountName')]"],
|
||||
"properties": {
|
||||
"roleDefinitionId": "[variables('blobDataOwnerRoleId')]",
|
||||
"principalId": "[parameters('testApplicationOid')]"
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Authorization/roleAssignments",
|
||||
"apiVersion": "[variables('authorizationApiVersion')]",
|
||||
"name": "[guid(concat('fileDataPrivilegedContributorRoleId', variables('accountName')))]",
|
||||
"dependsOn": ["[variables('accountName')]"],
|
||||
"properties": {
|
||||
"roleDefinitionId": "[variables('fileDataPrivilegedContributorRoleId')]",
|
||||
"principalId": "[parameters('testApplicationOid')]"
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Authorization/roleAssignments",
|
||||
"apiVersion": "[variables('authorizationApiVersion')]",
|
||||
"name": "[guid(concat('fileDataContributorRoleId', variables('accountName')))]",
|
||||
"dependsOn": ["[variables('accountName')]"],
|
||||
"properties": {
|
||||
"roleDefinitionId": "[variables('fileDataContributorRoleId')]",
|
||||
"principalId": "[parameters('testApplicationOid')]"
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts",
|
||||
"apiVersion": "[variables('storageApiVersion')]",
|
||||
"name": "[variables('accountName')]",
|
||||
"location": "[variables('location')]",
|
||||
"sku": {
|
||||
"name": "Standard_RAGRS",
|
||||
"tier": "Standard"
|
||||
},
|
||||
"kind": "StorageV2",
|
||||
"properties": {
|
||||
"networkAcls": "[variables('networkAcls')]",
|
||||
"supportsHttpsTrafficOnly": true,
|
||||
"encryption": "[variables('encryption')]",
|
||||
"accessTier": "Hot",
|
||||
"minimumTlsVersion": "TLS1_2",
|
||||
"allowBlobPublicAccess": true
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"name": "default",
|
||||
"type": "blobServices",
|
||||
"apiVersion": "[variables('storageApiVersion')]",
|
||||
"dependsOn": ["[variables('accountName')]"],
|
||||
"properties": {
|
||||
"isVersioningEnabled": "[parameters('enableVersioning')]",
|
||||
"cors": {
|
||||
"corsRules": [
|
||||
{
|
||||
"allowedOrigins": ["*"],
|
||||
"allowedMethods": [
|
||||
"DELETE",
|
||||
"GET",
|
||||
"HEAD",
|
||||
"MERGE",
|
||||
"POST",
|
||||
"OPTIONS",
|
||||
"PUT",
|
||||
"PATCH"
|
||||
],
|
||||
"maxAgeInSeconds": 86400,
|
||||
"exposedHeaders": ["*"],
|
||||
"allowedHeaders": ["*"]
|
||||
}
|
||||
]
|
||||
},
|
||||
"lastAccessTimeTrackingPolicy": {
|
||||
"enable": true,
|
||||
"name": "AccessTimeTracking",
|
||||
"trackingGranularityInDays": 1,
|
||||
"blobType": ["blockBlob"]
|
||||
}
|
||||
},
|
||||
"resources": []
|
||||
},
|
||||
{
|
||||
"name": "default",
|
||||
"type": "fileServices",
|
||||
"apiVersion": "[variables('storageApiVersion')]",
|
||||
"dependsOn": ["[variables('accountName')]"],
|
||||
"properties": {
|
||||
"cors": {
|
||||
"corsRules": [
|
||||
{
|
||||
"allowedOrigins": ["*"],
|
||||
"allowedMethods": ["DELETE", "GET", "HEAD", "MERGE", "POST", "OPTIONS", "PUT"],
|
||||
"maxAgeInSeconds": 86400,
|
||||
"exposedHeaders": ["*"],
|
||||
"allowedHeaders": ["*"]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"resources": []
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts",
|
||||
"apiVersion": "[variables('storageApiVersion')]",
|
||||
"name": "[variables('datalakeAccountName')]",
|
||||
"location": "[variables('location')]",
|
||||
"sku": {
|
||||
"name": "Standard_RAGRS",
|
||||
"tier": "Standard"
|
||||
},
|
||||
"kind": "StorageV2",
|
||||
"properties": {
|
||||
"isHnsEnabled": true,
|
||||
"networkAcls": "[variables('networkAcls')]",
|
||||
"supportsHttpsTrafficOnly": true,
|
||||
"encryption": "[variables('encryption')]",
|
||||
"accessTier": "Hot",
|
||||
"minimumTlsVersion": "TLS1_2",
|
||||
"allowBlobPublicAccess": true
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts",
|
||||
"apiVersion": "[variables('storageApiVersion')]",
|
||||
"name": "[variables('datalakeSoftDeleteAccountName')]",
|
||||
"location": "[variables('location')]",
|
||||
"sku": {
|
||||
"name": "Standard_RAGRS",
|
||||
"tier": "Standard"
|
||||
},
|
||||
"kind": "StorageV2",
|
||||
"properties": {
|
||||
"isHnsEnabled": true,
|
||||
"networkAcls": "[variables('networkAcls')]",
|
||||
"supportsHttpsTrafficOnly": true,
|
||||
"encryption": "[variables('encryption')]",
|
||||
"accessTier": "Hot",
|
||||
"minimumTlsVersion": "TLS1_2"
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"name": "default",
|
||||
"type": "blobServices",
|
||||
"apiVersion": "[variables('storageApiVersion')]",
|
||||
"dependsOn": ["[variables('datalakeSoftDeleteAccountName')]"],
|
||||
"properties": {
|
||||
"containerDeleteRetentionPolicy": {
|
||||
"enabled": true,
|
||||
"days": 7
|
||||
},
|
||||
"cors": {
|
||||
"corsRules": [
|
||||
{
|
||||
"allowedOrigins": ["*"],
|
||||
"allowedMethods": [
|
||||
"DELETE",
|
||||
"GET",
|
||||
"HEAD",
|
||||
"MERGE",
|
||||
"POST",
|
||||
"OPTIONS",
|
||||
"PUT",
|
||||
"PATCH"
|
||||
],
|
||||
"maxAgeInSeconds": 86400,
|
||||
"exposedHeaders": ["*"],
|
||||
"allowedHeaders": ["*"]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts",
|
||||
"apiVersion": "[variables('storageApiVersion')]",
|
||||
"name": "[variables('fullAccountName')]",
|
||||
"location": "[variables('location')]",
|
||||
"sku": {
|
||||
"name": "Standard_RAGRS",
|
||||
"tier": "Standard"
|
||||
},
|
||||
"kind": "StorageV2",
|
||||
"properties": {
|
||||
"networkAcls": "[variables('networkAcls')]",
|
||||
"supportsHttpsTrafficOnly": true,
|
||||
"encryption": "[variables('encryption')]",
|
||||
"accessTier": "Hot",
|
||||
"minimumTlsVersion": "TLS1_2",
|
||||
"allowBlobPublicAccess": true
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"name": "default",
|
||||
"type": "blobServices",
|
||||
"apiVersion": "[variables('storageApiVersion')]",
|
||||
"properties": {
|
||||
"restorePolicy": {
|
||||
"enabled": true,
|
||||
"days": 6
|
||||
},
|
||||
"deleteRetentionPolicy": {
|
||||
"enabled": true,
|
||||
"days": 7
|
||||
},
|
||||
"containerDeleteRetentionPolicy": {
|
||||
"enabled": true,
|
||||
"days": 7
|
||||
},
|
||||
"changeFeed": {
|
||||
"enabled": true
|
||||
},
|
||||
"isVersioningEnabled": true,
|
||||
"cors": {
|
||||
"corsRules": [
|
||||
{
|
||||
"allowedOrigins": ["*"],
|
||||
"allowedMethods": [
|
||||
"DELETE",
|
||||
"GET",
|
||||
"HEAD",
|
||||
"MERGE",
|
||||
"POST",
|
||||
"OPTIONS",
|
||||
"PUT",
|
||||
"PATCH"
|
||||
],
|
||||
"maxAgeInSeconds": 86400,
|
||||
"exposedHeaders": ["*"],
|
||||
"allowedHeaders": ["*"]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"dependsOn": ["[variables('fullAccountName')]"]
|
||||
},
|
||||
{
|
||||
"name": "default",
|
||||
"type": "fileservices",
|
||||
"apiVersion": "[variables('storageApiVersion')]",
|
||||
"properties": {
|
||||
"shareDeleteRetentionPolicy": {
|
||||
"enabled": true,
|
||||
"days": 7
|
||||
},
|
||||
"cors": {
|
||||
"corsRules": [
|
||||
{
|
||||
"allowedOrigins": ["*"],
|
||||
"allowedMethods": ["DELETE", "GET", "HEAD", "MERGE", "POST", "OPTIONS", "PUT"],
|
||||
"maxAgeInSeconds": 86400,
|
||||
"exposedHeaders": ["*"],
|
||||
"allowedHeaders": ["*"]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"dependsOn": ["[variables('fullAccountName')]"]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts",
|
||||
"apiVersion": "[variables('storageApiVersion')]",
|
||||
"name": "[variables('premiumFileAccountName')]",
|
||||
"location": "[variables('location')]",
|
||||
"sku": {
|
||||
"name": "Premium_LRS",
|
||||
"tier": "Premium"
|
||||
},
|
||||
"kind": "FileStorage",
|
||||
"properties": {
|
||||
"networkAcls": "[variables('networkAcls')]",
|
||||
"supportsHttpsTrafficOnly": true,
|
||||
"encryption": "[variables('encryption')]",
|
||||
"accessTier": "Hot",
|
||||
"minimumTlsVersion": "TLS1_2"
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"name": "default",
|
||||
"type": "fileservices",
|
||||
"apiVersion": "[variables('storageApiVersion')]",
|
||||
"properties": {
|
||||
"cors": {
|
||||
"corsRules": [
|
||||
{
|
||||
"allowedOrigins": ["*"],
|
||||
"allowedMethods": ["DELETE", "GET", "HEAD", "MERGE", "POST", "OPTIONS", "PUT"],
|
||||
"maxAgeInSeconds": 86400,
|
||||
"exposedHeaders": ["*"],
|
||||
"allowedHeaders": ["*"]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"dependsOn": ["[variables('premiumFileAccountName')]"]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"outputs": {
|
||||
"ACCOUNT_NAME": {
|
||||
"type": "string",
|
||||
"value": "[variables('accountName')]"
|
||||
},
|
||||
"ACCOUNT_KEY": {
|
||||
"type": "string",
|
||||
"value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('accountName')), variables('storageApiVersion')).keys[0].value]"
|
||||
},
|
||||
"ACCOUNT_SAS": {
|
||||
"type": "string",
|
||||
"value": "[concat('?', listAccountSas(variables('accountNameTidy'), variables('storageApiVersion'), variables('accountSasProperties')).accountSasToken)]"
|
||||
},
|
||||
"STORAGE_CONNECTION_STRING": {
|
||||
"type": "string",
|
||||
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('accountName'), ';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('accountName')), variables('storageApiVersion')).keys[0].value, ';EndpointSuffix=', parameters('storageEndpointSuffix'))]"
|
||||
},
|
||||
"DFS_ACCOUNT_NAME": {
|
||||
"type": "string",
|
||||
"value": "[variables('dataLakeAccountName')]"
|
||||
},
|
||||
"DFS_ACCOUNT_KEY": {
|
||||
"type": "string",
|
||||
"value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('dataLakeAccountName')), variables('storageApiVersion')).keys[0].value]"
|
||||
},
|
||||
"DFS_ACCOUNT_SAS": {
|
||||
"type": "string",
|
||||
"value": "[concat('?', listAccountSas(variables('datalakeAccountNameTidy'), variables('storageApiVersion'), variables('accountSasProperties')).accountSasToken)]"
|
||||
},
|
||||
"DFS_STORAGE_CONNECTION_STRING": {
|
||||
"type": "string",
|
||||
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('dataLakeAccountName'), ';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('dataLakeAccountName')), variables('storageApiVersion')).keys[0].value, ';EndpointSuffix=', parameters('storageEndpointSuffix'))]"
|
||||
},
|
||||
"DFS_SOFT_DELETE_ACCOUNT_NAME": {
|
||||
"type": "string",
|
||||
"value": "[variables('datalakeSoftDeleteAccountName')]"
|
||||
},
|
||||
"DFS_SOFT_DELETE_ACCOUNT_KEY": {
|
||||
"type": "string",
|
||||
"value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('datalakeSoftDeleteAccountName')), variables('storageApiVersion')).keys[0].value]"
|
||||
},
|
||||
"DFS_SOFT_DELETE_ACCOUNT_SAS": {
|
||||
"type": "string",
|
||||
"value": "[concat('?', listAccountSas(variables('datalakeSoftDeleteAccountNameTidy'), variables('storageApiVersion'), variables('accountSasProperties')).accountSasToken)]"
|
||||
},
|
||||
"FULL_ACCOUNT_NAME": {
|
||||
"type": "string",
|
||||
"value": "[variables('fullAccountName')]"
|
||||
},
|
||||
"FULL_ACCOUNT_KEY": {
|
||||
"type": "string",
|
||||
"value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('fullAccountName')), variables('storageApiVersion')).keys[0].value]"
|
||||
},
|
||||
"FULL_ACCOUNT_SAS": {
|
||||
"type": "string",
|
||||
"value": "[concat('?', listAccountSas(variables('fullAccountNameTidy'), variables('storageApiVersion'), variables('accountSasProperties')).accountSasToken)]"
|
||||
},
|
||||
"FULL_STORAGE_CONNECTION_STRING": {
|
||||
"type": "string",
|
||||
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('fullAccountName'), ';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('fullAccountName')), variables('storageApiVersion')).keys[0].value, ';EndpointSuffix=', parameters('storageEndpointSuffix'))]"
|
||||
},
|
||||
"SOFT_DELETE_ACCOUNT_NAME": {
|
||||
"type": "string",
|
||||
"value": "[variables('fullAccountName')]"
|
||||
},
|
||||
"SOFT_DELETE_ACCOUNT_KEY": {
|
||||
"type": "string",
|
||||
"value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('fullAccountName')), variables('storageApiVersion')).keys[0].value]"
|
||||
},
|
||||
"SOFT_DELETE_ACCOUNT_SAS": {
|
||||
"type": "string",
|
||||
"value": "[concat('?', listAccountSas(variables('fullAccountNameTidy'), variables('storageApiVersion'), variables('accountSasProperties')).accountSasToken)]"
|
||||
},
|
||||
"SOFT_DELETE_STORAGE_CONNECTION_STRING": {
|
||||
"type": "string",
|
||||
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('fullAccountName'), ';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('fullAccountName')), variables('storageApiVersion')).keys[0].value, ';EndpointSuffix=', parameters('storageEndpointSuffix'))]"
|
||||
},
|
||||
"PREMIUM_FILE_ACCOUNT_NAME": {
|
||||
"type": "string",
|
||||
"value": "[variables('fullAccountName')]"
|
||||
},
|
||||
"PREMIUM_FILE_ACCOUNT_KEY": {
|
||||
"type": "string",
|
||||
"value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('fullAccountName')), variables('storageApiVersion')).keys[0].value]"
|
||||
},
|
||||
"PREMIUM_FILE_ACCOUNT_SAS": {
|
||||
"type": "string",
|
||||
"value": "[concat('?', listAccountSas(variables('fullAccountNameTidy'), variables('storageApiVersion'), variables('accountSasProperties')).accountSasToken)]"
|
||||
},
|
||||
"PREMIUM_FILE_STORAGE_CONNECTION_STRING": {
|
||||
"type": "string",
|
||||
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('fullAccountName'), ';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('fullAccountName')), variables('storageApiVersion')).keys[0].value, ';EndpointSuffix=', parameters('storageEndpointSuffix'))]"
|
||||
}
|
||||
}
|
||||
}
|
||||
Загрузка…
Ссылка в новой задаче