feat: configure default Storage blob endpoint (#153)

* feat: configure default Storage blob endpoint Simplify Storage configuration by setting a default blob endpoint. * chore: update examples
equinor · Aug 30, 2024 · 0f162ef · 0f162ef
1 parent ec95366
commit 0f162ef
Show file tree

Hide file tree

Showing 6 changed files with 9 additions and 5 deletions.
diff --git a/examples/basic/main.tf b/examples/basic/main.tf
@@ -36,7 +36,6 @@ module "sql" {
   location                   = var.location
   log_analytics_workspace_id = module.log_analytics.workspace_id
   storage_account_id         = module.storage.account_id
-  storage_blob_endpoint      = module.storage.blob_endpoint
 
   azuread_administrator_login_username = "azureadadminlogin"
   azuread_administrator_object_id      = data.azurerm_client_config.current.object_id

diff --git a/examples/complete/main.tf b/examples/complete/main.tf
@@ -42,7 +42,6 @@ module "sql" {
   location                   = var.location
   log_analytics_workspace_id = module.log_analytics.workspace_id
   storage_account_id         = module.storage.account_id
-  storage_blob_endpoint      = module.storage.blob_endpoint
 
   azuread_administrator_login_username = "azureadadminlogin"
   azuread_administrator_object_id      = data.azurerm_client_config.current.object_id

diff --git a/locals.tf b/locals.tf
@@ -0,0 +1,4 @@
+locals {
+  storage_account_name  = provider::azurerm::parse_resource_id(var.storage_account_id).resource_name
+  storage_blob_endpoint = "https://${local.storage_account_name}.blob.core.windows.net/"
+}
diff --git a/main.tf b/main.tf
@@ -124,7 +124,7 @@ resource "azurerm_role_assignment" "this" {
 
 resource "azurerm_mssql_server_vulnerability_assessment" "this" {
   server_security_alert_policy_id = azurerm_mssql_server_security_alert_policy.this.id
-  storage_container_path          = "${var.storage_blob_endpoint}${var.storage_container_name}/"
+  storage_container_path          = "${coalesce(var.storage_blob_endpoint, local.storage_blob_endpoint)}${var.storage_container_name}/"
 
   recurring_scans {
     enabled                   = var.vulnerability_assessment_recurring_scans_enabled

diff --git a/variables.tf b/variables.tf
@@ -26,6 +26,8 @@ variable "storage_account_id" {
 variable "storage_blob_endpoint" {
   description = "The blob endpoint of the Storage account to use for SQL vulnerability assessment."
   type        = string
+  nullable    = true
+  default     = null
 }
 
 variable "storage_container_name" {

diff --git a/versions.tf b/versions.tf
@@ -1,10 +1,10 @@
 terraform {
-  required_version = ">= 1.3.0"
+  required_version = ">= 1.8.0"
 
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 3.4.0"
+      version = ">= 4.0.0"
     }
 
     random = {