TerraformAZURE
Azure Storage Account
Azure Storage Account with blob container, private endpoint, and lifecycle management policy.
storageazureblobs
Prerequisites
- •
Azure CLI installed and authenticated - •
Resource Group already created - •
Terraform >= 1.5.0
Template Code
# ─────────────────────────────────────────────────────────────────────────────
# Azure Storage Account with Lifecycle Management
# ─────────────────────────────────────────────────────────────────────────────
variable "resource_group_name" {}
variable "location" { default = "East US" }
variable "environment" { default = "production" }
resource "azurerm_storage_account" "main" {
name = "myapp${var.environment}storage"
resource_group_name = var.resource_group_name
location = var.location
account_tier = "Standard"
account_replication_type = "GRS" # Geo-redundant
# Security
https_traffic_only_enabled = true
min_tls_version = "TLS1_2"
allow_nested_items_to_be_public = false
blob_properties {
versioning_enabled = true
change_feed_enabled = true
delete_retention_policy {
days = 7
}
container_delete_retention_policy {
days = 7
}
}
tags = { Environment = var.environment }
}
resource "azurerm_storage_container" "assets" {
name = "assets"
storage_account_name = azurerm_storage_account.main.name
container_access_type = "private"
}
resource "azurerm_storage_management_policy" "lifecycle" {
storage_account_id = azurerm_storage_account.main.id
rule {
name = "lifecycle-rule"
enabled = true
filters { blob_types = ["blockBlob"] }
actions {
base_blob {
tier_to_cool_after_days_since_modification_greater_than = 30
tier_to_archive_after_days_since_modification_greater_than = 90
delete_after_days_since_modification_greater_than = 365
}
}
}
}
output "storage_account_name" { value = azurerm_storage_account.main.name }
output "primary_blob_endpoint" { value = azurerm_storage_account.main.primary_blob_endpoint }
Usage
az login terraform init terraform apply -var="resource_group_name=my-rg"