Azure Storage Access Policy
This page shows how to write Terraform for Storage Access Policy and write them securely.
azurerm_hpc_cache_access_policy (Terraform)
The Access Policy in Storage can be configured in Terraform with the resource name azurerm_hpc_cache_access_policy
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
hpc_cache_id
required - string -
id
optional computed - string -
name
required - string -
access_rule
set block-
access
required - string -
anonymous_gid
optional - number -
anonymous_uid
optional - number -
filter
optional - string -
root_squash_enabled
optional - bool -
scope
required - string -
submount_access_enabled
optional - bool -
suid_enabled
optional - bool
-
-
timeouts
single block
Explanation in Terraform Registry
Manages a HPC Cache Access Policy.
Tips: Best Practices for The Other Azure Storage Resources
In addition to the azurerm_storage_account, Azure Storage has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
azurerm_storage_account
Ensure to use HTTPS connections
It is better to use HTTPS instead of HTTP, which could be vulnerable to person-in-the-middle attacks.
azurerm_storage_account_network_rules
Ensure to allow Trusted Microsoft Services to bypass
It is better to allow Trusted Microsoft Services to bypass. They are not able to access storage account unless rules are set to allow them explicitly.
Azure Resource Manager Example
Azure Resource Manager code does not have the related resource.