-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
storage
- back-port storage data plane workarounds
#27819
storage
- back-port storage data plane workarounds
#27819
Conversation
internal/services/storage/storage_account_queue_properties_data_plane_resource_test.go
Outdated
Show resolved
Hide resolved
internal/services/storage/storage_account_queue_properties_data_plane_resource_test.go
Outdated
Show resolved
Hide resolved
internal/services/storage/storage_account_queue_properties_data_plane_resource_test.go
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @jackofallops LGTM 🦇
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
Community Note
Description
This PR back-ports work for
azurerm_storage_account
Data Plane access for Data Plane restricted agents from thev4.9.0
release to 3.x line of the provider. This will be a unique, one-time release of the v3 provider to allow users that cannot access Data Plane endpoints without Private Endpoints (and don't want the additional costs of setting them up when the features are not required in their environment) a viable upgrade path tov4
by permitting them to remove other "external" workarounds outside of the AzureRM provider, and have a minimal configuration change migration for this key resource. Users following this path must move fromv3.117.0
directly tov4.9.0
to maintain compatibility with these changes.Also back-ported is the
data_plane_available
Provider Feature flag. This allows the provider to be globally configured to not use the data plane APIs at all forazurerm_storage_account
. The caveats are that the availability guarantees for the Data endpoints being ready are not available, and thequeue_properties
andstatic_website
blocks become incompatible configuration, and will error onplan
andapply
. To allow these blocks to still be configured, 2 new sub-resources are added that allow users to configure these items post-creation of the account, and if necessary, after the creation of Private Endpoints. See below for example usage of the flag:PR Checklist
For example: “
resource_name_here
- description of change e.g. adding propertynew_property_name_here
”Changes to existing Resource / Data Source
Testing
Change Log
Below please provide what should go into the changelog (if anything) conforming to the Changelog Format documented here.
azurerm_storage_account
- can now be created and managed if Data Plane endpoints are blocked by a firewallazurerm_storage_account_queue_properties
azurerm_storage_account_static_website
data_plane_available
feature flagThis is a (please select all that apply):
Depends on #27818